add form page
This commit is contained in:
parent
61d3465e69
commit
fe41cc2405
|
|
@ -53,6 +53,14 @@ func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func
|
|||
}
|
||||
}
|
||||
|
||||
func ShowTemplate(template string, w http.ResponseWriter, r *http.Request, user *user.User) {
|
||||
err := templates[template].Execute(w, map[string]interface{}{"user": user})
|
||||
if err != nil {
|
||||
fmt.Println("Exec err: ", err)
|
||||
}
|
||||
// TODO: show error 500 page
|
||||
}
|
||||
|
||||
// Log in page handler
|
||||
func LoginFormHandler(w http.ResponseWriter, r *http.Request) {
|
||||
session, _ := store.Get(r, "c_user")
|
||||
|
|
@ -78,19 +86,22 @@ func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
|
|||
session, _ := store.Get(r, "c_user")
|
||||
session.Values["username"] = user.Username
|
||||
session.Save(r, w)
|
||||
http.Redirect(w, r, "/home", http.StatusFound) // TODO: $GET['redirect']
|
||||
if r.URL.Query().Get("url") != "" {
|
||||
http.Redirect(w, r, "/add?" + r.URL.RawQuery, http.StatusFound)
|
||||
}
|
||||
http.Redirect(w, r, "/", http.StatusFound)
|
||||
} else {
|
||||
time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins
|
||||
session, _ := store.Get(r, "c_user")
|
||||
session.AddFlash("Username or password", flash_err)
|
||||
session.Save(r, w)
|
||||
http.Redirect(w, r, "/login", http.StatusFound)
|
||||
http.Redirect(w, r, "/login?"+r.URL.RawQuery, http.StatusFound)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// ?url=
|
||||
func addFormHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
||||
|
||||
ShowTemplate("add", w, r, user)
|
||||
}
|
||||
|
||||
func addPostHandler(w http.ResponseWriter, r *http.Request, user *user.User) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
{{define "body"}}
|
||||
<h2 class="form-add-heading">Add Link</h2>
|
||||
{{template "flashes" .}}
|
||||
<form class="form-add" action="/add" method="post" role="form" class="container col-form">
|
||||
<div class="row">
|
||||
<div class="col-xs-2">Link:</div><div class="col-xs-10"><input type="text" class="form-control" name="link" placeholder="Link"/></div>
|
||||
<div class="col-xs-2">Title:</div><div class="col-xs-10"><input type="text" class="form-control" name="title" placeholder="Title"/></div>
|
||||
<div class="col-xs-2">Path:</div><div class="col-xs-10"><input type="text" class="form-control" name="path" placeholder="Path"/></div>
|
||||
<div class="col-xs-2">Description:</div><div class="col-xs-10"><textarea class="form-control" name="description" placeholder="Description" rows="3" cols="80">{{.task.Description}}</textarea></div>
|
||||
<div class="col-xs-2"></div><div class="col-xs-10"><input class="btn btn-lg btn-primary btn-block" type="submit" value="Add Link" /></div>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
{{end}}
|
||||
|
|
@ -25,7 +25,7 @@ func UsernameExists(db *sql.DB, username string) (bool, error) {
|
|||
|
||||
func NewUserFromAuth(db *sql.DB, username, password string) *User {
|
||||
fmt.Println("NewUserFromAuth:", username, ":", password)
|
||||
rows, err := db.Query("SELECT username FROM users WHERE username = $1 AND password = crypt($2 ,gen_salt('bf'));", username, password)
|
||||
rows, err := db.Query("SELECT username FROM users WHERE username = $1 AND password IS NOT NULL AND password = crypt($2 , password);", username, password)
|
||||
if err != nil {
|
||||
fmt.Println("Username or auth fail: ", err)
|
||||
return nil
|
||||
|
|
@ -37,6 +37,7 @@ func NewUserFromAuth(db *sql.DB, username, password string) *User {
|
|||
fmt.Println("scan err: ", err)
|
||||
}
|
||||
} else {
|
||||
fmt.Println("no match")
|
||||
return nil
|
||||
}
|
||||
return &user
|
||||
|
|
|
|||
Loading…
Reference in New Issue