|
|
@@ -36,7 +36,7 @@ type PageParams struct{
|
|
|
Error string
|
|
|
ReqDir string
|
|
|
Admin string
|
|
|
- } // {Error: ""} // TODO: OUTSOURCE : is outsourced here now
|
|
|
+ }
|
|
|
|
|
|
type PageUserParams struct{
|
|
|
HasError string
|
|
|
@@ -45,7 +45,7 @@ type PageUserParams struct{
|
|
|
Username string
|
|
|
Email string
|
|
|
Admin string
|
|
|
- } // {Error: ""}
|
|
|
+ }
|
|
|
|
|
|
type PageUserParamsMessage struct{
|
|
|
HasError string
|
|
|
@@ -55,7 +55,7 @@ type PageUserParamsMessage struct{
|
|
|
Email string
|
|
|
Admin string
|
|
|
Message string
|
|
|
- } // {Error: ""}
|
|
|
+ }
|
|
|
|
|
|
func (user *User) Login(username string, password string) (string, error) {
|
|
|
hmacSampleSecret := []byte(configutils.Conf.CryptoKey) // crypto key for JWT encryption
|
|
|
@@ -177,41 +177,56 @@ func AuthHandler(ctx *iris.Context) {
|
|
|
if isAuthed {
|
|
|
ctx.Next() // successfully authed, next handler
|
|
|
} else {
|
|
|
- if err := ctx.Render("login.html", PageParams{"1", err.Error(), "login", "0"}); err != nil {
|
|
|
+ if err := ctx.Render("login_box.html", PageParams{"1", err.Error(), "login", "0"}); err != nil {
|
|
|
println(err.Error())
|
|
|
} // failed to auth
|
|
|
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+func AdminHandler(ctx *iris.Context) {
|
|
|
+ userID := ctx.GetString("userID")
|
|
|
+ user, err := GetUser(userID)
|
|
|
+
|
|
|
+ if user.Admin != "1" { // check if user is admin
|
|
|
+ err = errors.New("User no Admin: " + userID)
|
|
|
+ fmt.Println(err.Error())
|
|
|
+ ctx.Redirect("/")
|
|
|
+ return
|
|
|
+ } else {
|
|
|
+ ctx.Next()
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
func GenerateTokens(numTokens int) []string {
|
|
|
const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
|
|
tokens := make([]string, 0)
|
|
|
dbTokens := make([][]string, 0)
|
|
|
|
|
|
for i := 0; i < numTokens; i++ {
|
|
|
- b := make([]byte, 16) // 16 char long tokens
|
|
|
+ b := make([]byte, 16)
|
|
|
for i := range b {
|
|
|
b[i] = letterBytes[rand.Intn(len(letterBytes))]
|
|
|
}
|
|
|
tokens = append(tokens, string(b))
|
|
|
- //dbTokens = append(dbTokens, []string{string(b), "0"})
|
|
|
dbTokens = [][]string{[]string{"value", string(b)}, []string{"used", "0"}}
|
|
|
err := databaseutils.DBUtil.InsertRow("tokens", dbTokens)
|
|
|
if err != nil {
|
|
|
fmt.Println(err.Error())
|
|
|
return []string{""}
|
|
|
}
|
|
|
- // dbTokens[i] :=
|
|
|
}
|
|
|
|
|
|
- // err := databaseutils.DBUtil.InsertRow("tokens", dbTokens)
|
|
|
+ return tokens
|
|
|
+}
|
|
|
|
|
|
- /*if err != nil {
|
|
|
- fmt.Println(err.Error())
|
|
|
- return []string{""}
|
|
|
- }*/
|
|
|
+func GetUser(userID string) (User, error) {
|
|
|
+ usersArrayID := SearchUser(userID)
|
|
|
|
|
|
- return tokens
|
|
|
+ if usersArrayID == -1 { // TODO check if unneccessary (AuthHandler) (Ddepends on where used: TODO CHECK)
|
|
|
+ return User{}, errors.New("User not logged in")
|
|
|
+ }
|
|
|
|
|
|
+ user := (*Users)[usersArrayID] // user must be logged in to do this -> get from users list
|
|
|
+ return user, nil
|
|
|
}
|
