closes #53
This commit is contained in:
parent
beeb42be56
commit
0d4b8917d1
96
users.go
96
users.go
@ -204,6 +204,102 @@ func usersEndpints(db *sql.DB, handle *Handle) {
|
||||
return nil
|
||||
})
|
||||
|
||||
handle.Get("/user/info", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
|
||||
if !CheckAuthLevel(1, w, r, c) {
|
||||
return nil
|
||||
}
|
||||
if c.Mode == JSON {
|
||||
return c.Error500(nil)
|
||||
}
|
||||
|
||||
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
|
||||
"Email": c.User.Email,
|
||||
}))
|
||||
return nil
|
||||
})
|
||||
|
||||
handle.Post("/user/info/email", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
|
||||
if !CheckAuthLevel(1, w, r, c) {
|
||||
return nil
|
||||
}
|
||||
if c.Mode == JSON {
|
||||
return c.Error500(nil)
|
||||
}
|
||||
|
||||
r.ParseForm()
|
||||
|
||||
if CheckEmpty(r.Form, "email") {
|
||||
return c.Error400(nil, "Email Not provided", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
|
||||
"Email": c.User.Email,
|
||||
}))
|
||||
}
|
||||
|
||||
c.Logger.Warn("test", "email", r.Form.Get("email"))
|
||||
|
||||
_, err := c.Db.Exec("update users set email=$1 where id=$2", r.Form.Get("email"), c.User.Id)
|
||||
if err != nil {
|
||||
return c.Error500(err)
|
||||
}
|
||||
|
||||
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
|
||||
"Email": r.Form.Get("email"),
|
||||
}))
|
||||
return nil
|
||||
})
|
||||
|
||||
handle.Post("/user/info/password", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
|
||||
if !CheckAuthLevel(1, w, r, c) {
|
||||
return nil
|
||||
}
|
||||
if c.Mode == JSON {
|
||||
return c.Error500(nil)
|
||||
}
|
||||
|
||||
r.ParseForm()
|
||||
f := r.Form
|
||||
|
||||
if CheckEmpty(f, "old_password") || CheckEmpty(f, "password") || CheckEmpty(f, "password2") {
|
||||
return c.Error400(nil, "OldPassword, Password or Password2 not provided!", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
|
||||
"Email": c.User.Email,
|
||||
"NoUserOrPassword": true,
|
||||
}))
|
||||
}
|
||||
|
||||
password := f.Get("password")
|
||||
password2 := f.Get("password2")
|
||||
|
||||
if password != password2 {
|
||||
return c.Error400(nil, "New passwords did not match", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
|
||||
"Email": c.User.Email,
|
||||
"PasswordNotTheSame": true,
|
||||
}))
|
||||
}
|
||||
|
||||
_, login := generateToken(db, c.User.Email, f.Get("old_password"))
|
||||
if !login {
|
||||
return c.Error400(nil, "Password was incorrect", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
|
||||
"Email": c.User.Email,
|
||||
"NoUserOrPassword": true,
|
||||
}))
|
||||
}
|
||||
|
||||
salt := generateSalt()
|
||||
hash_password, err := hashPassword(password, salt)
|
||||
if err != nil {
|
||||
return c.Error500(err)
|
||||
}
|
||||
|
||||
_, err = db.Exec("update users set salt=$1, password=$2 where id=$3", salt, hash_password, c.User.Id)
|
||||
if err != nil {
|
||||
return c.Error500(err)
|
||||
}
|
||||
|
||||
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
|
||||
"email": c.User.Email,
|
||||
}))
|
||||
return nil
|
||||
})
|
||||
|
||||
handle.Get("/logout", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
|
||||
if c.Mode == JSON {
|
||||
panic("TODO handle json")
|
||||
|
@ -15,6 +15,9 @@
|
||||
<li class="expand"></li>
|
||||
{{ if .Context.User }}
|
||||
<li>
|
||||
<a hx-get="/user/info" hx-headers='{"REQUEST-TYPE": "htmlfull"}' hx-push-url="true" hx-swap="outerHTML" hx-target=".app">
|
||||
User Info
|
||||
</a>
|
||||
<a hx-get="/logout" hx-headers='{"REQUEST-TYPE": "htmlfull"}' hx-push-url="true" hx-swap="outerHTML" hx-target=".app">
|
||||
Logout
|
||||
</a>
|
||||
|
50
views/users/edit.html
Normal file
50
views/users/edit.html
Normal file
@ -0,0 +1,50 @@
|
||||
{{ define "title" }}
|
||||
User Info
|
||||
{{ end }}
|
||||
|
||||
{{define "mainbody"}}
|
||||
<div class="login-page">
|
||||
<div>
|
||||
<h1>
|
||||
User Infomation
|
||||
</h1>
|
||||
<form method="post" action="/user/info/email" {{if .Submited}}class="submitted"{{end}} >
|
||||
<fieldset>
|
||||
<label for="email">Email</label>
|
||||
<input type="email" required name="email" {{if .Email}} value="{{.Email}}" {{end}} />
|
||||
</fieldset>
|
||||
<button>
|
||||
Update
|
||||
</button>
|
||||
</form>
|
||||
<form method="post" action="/user/info/password" {{if .Submited}}class="submitted"{{end}} >
|
||||
<fieldset>
|
||||
<label for="old_password">Old Password</label>
|
||||
<input required name="old_password" type="password" />
|
||||
{{if .NoUserOrPassword}}
|
||||
<span class="form-msg error">
|
||||
Either the password is incorrect
|
||||
</span>
|
||||
{{end}}
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<label for="password">New Password</label>
|
||||
<input required name="password" type="password" />
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<label for="password2">Repeat New Password</label>
|
||||
<input required name="password2" type="password" />
|
||||
{{if .PasswordNotTheSame}}
|
||||
<span class="form-msg error">
|
||||
Either the passwords are not the same
|
||||
</span>
|
||||
{{end}}
|
||||
</fieldset>
|
||||
<button>
|
||||
Update
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
|
Loading…
Reference in New Issue
Block a user