gosscms/admin_users.go
2017-08-28 15:04:19 -05:00

115 lines
3.2 KiB
Go

package main
import (
"errors"
"net/http"
"strings"
)
// handleAdminDoLogin
// Verify the provided credentials, set up a cookie (if requested)
// and redirect back to /admin
// TODO: Set up the cookie
func handleAdminDoLogin(w http.ResponseWriter, req *http.Request) {
page := initAdminRequest(w, req)
// Fetch the login credentials
email := req.FormValue("email")
password := req.FormValue("password")
if err := doLogin(email, password); err != nil {
page.session.setFlashMessage("Invalid Login", "error")
} else {
page.session.setStringValue("email", email)
}
redirect("/admin", w, req)
}
// doLogin attempts to log in with the given email/password
// If it can't, it returns an error
func doLogin(email, password string) error {
if strings.TrimSpace(email) != "" && strings.TrimSpace(password) != "" {
return dbCheckCredentials(email, password)
}
return errors.New("Invalid Credentials")
}
// handleAdminDoLogout
// Expire the session
func handleAdminDoLogout(w http.ResponseWriter, req *http.Request) {
page := initAdminRequest(w, req)
page.session.expireSession()
page.session.setFlashMessage("Logged Out", "success")
redirect("/admin", w, req)
}
// handleAdminUsers
func handleAdminUsers(w http.ResponseWriter, req *http.Request, page *pageData) {
//vars := mux.Vars(req)
vars := make(map[string]string)
page.SubTitle = "Admin Users"
email := vars["id"]
if email == "new" {
switch vars["function"] {
case "save":
email = req.FormValue("email")
if dbIsValidUserEmail(email) {
// User already exists
page.session.setFlashMessage("A user with email address "+email+" already exists!", "error")
} else {
password := req.FormValue("password")
if err := dbUpdateUserPassword(email, string(password)); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" created!", "success")
}
}
redirect("/admin/users", w, req)
default:
page.SubTitle = "Add Admin User"
page.show("admin-adduser.html", w)
}
} else if email != "" {
switch vars["function"] {
case "save":
var err error
if dbIsValidUserEmail(email) {
password := req.FormValue("password")
if password != "" {
if err = dbUpdateUserPassword(email, password); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" created!", "success")
}
}
redirect("/admin/users", w, req)
}
case "delete":
var err error
if dbIsValidUserEmail(email) {
if err = dbDeleteUser(email); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" deleted!", "success")
}
}
redirect("/admin/users", w, req)
default:
page.SubTitle = "Edit Admin User"
if !dbIsValidUserEmail(email) {
page.session.setFlashMessage("Couldn't find the requested user, please try again.", "error")
redirect("/admin/users", w, req)
}
page.TemplateData = email
page.show("admin-edituser.html", w)
}
} else {
type usersPageData struct {
Users []string
}
page.TemplateData = usersPageData{Users: dbGetAllUsers()}
page.SubTitle = "Admin Users"
page.show("admin-users.html", w)
}
}