diff --git a/route_handlers.go b/route_handlers.go index 3667843..169052d 100644 --- a/route_handlers.go +++ b/route_handlers.go @@ -53,6 +53,14 @@ func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func } } +func ShowTemplate(template string, w http.ResponseWriter, r *http.Request, user *user.User) { +err := templates[template].Execute(w, map[string]interface{}{"user": user}) + if err != nil { + fmt.Println("Exec err: ", err) + } + // TODO: show error 500 page +} + // Log in page handler func LoginFormHandler(w http.ResponseWriter, r *http.Request) { session, _ := store.Get(r, "c_user") @@ -78,19 +86,22 @@ func LoginPostHandler(w http.ResponseWriter, r *http.Request) { session, _ := store.Get(r, "c_user") session.Values["username"] = user.Username session.Save(r, w) - http.Redirect(w, r, "/home", http.StatusFound) // TODO: $GET['redirect'] + if r.URL.Query().Get("url") != "" { + http.Redirect(w, r, "/add?" + r.URL.RawQuery, http.StatusFound) + } + http.Redirect(w, r, "/", http.StatusFound) } else { time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins session, _ := store.Get(r, "c_user") session.AddFlash("Username or password", flash_err) session.Save(r, w) - http.Redirect(w, r, "/login", http.StatusFound) + http.Redirect(w, r, "/login?"+r.URL.RawQuery, http.StatusFound) } } - +// ?url= func addFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) { - + ShowTemplate("add", w, r, user) } func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User) { diff --git a/templates/pages/add.html b/templates/pages/add.html new file mode 100644 index 0000000..dbff2af --- /dev/null +++ b/templates/pages/add.html @@ -0,0 +1,14 @@ +{{define "body"}} +