ictgj-voting/admin_users.go

116 lines
3.2 KiB
Go
Raw Normal View History

2017-04-03 21:32:13 +00:00
package main
import (
2017-06-08 17:20:43 +00:00
"errors"
2017-04-03 21:32:13 +00:00
"net/http"
2017-06-08 17:20:43 +00:00
"strings"
2017-04-03 21:32:13 +00:00
"github.com/gorilla/mux"
)
// handleAdminDoLogin
// Verify the provided credentials, set up a cookie (if requested)
// and redirect back to /admin
2017-06-08 17:20:43 +00:00
// TODO: Set up the cookie
2017-04-03 21:32:13 +00:00
func handleAdminDoLogin(w http.ResponseWriter, req *http.Request) {
page := initAdminRequest(w, req)
// Fetch the login credentials
email := req.FormValue("email")
password := req.FormValue("password")
2017-06-08 17:20:43 +00:00
if err := doLogin(email, password); err != nil {
2017-04-03 21:32:13 +00:00
page.session.setFlashMessage("Invalid Login", "error")
2017-06-08 17:20:43 +00:00
} else {
page.session.setStringValue("email", email)
2017-04-03 21:32:13 +00:00
}
redirect("/admin", w, req)
}
2017-06-08 17:20:43 +00:00
// doLogin attempts to log in with the given email/password
// If it can't, it returns an error
func doLogin(email, password string) error {
if strings.TrimSpace(email) != "" && strings.TrimSpace(password) != "" {
return dbCheckCredentials(email, password)
}
return errors.New("Invalid Credentials")
}
2017-04-03 21:32:13 +00:00
// handleAdminDoLogout
// Expire the session
func handleAdminDoLogout(w http.ResponseWriter, req *http.Request) {
page := initAdminRequest(w, req)
page.session.expireSession()
page.session.setFlashMessage("Logged Out", "success")
redirect("/admin", w, req)
}
// handleAdminUsers
func handleAdminUsers(w http.ResponseWriter, req *http.Request, page *pageData) {
vars := mux.Vars(req)
page.SubTitle = "Admin Users"
email := vars["id"]
if email == "new" {
switch vars["function"] {
case "save":
email = req.FormValue("email")
if dbIsValidUserEmail(email) {
// User already exists
page.session.setFlashMessage("A user with email address "+email+" already exists!", "error")
} else {
password := req.FormValue("password")
if err := dbUpdateUserPassword(email, string(password)); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" created!", "success")
}
}
redirect("/admin/users", w, req)
default:
page.SubTitle = "Add Admin User"
page.show("admin-adduser.html", w)
}
} else if email != "" {
switch vars["function"] {
case "save":
var err error
if dbIsValidUserEmail(email) {
password := req.FormValue("password")
if password != "" {
if err = dbUpdateUserPassword(email, password); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" created!", "success")
}
}
redirect("/admin/users", w, req)
}
case "delete":
var err error
if dbIsValidUserEmail(email) {
if err = dbDeleteUser(email); err != nil {
page.session.setFlashMessage(err.Error(), "error")
} else {
page.session.setFlashMessage("User "+email+" deleted!", "success")
}
}
redirect("/admin/users", w, req)
default:
page.SubTitle = "Edit Admin User"
if !dbIsValidUserEmail(email) {
page.session.setFlashMessage("Couldn't find the requested user, please try again.", "error")
redirect("/admin/users", w, req)
}
page.TemplateData = email
page.show("admin-edituser.html", w)
}
} else {
type usersPageData struct {
Users []string
}
page.TemplateData = usersPageData{Users: dbGetAllUsers()}
page.SubTitle = "Admin Users"
page.show("admin-users.html", w)
}
}