@@ -26,11 +26,11 @@ func autoLogout(w http.ResponseWriter) {
|
||||
}
|
||||
for _, user := range users {
|
||||
if user.CheckAnwesenheit() {
|
||||
err = user.Logout()
|
||||
err = user.CheckOut()
|
||||
if err != nil {
|
||||
fmt.Printf("Error logging out user %v\n", err)
|
||||
}else {
|
||||
logged_out_users = append(logged_out_users, user)
|
||||
} else {
|
||||
logged_out_users = append(logged_out_users, user)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"arbeitszeitmessung/helper"
|
||||
"arbeitszeitmessung/models"
|
||||
"arbeitszeitmessung/templates"
|
||||
"context"
|
||||
"log"
|
||||
"net/http"
|
||||
"strconv"
|
||||
@@ -34,22 +35,15 @@ func LoginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
}
|
||||
|
||||
func UserSettingsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
helper.RequiresLogin(Session, w, r)
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
showUserPage(w, r, 0)
|
||||
break
|
||||
case http.MethodPost:
|
||||
changePassword(w, r)
|
||||
break
|
||||
default:
|
||||
http.Error(w, "Method not allowed!", http.StatusMethodNotAllowed)
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
func showLoginPage(w http.ResponseWriter, r *http.Request, failed bool) {
|
||||
r = r.WithContext(context.WithValue(r.Context(), "session", Session))
|
||||
if helper.GetEnv("GO_ENV", "production") == "debug" {
|
||||
// http.Redirect(w, r, "/time", http.StatusSeeOther)
|
||||
templates.LoginPage(failed).Render(r.Context(), w)
|
||||
}
|
||||
if Session.Exists(r.Context(), "user") {
|
||||
http.Redirect(w, r, "/time", http.StatusSeeOther)
|
||||
}
|
||||
templates.LoginPage(failed).Render(r.Context(), w)
|
||||
}
|
||||
|
||||
@@ -91,38 +85,3 @@ func loginUser(w http.ResponseWriter, r *http.Request) {
|
||||
showLoginPage(w, r, false)
|
||||
return
|
||||
}
|
||||
|
||||
// change user password and store salted hash in db
|
||||
func changePassword(w http.ResponseWriter, r *http.Request) {
|
||||
err := r.ParseForm()
|
||||
if err != nil {
|
||||
log.Println("Error parsing form!", err)
|
||||
http.Error(w, "Error parsing form error", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
password := r.FormValue("password")
|
||||
newPassword := r.FormValue("new_password")
|
||||
if password == "" || newPassword == "" || newPassword != r.FormValue("new_password_repeat") {
|
||||
showUserPage(w, r, http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
user, err := (*models.User).GetByPersonalNummer(nil, Session.GetInt(r.Context(), "user"))
|
||||
if err != nil {
|
||||
log.Println("Error getting user!", err)
|
||||
showUserPage(w, r, http.StatusBadRequest)
|
||||
}
|
||||
auth, err := user.ChangePass(password, newPassword)
|
||||
if err != nil {
|
||||
log.Println("Error when changing password!", err)
|
||||
}
|
||||
if auth {
|
||||
showUserPage(w, r, http.StatusOK)
|
||||
return
|
||||
}
|
||||
showUserPage(w, r, http.StatusUnauthorized)
|
||||
}
|
||||
|
||||
func showUserPage(w http.ResponseWriter, r *http.Request, status int) {
|
||||
templates.UserPage(status).Render(r.Context(), w)
|
||||
return
|
||||
}
|
||||
76
Backend/endpoints/user-settings.go
Normal file
76
Backend/endpoints/user-settings.go
Normal file
@@ -0,0 +1,76 @@
|
||||
package endpoints
|
||||
|
||||
import (
|
||||
"arbeitszeitmessung/helper"
|
||||
"arbeitszeitmessung/models"
|
||||
"arbeitszeitmessung/templates"
|
||||
"log"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func UserSettingsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
helper.RequiresLogin(Session, w, r)
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
showUserPage(w, r, 0)
|
||||
break
|
||||
case http.MethodPost:
|
||||
switch r.FormValue("action") {
|
||||
case "change-pass":
|
||||
changePassword(w, r)
|
||||
break
|
||||
case "logout-user":
|
||||
logoutUser(w, r)
|
||||
break
|
||||
}
|
||||
|
||||
break
|
||||
default:
|
||||
http.Error(w, "Method not allowed!", http.StatusMethodNotAllowed)
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
// change user password and store salted hash in db
|
||||
func changePassword(w http.ResponseWriter, r *http.Request) {
|
||||
err := r.ParseForm()
|
||||
if err != nil {
|
||||
log.Println("Error parsing form!", err)
|
||||
http.Error(w, "Error parsing form error", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
password := r.FormValue("password")
|
||||
newPassword := r.FormValue("new_password")
|
||||
if password == "" || newPassword == "" || newPassword != r.FormValue("new_password_repeat") {
|
||||
showUserPage(w, r, http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
user, err := (*models.User).GetByPersonalNummer(nil, Session.GetInt(r.Context(), "user"))
|
||||
if err != nil {
|
||||
log.Println("Error getting user!", err)
|
||||
showUserPage(w, r, http.StatusBadRequest)
|
||||
}
|
||||
auth, err := user.ChangePass(password, newPassword)
|
||||
if err != nil {
|
||||
log.Println("Error when changing password!", err)
|
||||
}
|
||||
if auth {
|
||||
showUserPage(w, r, http.StatusAccepted)
|
||||
return
|
||||
}
|
||||
showUserPage(w, r, http.StatusUnauthorized)
|
||||
}
|
||||
|
||||
func logoutUser(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
err := Session.Destroy(r.Context())
|
||||
if err != nil {
|
||||
log.Println("Error destroying session!", err)
|
||||
}
|
||||
http.Redirect(w, r, "/user/login", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
func showUserPage(w http.ResponseWriter, r *http.Request, status int) {
|
||||
templates.UserPage(status).Render(r.Context(), w)
|
||||
return
|
||||
}
|
||||
Reference in New Issue
Block a user