/register vollständig

main.go

@@ -8,9 +8,8 @@ import (
   "git.mmnx.de/Moe/databaseutils"
   "git.mmnx.de/Moe/configutils"
   "git.mmnx.de/Moe/templatehelpers"
-  "golang.org/x/crypto/bcrypt"
+
   // "errors"
-  "strconv"
 )
 
 type pageUserParams struct { // TODO outsource
@@ -58,7 +57,7 @@ func main() {
   iris.Static("/static", "./static/static", 1)
 
   iris.Post("/login", loginHandler) // login form handler
-  iris.Post("/register", registerHandler, usermanager.LogoutHandler) // handles registration, logs user out
+  iris.Post("/register", usermanager.CanBeAuthedHandler, usermanager.RegisterHandler, usermanager.LogoutHandler) // handles registration, logs user out
   iris.Post("/account", usermanager.AuthHandler, accountUpdateHandler, usermanager.LogoutHandler) // account management
   iris.Post("/admin", usermanager.AuthHandler, usermanager.AdminHandler, adminPostHandler) // admin panel
 
@@ -90,84 +89,6 @@ func loginHandler(ctx *iris.Context) {
   }
 }
 
-func registerHandler(ctx *iris.Context) { // TODO outsource
-  token := ctx.FormValueString("token") // POST values from login form
-  username := ctx.FormValueString("username")
-  password := ctx.FormValueString("password")
-
-  user := usermanager.User{} // new user
-  tokenUserID, err := usermanager.SearchUserByTokenInDB(token) // user, we're going to change
-  if err != nil {
-    templatehelpers.ShowError(err.Error(), ctx, "register")
-    return
-  }
-  tokenUserIDStr := strconv.FormatInt(int64(tokenUserID), 10)
-  if err != nil {
-    templatehelpers.ShowError(err.Error(), ctx, "register")
-    return
-  }
-  tokenUser, err := usermanager.GetUserFromDB(tokenUserIDStr)
-  if err != nil {
-    templatehelpers.ShowError(err.Error(), ctx, "register")
-    return
-  }
-
-  unusedTokens := usermanager.GetTokens(false) // get all unused tokens
-  usedTokens := usermanager.GetTokens(true) // get all used tokens
-  unusedToken := usermanager.IsTokenUsed(unusedTokens, token)
-  usedToken := usermanager.IsTokenUsed(usedTokens, token)
-
-  if !unusedToken && !usedToken { // token doesnt exist
-    templatehelpers.ShowError(usermanager.ERR_INVALID_TOKEN, ctx, "register")
-  }
-
-  userID := usermanager.SearchUserByUsernameInDB(username) // check if a user with that name already exists
-  if userID != -1 {
-    tokenUserIDInt, err := strconv.Atoi(tokenUser.ID) // convert userID to int ...
-    if err != nil {
-      templatehelpers.ShowError(err.Error(), ctx, "register")
-      return
-    }
-    if userID != tokenUserIDInt { // tries to steal another users identity
-      templatehelpers.ShowError(usermanager.ERR_USERNAME_TAKEN, ctx, "register")
-      return
-    } // if it's his own name, that's "taken" he can change
-  }
-
-  if unusedToken {
-    passwordBin, _ := bcrypt.GenerateFromPassword([]byte(password), 15) // hash password
-
-    err := usermanager.RegisterUserWithToken(username, string(passwordBin), token) // register user
-    if err != nil {
-      templatehelpers.ShowError(err.Error(), ctx, "register")
-      return
-    }
-
-    tokenString, err := user.Login(username, password) // try to login
-
-    if err != nil {
-      templatehelpers.ShowError(err.Error(), ctx, "login")
-    } else {
-      ctx.SetCookieKV("token", tokenString)
-      templatehelpers.ShowNotification("registration successfull", ctx, "home")
-    }
-
-  } else {
-
-    if err := usermanager.UserUpdateProcessor(username, password, tokenUserIDStr); err != nil {
-      templatehelpers.ShowError(err.Error(), ctx, "register")
-      return
-    } else {
-      tokenString, err := user.Login(username, password) // try to login with new data
-      if err != nil {
-        templatehelpers.ShowError(err.Error(), ctx, "login")
-      }
-      ctx.SetCookieKV("token", tokenString)
-      templatehelpers.ShowNotification("reset successfull", ctx, "home")
-    }
-  }
-}
-
 func accountUpdateHandler(ctx *iris.Context) {
   username := ctx.FormValueString("username") // POST values
   password := ctx.FormValueString("password")