sylv/fyp
1
0
Fork 0
Code Issues 29 Pull Requests Packages Projects 1 Releases Wiki Activity

feat: removed non svelte front page

Browse Source
This commit is contained in:
Andre Henriques
2024-03-09 10:52:08 +00:00
parent 0d37ba8d59
commit 274d7d22aa
32 changed files with 614 additions and 3695 deletions
Download Patch File Download Diff File Expand all files Collapse all files

439
users.go
View File

@@ -6,7 +6,6 @@ import (
"encoding/hex"
"io"
"net/http"
"time"
"golang.org/x/crypto/bcrypt"
@@ -76,187 +75,68 @@ func generateToken(db *sql.DB, email string, password string) (string, bool) {
}
func usersEndpints(db *sql.DB, handle *Handle) {
handle.GetHTML("/login", AnswerTemplate("login.html", nil, 0))
handle.Post("/login", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if c.Mode == JSON {
type UserLogin struct {
Email string `json:"email"`
Password string `json:"password"`
}
var dat UserLogin
if err := c.ToJSON(r, &dat); err != nil {
return err
}
// TODO Give this to the generateToken function
token, login := generateToken(db, dat.Email, dat.Password)
if !login {
return c.SendJSONStatus(http.StatusUnauthorized, "Email or password are incorrect")
}
user, err := dbtypes.UserFromToken(c.Db, token)
if err != nil {
return c.Error500(err)
}
type UserReturn struct {
Token string `json:"token"`
Id string `json:"id"`
UserType int `json:"user_type"`
Username string `json:"username"`
Email string `json:"email"`
}
userReturn := UserReturn{
Token: token,
Id: user.Id,
UserType: user.UserType,
Username: user.Username,
Email: user.Email,
}
return c.SendJSON(userReturn)
handle.Post("/login", func(c *Context) *Error {
type UserLogin struct {
Email string `json:"email"`
Password string `json:"password"`
}
r.ParseForm()
f := r.Form
var dat UserLogin
if CheckEmpty(f, "email") || CheckEmpty(f, "password") {
LoadBasedOnAnswer(c.Mode, w, "login.html", c.AddMap(AnyMap{
"Submited": true,
}))
return nil
if err := c.ToJSON(&dat); err != nil {
return err
}
email := f.Get("email")
password := f.Get("password")
// TODO Give this to the generateToken function
expiration := time.Now().Add(24 * time.Hour)
token, login := generateToken(db, email, password)
token, login := generateToken(db, dat.Email, dat.Password)
if !login {
LoadBasedOnAnswer(c.Mode, w, "login.html", c.AddMap(AnyMap{
"Submited": true,
"NoUserOrPassword": true,
"Email": email,
}))
return nil
return c.SendJSONStatus(http.StatusUnauthorized, "Email or password are incorrect")
}
cookie := &http.Cookie{Name: "auth", Value: token, HttpOnly: false, Expires: expiration}
http.SetCookie(w, cookie)
user, err := dbtypes.UserFromToken(c.Db, token)
if err != nil {
return c.Error500(err)
}
w.Header().Set("Location", "/")
w.WriteHeader(http.StatusSeeOther)
return nil
type UserReturn struct {
Token string `json:"token"`
Id string `json:"id"`
UserType int `json:"user_type"`
Username string `json:"username"`
Email string `json:"email"`
}
userReturn := UserReturn{
Token: token,
Id: user.Id,
UserType: user.UserType,
Username: user.Username,
Email: user.Email,
}
return c.SendJSON(userReturn)
})
handle.GetHTML("/register", AnswerTemplate("register.html", nil, 0))
handle.Post("/register", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if c.Mode == JSON {
type UserLogin struct {
Username string `json:"username"`
Email string `json:"email"`
Password string `json:"password"`
}
var dat UserLogin
if err := c.ToJSON(r, &dat); err != nil {
return err
}
if len(dat.Username) == 0 || len(dat.Password) == 0 || len(dat.Email) == 0 {
return c.SendJSONStatus(http.StatusBadRequest, "Please provide a valid json")
}
rows, err := db.Query("select username, email from users where username=$1 or email=$2;", dat.Username, dat.Email)
if err != nil {
return c.Error500(err)
}
defer rows.Close()
if rows.Next() {
var db_username string
var db_email string
err = rows.Scan(&db_username, &db_email)
if err != nil {
return c.Error500(err)
}
if db_email == dat.Email {
return c.SendJSONStatus(http.StatusBadRequest, "Email already in use!")
}
if db_username == dat.Username {
return c.SendJSONStatus(http.StatusBadRequest, "Username already in use!")
}
panic("Unrechable")
}
if len([]byte(dat.Password)) > 68 {
return c.JsonBadRequest("Password is to long!")
}
salt := generateSalt()
hash_password, err := hashPassword(dat.Password, salt)
if err != nil {
return c.Error500(err)
}
_, err = db.Exec("insert into users (username, email, salt, password) values ($1, $2, $3, $4);", dat.Username, dat.Email, salt, hash_password)
if err != nil {
return c.Error500(err)
}
// TODO Give this to the generateToken function
token, login := generateToken(db, dat.Email, dat.Password)
if !login {
return c.SendJSONStatus(500, "Could not login after creatting account please try again later")
}
user, err := dbtypes.UserFromToken(c.Db, token)
if err != nil {
return c.Error500(err)
}
type UserReturn struct {
Token string `json:"token"`
Id string `json:"id"`
UserType int `json:"user_type"`
Username string `json:"username"`
Email string `json:"email"`
}
userReturn := UserReturn{
Token: token,
Id: user.Id,
UserType: user.UserType,
Username: user.Username,
Email: user.Email,
}
return c.SendJSON(userReturn)
handle.Post("/register", func(c *Context) *Error {
type UserLogin struct {
Username string `json:"username"`
Email string `json:"email"`
Password string `json:"password"`
}
r.ParseForm()
f := r.Form
var dat UserLogin
if CheckEmpty(f, "email") || CheckEmpty(f, "password") || CheckEmpty(f, "username") {
LoadBasedOnAnswer(c.Mode, w, "register.html", AnyMap{
"Submited": true,
})
return nil
if err := c.ToJSON(&dat); err != nil {
return err
}
email := f.Get("email")
username := f.Get("username")
password := f.Get("password")
if len(dat.Username) == 0 || len(dat.Password) == 0 || len(dat.Email) == 0 {
return c.SendJSONStatus(http.StatusBadRequest, "Please provide a valid json")
}
rows, err := db.Query("select username, email from users where username=$1 or email=$2;", username, email)
rows, err := db.Query("select username, email from users where username=$1 or email=$2;", dat.Username, dat.Email)
if err != nil {
panic("TODO handle this")
return c.Error500(err)
}
defer rows.Close()
@@ -265,85 +145,95 @@ func usersEndpints(db *sql.DB, handle *Handle) {
var db_email string
err = rows.Scan(&db_username, &db_email)
if err != nil {
panic("TODO handle this better")
return c.Error500(err)
}
LoadBasedOnAnswer(c.Mode, w, "register.html", AnyMap{
"Submited": true,
"Email": email,
"Username": username,
"EmailError": db_email == email,
"UserError": db_username == username,
})
return nil
if db_email == dat.Email {
return c.SendJSONStatus(http.StatusBadRequest, "Email already in use!")
}
if db_username == dat.Username {
return c.SendJSONStatus(http.StatusBadRequest, "Username already in use!")
}
panic("Unrechable")
}
if len([]byte(password)) > 68 {
LoadBasedOnAnswer(c.Mode, w, "register.html", AnyMap{
"Submited": true,
"Email": email,
"Username": username,
"PasswordToLong": true,
})
return nil
if len([]byte(dat.Password)) > 68 {
return c.JsonBadRequest("Password is to long!")
}
salt := generateSalt()
hash_password, err := hashPassword(password, salt)
hash_password, err := hashPassword(dat.Password, salt)
if err != nil {
return &Error{
Code: http.StatusInternalServerError,
}
return c.Error500(err)
}
_, err = db.Exec("insert into users (username, email, salt, password) values ($1, $2, $3, $4);", username, email, salt, hash_password)
_, err = db.Exec("insert into users (username, email, salt, password) values ($1, $2, $3, $4);", dat.Username, dat.Email, salt, hash_password)
if err != nil {
return &Error{
Code: http.StatusInternalServerError,
}
return c.Error500(err)
}
// TODO Give this to the generateToken function
expiration := time.Now().Add(24 * time.Hour)
token, login := generateToken(db, email, password)
token, login := generateToken(db, dat.Email, dat.Password)
if !login {
msg := "Login failed"
return &Error{
Code: http.StatusInternalServerError,
Msg: &msg,
}
return c.SendJSONStatus(500, "Could not login after creatting account please try again later")
}
cookie := &http.Cookie{Name: "auth", Value: token, HttpOnly: false, Expires: expiration}
http.SetCookie(w, cookie)
w.Header().Set("Location", "/")
w.WriteHeader(http.StatusSeeOther)
return nil
user, err := dbtypes.UserFromToken(c.Db, token)
if err != nil {
return c.Error500(err)
}
type UserReturn struct {
Token string `json:"token"`
Id string `json:"id"`
UserType int `json:"user_type"`
Username string `json:"username"`
Email string `json:"email"`
}
userReturn := UserReturn{
Token: token,
Id: user.Id,
UserType: user.UserType,
Username: user.Username,
Email: user.Email,
}
return c.SendJSON(userReturn)
})
handle.Get("/user/info", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if !CheckAuthLevel(1, w, r, c) {
// TODO allow admin users to update this data
handle.Get("/user/info", func(c *Context) *Error {
if !c.CheckAuthLevel(1) {
return nil
}
if c.Mode == JSON {
return c.Error500(nil)
user, err := dbtypes.UserFromToken(c.Db, *c.Token)
if err != nil {
return c.Error500(err)
}
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
"Email": c.User.Email,
}))
return nil
type UserReturn struct {
Id string `json:"id"`
UserType int `json:"user_type"`
Username string `json:"username"`
Email string `json:"email"`
}
userReturn := UserReturn{
Id: user.Id,
UserType: user.UserType,
Username: user.Username,
Email: user.Email,
}
return c.SendJSON(userReturn)
})
// Handles updating users
handle.Post("/user/info", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if !CheckAuthLevel(int(dbtypes.User_Normal), w, r, c) {
handle.Post("/user/info", func(c *Context) *Error {
if !c.CheckAuthLevel(int(dbtypes.User_Normal)) {
return nil
}
if c.Mode != JSON {
return c.Error500(nil)
}
type UserData struct {
Id string `json:"id"`
@@ -352,7 +242,7 @@ func usersEndpints(db *sql.DB, handle *Handle) {
var dat UserData
if err := c.ToJSON(r, &dat); err != nil {
if err := c.ToJSON(&dat); err != nil {
return err
}
@@ -417,108 +307,38 @@ func usersEndpints(db *sql.DB, handle *Handle) {
return c.SendJSON(toReturnUser)
})
handle.Post("/user/info/email", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if !CheckAuthLevel(1, w, r, c) {
handle.Post("/user/info/password", func(c *Context) *Error {
if !c.CheckAuthLevel(1) {
return nil
}
if c.Mode == JSON {
return c.Error500(nil)
var dat struct {
Old_Password string `json:"old_password"`
Password string `json:"password"`
Password2 string `json:"password2"`
}
r.ParseForm()
if CheckEmpty(r.Form, "email") {
return c.Error400(nil, "Email Not provided", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
"Email": c.User.Email,
}))
if err := c.ToJSON(&dat); err != nil {
return err
}
_, err := c.Db.Exec("update users set email=$1 where id=$2", r.Form.Get("email"), c.User.Id)
if err != nil {
return c.Error500(err)
if dat.Password == "" {
return c.JsonBadRequest("Password can not be empty")
}
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
"Email": r.Form.Get("email"),
}))
return nil
})
handle.Post("/user/info/password", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if !CheckAuthLevel(1, w, r, c) {
return nil
}
if c.Mode == JSON {
var dat struct {
Old_Password string `json:"old_password"`
Password string `json:"password"`
Password2 string `json:"password2"`
}
if err := c.ToJSON(r, &dat); err != nil {
return err
}
if dat.Password == "" {
return c.JsonBadRequest("Password can not be empty")
}
if dat.Password != dat.Password2 {
return c.JsonBadRequest("New passwords did not match")
}
c.Logger.Warn("test", "dat", dat)
_, login := generateToken(db, c.User.Email, dat.Old_Password)
if !login {
return c.JsonBadRequest("Password is incorrect");
}
salt := generateSalt()
hash_password, err := hashPassword(dat.Password, salt)
if err != nil {
return c.Error500(err)
}
_, err = db.Exec("update users set salt=$1, password=$2 where id=$3", salt, hash_password, c.User.Id)
if err != nil {
return c.Error500(err)
}
return c.SendJSON(c.User.Id)
if dat.Password != dat.Password2 {
return c.JsonBadRequest("New passwords did not match")
}
r.ParseForm()
f := r.Form
c.Logger.Warn("test", "dat", dat)
if CheckEmpty(f, "old_password") || CheckEmpty(f, "password") || CheckEmpty(f, "password2") {
return c.Error400(nil, "OldPassword, Password or Password2 not provided!", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
"Email": c.User.Email,
"NoUserOrPassword": true,
}))
}
password := f.Get("password")
password2 := f.Get("password2")
if password != password2 {
return c.Error400(nil, "New passwords did not match", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
"Email": c.User.Email,
"PasswordNotTheSame": true,
}))
}
_, login := generateToken(db, c.User.Email, f.Get("old_password"))
_, login := generateToken(db, c.User.Email, dat.Old_Password)
if !login {
return c.Error400(nil, "Password was incorrect", w, "users/edit.html", "mainbody", c.AddMap(AnyMap{
"Email": c.User.Email,
"NoUserOrPassword": true,
}))
return c.JsonBadRequest("Password is incorrect")
}
salt := generateSalt()
hash_password, err := hashPassword(password, salt)
hash_password, err := hashPassword(dat.Password, salt)
if err != nil {
return c.Error500(err)
}
@@ -528,17 +348,8 @@ func usersEndpints(db *sql.DB, handle *Handle) {
return c.Error500(err)
}
LoadBasedOnAnswer(c.Mode, w, "users/edit.html", c.AddMap(AnyMap{
"email": c.User.Email,
}))
return nil
return c.SendJSON(c.User.Id)
})
handle.Get("/logout", func(w http.ResponseWriter, r *http.Request, c *Context) *Error {
if c.Mode == JSON {
panic("TODO handle json")
}
Logoff(c.Mode, w, r)
return nil
})
// TODO create function to remove token
}