2017-04-03 21:32:13 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2017-06-08 17:20:43 +00:00
|
|
|
"errors"
|
2017-04-03 21:32:13 +00:00
|
|
|
"net/http"
|
2017-06-08 17:20:43 +00:00
|
|
|
"strings"
|
2017-04-03 21:32:13 +00:00
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
)
|
|
|
|
|
|
|
|
// handleAdminDoLogin
|
|
|
|
// Verify the provided credentials, set up a cookie (if requested)
|
|
|
|
// and redirect back to /admin
|
2017-06-08 17:20:43 +00:00
|
|
|
// TODO: Set up the cookie
|
2017-04-03 21:32:13 +00:00
|
|
|
func handleAdminDoLogin(w http.ResponseWriter, req *http.Request) {
|
|
|
|
page := initAdminRequest(w, req)
|
|
|
|
// Fetch the login credentials
|
|
|
|
email := req.FormValue("email")
|
|
|
|
password := req.FormValue("password")
|
2017-06-08 17:20:43 +00:00
|
|
|
if err := doLogin(email, password); err != nil {
|
2017-04-03 21:32:13 +00:00
|
|
|
page.session.setFlashMessage("Invalid Login", "error")
|
2017-06-08 17:20:43 +00:00
|
|
|
} else {
|
|
|
|
page.session.setStringValue("email", email)
|
2017-04-03 21:32:13 +00:00
|
|
|
}
|
|
|
|
redirect("/admin", w, req)
|
|
|
|
}
|
|
|
|
|
2017-06-08 17:20:43 +00:00
|
|
|
// doLogin attempts to log in with the given email/password
|
|
|
|
// If it can't, it returns an error
|
|
|
|
func doLogin(email, password string) error {
|
|
|
|
if strings.TrimSpace(email) != "" && strings.TrimSpace(password) != "" {
|
|
|
|
return dbCheckCredentials(email, password)
|
|
|
|
}
|
|
|
|
return errors.New("Invalid Credentials")
|
|
|
|
}
|
|
|
|
|
2017-04-03 21:32:13 +00:00
|
|
|
// handleAdminDoLogout
|
|
|
|
// Expire the session
|
|
|
|
func handleAdminDoLogout(w http.ResponseWriter, req *http.Request) {
|
|
|
|
page := initAdminRequest(w, req)
|
|
|
|
page.session.expireSession()
|
|
|
|
page.session.setFlashMessage("Logged Out", "success")
|
|
|
|
|
|
|
|
redirect("/admin", w, req)
|
|
|
|
}
|
|
|
|
|
|
|
|
// handleAdminUsers
|
|
|
|
func handleAdminUsers(w http.ResponseWriter, req *http.Request, page *pageData) {
|
|
|
|
vars := mux.Vars(req)
|
|
|
|
page.SubTitle = "Admin Users"
|
|
|
|
email := vars["id"]
|
|
|
|
if email == "new" {
|
|
|
|
switch vars["function"] {
|
|
|
|
case "save":
|
|
|
|
email = req.FormValue("email")
|
|
|
|
if dbIsValidUserEmail(email) {
|
|
|
|
// User already exists
|
|
|
|
page.session.setFlashMessage("A user with email address "+email+" already exists!", "error")
|
|
|
|
} else {
|
|
|
|
password := req.FormValue("password")
|
|
|
|
if err := dbUpdateUserPassword(email, string(password)); err != nil {
|
|
|
|
page.session.setFlashMessage(err.Error(), "error")
|
|
|
|
} else {
|
|
|
|
page.session.setFlashMessage("User "+email+" created!", "success")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
redirect("/admin/users", w, req)
|
|
|
|
default:
|
|
|
|
page.SubTitle = "Add Admin User"
|
|
|
|
page.show("admin-adduser.html", w)
|
|
|
|
}
|
|
|
|
} else if email != "" {
|
|
|
|
switch vars["function"] {
|
|
|
|
case "save":
|
|
|
|
var err error
|
|
|
|
if dbIsValidUserEmail(email) {
|
|
|
|
password := req.FormValue("password")
|
|
|
|
if password != "" {
|
|
|
|
if err = dbUpdateUserPassword(email, password); err != nil {
|
|
|
|
page.session.setFlashMessage(err.Error(), "error")
|
|
|
|
} else {
|
|
|
|
page.session.setFlashMessage("User "+email+" created!", "success")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
redirect("/admin/users", w, req)
|
|
|
|
}
|
|
|
|
case "delete":
|
|
|
|
var err error
|
|
|
|
if dbIsValidUserEmail(email) {
|
|
|
|
if err = dbDeleteUser(email); err != nil {
|
|
|
|
page.session.setFlashMessage(err.Error(), "error")
|
|
|
|
} else {
|
|
|
|
page.session.setFlashMessage("User "+email+" deleted!", "success")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
redirect("/admin/users", w, req)
|
|
|
|
default:
|
|
|
|
page.SubTitle = "Edit Admin User"
|
|
|
|
if !dbIsValidUserEmail(email) {
|
|
|
|
page.session.setFlashMessage("Couldn't find the requested user, please try again.", "error")
|
|
|
|
redirect("/admin/users", w, req)
|
|
|
|
}
|
|
|
|
page.TemplateData = email
|
|
|
|
page.show("admin-edituser.html", w)
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
type usersPageData struct {
|
|
|
|
Users []string
|
|
|
|
}
|
|
|
|
page.TemplateData = usersPageData{Users: dbGetAllUsers()}
|
|
|
|
|
|
|
|
page.SubTitle = "Admin Users"
|
|
|
|
page.show("admin-users.html", w)
|
|
|
|
}
|
|
|
|
}
|