Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/router/user_handler.go

368 lignes
12 Kio
Go
Brut Vue normale Historique

package router
2017-05-07 01:20:13 +02:00
import (
"net/http"
2017-05-10 03:15:29 +02:00
"strconv"
2017-05-25 04:18:31 +02:00
"time"
2017-05-10 03:15:29 +02:00
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/model"
"github.com/NyaaPantsu/nyaa/service/captcha"
2017-05-21 01:06:40 +02:00
"github.com/NyaaPantsu/nyaa/service/notifier"
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/service/user"
"github.com/NyaaPantsu/nyaa/service/user/form"
"github.com/NyaaPantsu/nyaa/service/user/permission"
2017-05-25 04:18:31 +02:00
"github.com/NyaaPantsu/nyaa/util/crypto"
"github.com/NyaaPantsu/nyaa/util/publicSettings"
2017-05-21 01:06:40 +02:00
msg "github.com/NyaaPantsu/nyaa/util/messages"
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/util/modelHelper"
"github.com/gorilla/mux"
)
// UserRegisterFormHandler : Getting View User Registration
func UserRegisterFormHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
_, errorUser := userService.CurrentUser(r)
// User is already connected, redirect to home
if errorUser == nil {
HomeHandler(w, r)
return
}
2017-05-21 19:38:39 +02:00
messages := msg.GetMessages(r)
registrationForm := form.RegistrationForm{}
modelHelper.BindValueForm(&registrationForm, r)
registrationForm.CaptchaID = captcha.GetID()
urtv := formTemplateVariables{
commonTemplateVariables: newCommonVariables(r),
Form: registrationForm,
FormErrors: messages.GetAllErrors(),
}
err := viewRegisterTemplate.ExecuteTemplate(w, "index.html", urtv)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
}
// UserLoginFormHandler : Getting View User Login
func UserLoginFormHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
2017-05-21 19:38:39 +02:00
_, errorUser := userService.CurrentUser(r)
// User is already connected, redirect to home
if errorUser == nil {
HomeHandler(w, r)
return
}
loginForm := form.LoginForm{}
modelHelper.BindValueForm(&loginForm, r)
2017-05-21 19:38:39 +02:00
messages := msg.GetMessages(r)
ulfv := formTemplateVariables{
commonTemplateVariables: newCommonVariables(r),
Form: loginForm,
FormErrors: messages.GetAllErrors(),
}
err := viewLoginTemplate.ExecuteTemplate(w, "index.html", ulfv)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
}
// UserProfileHandler : Getting User Profile
func UserProfileHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
vars := mux.Vars(r)
id := vars["id"]
Ts, _ := publicSettings.GetTfuncAndLanguageFromRequest(r)
2017-05-21 19:38:39 +02:00
messages := msg.GetMessages(r)
userProfile, _, errorUser := userService.RetrieveUserForAdmin(id)
if errorUser == nil {
currentUser := getUser(r)
follow := r.URL.Query()["followed"]
unfollow := r.URL.Query()["unfollowed"]
deleteVar := r.URL.Query()["delete"]
2017-05-10 03:15:29 +02:00
if (deleteVar != nil) && (userPermission.CurrentOrAdmin(currentUser, userProfile.ID)) {
2017-05-09 17:47:06 +02:00
_, errUser := userService.DeleteUser(w, currentUser, id)
if errUser != nil {
2017-05-21 19:38:39 +02:00
messages.ImportFromError("errors", errUser)
2017-05-09 17:47:06 +02:00
}
htv := userVerifyTemplateVariables{newCommonVariables(r), messages.GetAllErrors()}
2017-05-09 17:47:06 +02:00
errorTmpl := viewUserDeleteTemplate.ExecuteTemplate(w, "index.html", htv)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)
}
} else {
if follow != nil {
messages.AddInfof("infos", Ts("user_followed_msg"), userProfile.Username)
2017-05-10 03:15:29 +02:00
}
if unfollow != nil {
messages.AddInfof("infos", Ts("user_unfollowed_msg"), userProfile.Username)
}
2017-05-22 00:22:42 +02:00
userProfile.ParseSettings()
htv := userProfileVariables{newCommonVariables(r), &userProfile, messages.GetAllInfos()}
err := viewProfileTemplate.ExecuteTemplate(w, "index.html", htv)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
}
} else {
2017-05-21 19:38:39 +02:00
NotFoundHandler(w, r)
}
}
// UserDetailsHandler : Getting User Profile Details View
func UserDetailsHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
vars := mux.Vars(r)
id := vars["id"]
currentUser := getUser(r)
2017-05-21 19:38:39 +02:00
messages := msg.GetMessages(r)
userProfile, _, errorUser := userService.RetrieveUserForAdmin(id)
2017-05-11 02:18:19 +02:00
if errorUser == nil && userPermission.CurrentOrAdmin(currentUser, userProfile.ID) {
2017-05-11 02:17:01 +02:00
if userPermission.CurrentOrAdmin(currentUser, userProfile.ID) {
b := form.UserForm{}
modelHelper.BindValueForm(&b, r)
availableLanguages := publicSettings.GetAvailableLanguages()
2017-05-22 00:22:42 +02:00
userProfile.ParseSettings()
htv := userProfileEditVariables{newCommonVariables(r), &userProfile, b, messages.GetAllErrors(), messages.GetAllInfos(), availableLanguages}
2017-05-11 02:17:01 +02:00
err := viewProfileEditTemplate.ExecuteTemplate(w, "index.html", htv)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
}
2017-05-11 02:29:29 +02:00
} else {
2017-05-21 19:38:39 +02:00
NotFoundHandler(w, r)
}
}
2017-05-11 02:17:01 +02:00
// UserProfileFormHandler : Getting View User Profile Update
func UserProfileFormHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
2017-05-09 17:47:06 +02:00
vars := mux.Vars(r)
id := vars["id"]
currentUser := getUser(r)
2017-05-09 17:47:06 +02:00
userProfile, _, errorUser := userService.RetrieveUserForAdmin(id)
2017-05-21 00:02:57 +02:00
if errorUser != nil || !userPermission.CurrentOrAdmin(currentUser, userProfile.ID) || userProfile.ID == 0 {
NotFoundHandler(w, r)
return
}
2017-05-22 00:22:42 +02:00
userProfile.ParseSettings()
2017-05-21 18:13:28 +02:00
messages := msg.GetMessages(r)
userForm := form.UserForm{}
2017-05-21 18:13:28 +02:00
userSettingsForm := form.UserSettingsForm{}
Ts, _ := publicSettings.GetTfuncAndLanguageFromRequest(r)
if len(r.PostFormValue("email")) > 0 {
form.EmailValidation(r.PostFormValue("email"), messages)
}
if len(r.PostFormValue("username")) > 0 {
form.ValidateUsername(r.PostFormValue("username"), messages)
}
2017-05-21 18:13:28 +02:00
if !messages.HasErrors() {
modelHelper.BindValueForm(&userForm, r)
2017-05-21 18:13:28 +02:00
modelHelper.BindValueForm(&userSettingsForm, r)
if !userPermission.HasAdmin(currentUser) {
userForm.Username = userProfile.Username
userForm.Status = userProfile.Status
2017-05-09 17:47:06 +02:00
} else {
if userProfile.Status != userForm.Status && userForm.Status == 2 {
2017-05-21 18:13:28 +02:00
messages.AddError("errors", "Elevating status to moderator is prohibited")
2017-05-09 17:47:06 +02:00
}
}
modelHelper.ValidateForm(&userForm, messages)
2017-05-21 18:13:28 +02:00
if !messages.HasErrors() {
if userForm.Email != userProfile.Email {
userService.SendVerificationToUser(*currentUser, userForm.Email)
messages.AddInfof("infos", Ts("email_changed"), userForm.Email)
userForm.Email = userProfile.Email // reset, it will be set when user clicks verification
}
2017-05-22 00:22:42 +02:00
userProfile, _, errorUser = userService.UpdateUser(w, &userForm, &userSettingsForm, currentUser, id)
if errorUser != nil {
2017-05-21 18:13:28 +02:00
messages.ImportFromError("errors", errorUser)
} else {
messages.AddInfo("infos", Ts("profile_updated"))
}
2017-05-09 17:47:06 +02:00
}
}
availableLanguages := publicSettings.GetAvailableLanguages()
upev := userProfileEditVariables{
commonTemplateVariables: newCommonVariables(r),
UserProfile: &userProfile,
UserForm: userForm,
2017-05-21 18:13:28 +02:00
FormErrors: messages.GetAllErrors(),
FormInfos: messages.GetAllInfos(),
Languages: availableLanguages,
}
errorTmpl := viewProfileEditTemplate.ExecuteTemplate(w, "index.html", upev)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)
}
}
// UserRegisterPostHandler : Post Registration controller, we do some check on the form here, the rest on user service
func UserRegisterPostHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
b := form.RegistrationForm{}
2017-05-21 20:20:40 +02:00
messages := msg.GetMessages(r)
2017-05-21 19:38:39 +02:00
if !captcha.Authenticate(captcha.Extract(r)) {
2017-05-21 19:38:39 +02:00
messages.AddError("errors", "Wrong captcha!")
}
2017-05-21 19:38:39 +02:00
if !messages.HasErrors() {
if len(r.PostFormValue("email")) > 0 {
form.EmailValidation(r.PostFormValue("email"), messages)
}
form.ValidateUsername(r.PostFormValue("username"), messages)
2017-05-21 19:38:39 +02:00
if !messages.HasErrors() {
modelHelper.BindValueForm(&b, r)
modelHelper.ValidateForm(&b, messages)
2017-05-21 19:38:39 +02:00
if !messages.HasErrors() {
_, errorUser := userService.CreateUser(w, r)
if errorUser != nil {
2017-05-21 19:38:39 +02:00
messages.ImportFromError("errors", errorUser)
2017-05-07 20:47:29 +02:00
}
2017-05-21 19:38:39 +02:00
if !messages.HasErrors() {
common := newCommonVariables(r)
common.User = &model.User{
2017-05-10 00:04:07 +02:00
Email: r.PostFormValue("email"), // indicate whether user had email set
}
htv := formTemplateVariables{common, b, messages.GetAllErrors(), messages.GetAllInfos()}
errorTmpl := viewRegisterSuccessTemplate.ExecuteTemplate(w, "index.html", htv)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)
}
}
}
}
}
2017-05-21 19:38:39 +02:00
if messages.HasErrors() {
UserRegisterFormHandler(w, r)
}
}
// UserVerifyEmailHandler : Controller when verifying email, needs a token
func UserVerifyEmailHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
vars := mux.Vars(r)
token := vars["token"]
2017-05-21 19:38:39 +02:00
messages := msg.GetMessages(r)
_, errEmail := userService.EmailVerification(token, w)
if errEmail != nil {
2017-05-21 19:38:39 +02:00
messages.ImportFromError("errors", errEmail)
}
htv := userVerifyTemplateVariables{newCommonVariables(r), messages.GetAllErrors()}
errorTmpl := viewVerifySuccessTemplate.ExecuteTemplate(w, "index.html", htv)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)
}
}
// UserLoginPostHandler : Post Login controller
func UserLoginPostHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
2017-05-08 00:21:31 +02:00
b := form.LoginForm{}
modelHelper.BindValueForm(&b, r)
2017-05-21 20:20:40 +02:00
messages := msg.GetMessages(r)
2017-05-21 19:38:39 +02:00
modelHelper.ValidateForm(&b, messages)
2017-05-21 19:38:39 +02:00
if !messages.HasErrors() {
2017-05-08 00:21:31 +02:00
_, errorUser := userService.CreateUserAuthentication(w, r)
if errorUser != nil {
2017-05-21 19:38:39 +02:00
messages.ImportFromError("errors", errorUser)
htv := formTemplateVariables{newCommonVariables(r), b, messages.GetAllErrors(), messages.GetAllInfos()}
2017-05-08 00:21:31 +02:00
errorTmpl := viewLoginTemplate.ExecuteTemplate(w, "index.html", htv)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)
}
return
2017-05-08 00:21:31 +02:00
}
url, _ := Router.Get("home").URL()
http.Redirect(w, r, url.String(), http.StatusSeeOther)
2017-05-08 00:21:31 +02:00
}
2017-05-21 19:38:39 +02:00
if messages.HasErrors() {
2017-05-24 09:11:13 +02:00
UserLoginFormHandler(w, r)
}
}
// UserLogoutHandler : Controller to logout users
func UserLogoutHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
_, _ = userService.ClearCookie(w)
url, _ := Router.Get("home").URL()
http.Redirect(w, r, url.String(), http.StatusSeeOther)
}
2017-05-10 03:15:29 +02:00
// UserFollowHandler : Controller to follow/unfollow users, need user id to follow
2017-05-10 03:15:29 +02:00
func UserFollowHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
2017-05-10 03:15:29 +02:00
var followAction string
vars := mux.Vars(r)
id := vars["id"]
currentUser := getUser(r)
2017-05-10 03:15:29 +02:00
user, _, errorUser := userService.RetrieveUserForAdmin(id)
2017-05-21 00:02:57 +02:00
if errorUser == nil && user.ID > 0 {
if !userPermission.IsFollower(&user, currentUser) {
2017-05-10 03:15:29 +02:00
followAction = "followed"
userService.SetFollow(&user, currentUser)
} else {
followAction = "unfollowed"
userService.RemoveFollow(&user, currentUser)
}
}
url, _ := Router.Get("user_profile").URL("id", strconv.Itoa(int(user.ID)), "username", user.Username)
2017-05-10 03:15:29 +02:00
http.Redirect(w, r, url.String()+"?"+followAction, http.StatusSeeOther)
}
2017-05-21 00:02:57 +02:00
// UserNotificationsHandler : Controller to show user notifications
2017-05-21 00:02:57 +02:00
func UserNotificationsHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
currentUser := getUser(r)
2017-05-21 00:02:57 +02:00
if currentUser.ID > 0 {
2017-05-21 01:06:40 +02:00
messages := msg.GetMessages(r)
Ts, _ := publicSettings.GetTfuncAndLanguageFromRequest(r)
2017-05-21 01:06:40 +02:00
if r.URL.Query()["clear"] != nil {
notifierService.DeleteAllNotifications(currentUser.ID)
2017-05-21 01:22:07 +02:00
messages.AddInfo("infos", Ts("notifications_cleared"))
2017-05-21 01:06:40 +02:00
currentUser.Notifications = []model.Notification{}
}
htv := userProfileVariables{newCommonVariables(r), currentUser, messages.GetAllInfos()}
2017-05-21 00:02:57 +02:00
err := viewProfileNotifTemplate.ExecuteTemplate(w, "index.html", htv)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
} else {
NotFoundHandler(w, r)
}
}
2017-05-25 04:18:31 +02:00
// UserAPIKeyResetHandler : Controller to reset user api key
func UserAPIKeyResetHandler(w http.ResponseWriter, r *http.Request) {
2017-05-27 03:50:31 +02:00
defer r.Body.Close()
2017-05-25 04:18:31 +02:00
vars := mux.Vars(r)
id := vars["id"]
currentUser := getUser(r)
2017-05-25 04:18:31 +02:00
Ts, _ := publicSettings.GetTfuncAndLanguageFromRequest(r)
2017-05-25 04:18:31 +02:00
messages := msg.GetMessages(r)
userProfile, _, errorUser := userService.RetrieveUserForAdmin(id)
if errorUser != nil || !userPermission.CurrentOrAdmin(currentUser, userProfile.ID) || userProfile.ID == 0 {
NotFoundHandler(w, r)
return
}
userProfile.APIToken, _ = crypto.GenerateRandomToken32()
userProfile.APITokenExpiry = time.Unix(0, 0)
_, errorUser = userService.UpdateRawUser(&userProfile)
2017-05-25 04:18:31 +02:00
if errorUser != nil {
messages.ImportFromError("errors", errorUser)
} else {
messages.AddInfo("infos", Ts("profile_updated"))
}
UserProfileHandler(w, r)
2017-05-25 04:18:31 +02:00
}