|
|
@@ -200,23 +200,37 @@ func AuthHandler(ctx *iris.Context) {
|
|
|
tokenString := ctx.GetCookie("token")
|
|
|
isAuthed, userID, err := VerifyUserLoggedIn(tokenString)
|
|
|
|
|
|
- ctx.Set("userID", userID) // save userID for in-context use
|
|
|
-
|
|
|
if err != nil {
|
|
|
// fmt.Println("Auth error: ", err.Error())
|
|
|
}
|
|
|
|
|
|
-
|
|
|
if isAuthed {
|
|
|
+ ctx.Set("userID", userID) // save userID for in-context use
|
|
|
ctx.Next() // successfully authed, next handler
|
|
|
} else {
|
|
|
if err := ctx.Render("login_box.html", PageUserParams{"1", err.Error(), "login", "", "0", []string{}}); err != nil {
|
|
|
- println(err.Error())
|
|
|
+ //println(err.Error()) // TODO log this somewhere
|
|
|
} // failed to auth
|
|
|
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+func CanBeAuthedHandler(ctx *iris.Context) {
|
|
|
+ tokenString := ctx.GetCookie("token")
|
|
|
+ isAuthed, userID, err := VerifyUserLoggedIn(tokenString)
|
|
|
+
|
|
|
+ if isAuthed {
|
|
|
+ ctx.Set("userID", userID) // save userID for in-context use
|
|
|
+ } else if err != nil {
|
|
|
+ if !((err.Error() != "ERR_SESSION_TIMED_OUT") || (err.Error() != "ERR_INVALID_TOKEN")) { // ignore ERR_SESSION_TIMED_OUT and ERR_INVALID_TOKEN
|
|
|
+ templatehelpers.ShowError(err.Error(), ctx, "register")
|
|
|
+ return
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ ctx.Next() // authed users can now use their accounts, next handler
|
|
|
+}
|
|
|
+
|
|
|
func AdminHandler(ctx *iris.Context) {
|
|
|
userID := ctx.GetString("userID")
|
|
|
user, err := GetUser(userID)
|
|
|
@@ -413,4 +427,59 @@ func IsTokenUsed(tokens []string, token string) bool {
|
|
|
}
|
|
|
}
|
|
|
return usedToken
|
|
|
+}
|
|
|
+
|
|
|
+func RegisterHandler(ctx *iris.Context) {
|
|
|
+ token := ctx.FormValueString("token") // POST values from login form
|
|
|
+ username := ctx.FormValueString("username")
|
|
|
+ password := ctx.FormValueString("password")
|
|
|
+
|
|
|
+ unusedTokens := GetTokens(false) // get all unused tokens
|
|
|
+ usedTokens := GetTokens(true) // get all used tokens
|
|
|
+ unusedToken := IsTokenUsed(unusedTokens, token) // check if token is unused
|
|
|
+ usedToken := IsTokenUsed(usedTokens, token) // check if token is used
|
|
|
+
|
|
|
+ if !unusedToken && !usedToken { // token doesnt exist
|
|
|
+ templatehelpers.ShowError(ERR_INVALID_TOKEN, ctx, "register")
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ tokenUserID, err := SearchUserByTokenInDB(token)
|
|
|
+ if err != nil { // id of user, we're going to change if exists
|
|
|
+ if err.Error() != "ERR_EMPTY_RESULT" { // if no user found for that token let them register
|
|
|
+ templatehelpers.ShowError(err.Error(), ctx, "register")
|
|
|
+ return
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ tokenUserIDStr := strconv.FormatInt(int64(tokenUserID), 10)
|
|
|
+ user := User{} // new user
|
|
|
+
|
|
|
+ if tokenUserIDStr == "-1" { // register a new account
|
|
|
+ passwordBin, _ := bcrypt.GenerateFromPassword([]byte(password), 15) // hash password
|
|
|
+
|
|
|
+ err := RegisterUserWithToken(username, string(passwordBin), token) // register user
|
|
|
+ if err != nil {
|
|
|
+ templatehelpers.ShowError(err.Error(), ctx, "register")
|
|
|
+ return
|
|
|
+ }
|
|
|
+
|
|
|
+ tokenString, err := user.Login(username, password) // try to login
|
|
|
+
|
|
|
+ if err != nil {
|
|
|
+ templatehelpers.ShowError(err.Error(), ctx, "login")
|
|
|
+ } else {
|
|
|
+ ctx.SetCookieKV("token", tokenString) // set tokenString as cookie
|
|
|
+ templatehelpers.ShowNotification("registration successfull", ctx, "home")
|
|
|
+ }
|
|
|
+
|
|
|
+ } else { // used token -> update
|
|
|
+ if err := UserUpdateProcessor(username, password, tokenUserIDStr); err != nil { // simply try to update
|
|
|
+ templatehelpers.ShowError(err.Error(), ctx, "register")
|
|
|
+ return
|
|
|
+ } else {
|
|
|
+ user.Logout(tokenUserIDStr) // log user out from system
|
|
|
+ templatehelpers.ShowNotification("reset successfull", ctx, "login")
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
