2020-09-17 16:19:05 -04:00
|
|
|
package main
|
|
|
|
|
|
2020-09-22 14:37:54 -04:00
|
|
|
import (
|
|
|
|
|
"log"
|
|
|
|
|
"net/http"
|
2021-03-02 15:03:56 -05:00
|
|
|
"strings"
|
2020-09-22 14:37:54 -04:00
|
|
|
)
|
2020-09-17 16:19:05 -04:00
|
|
|
|
|
|
|
|
func setSession(uname string, res http.ResponseWriter) {
|
|
|
|
|
value := map[string]string{
|
|
|
|
|
"name": uname,
|
|
|
|
|
}
|
|
|
|
|
if encoded, err := cookieHandler.Encode("session", value); err == nil {
|
|
|
|
|
cookie := &http.Cookie{
|
|
|
|
|
Name: "session",
|
|
|
|
|
Value: encoded,
|
|
|
|
|
Path: "/",
|
|
|
|
|
}
|
|
|
|
|
http.SetCookie(res, cookie)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getUserName(req *http.Request) (uname string) {
|
|
|
|
|
if cookie, err := req.Cookie("session"); err == nil {
|
|
|
|
|
cookieValue := make(map[string]string)
|
|
|
|
|
if err = cookieHandler.Decode("session", cookie.Value, &cookieValue); err == nil {
|
|
|
|
|
uname = cookieValue["name"]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return uname
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func clearSession(res http.ResponseWriter) {
|
|
|
|
|
cookie := &http.Cookie{
|
|
|
|
|
Name: "session",
|
|
|
|
|
Value: "",
|
|
|
|
|
Path: "/",
|
|
|
|
|
MaxAge: -1,
|
|
|
|
|
}
|
|
|
|
|
http.SetCookie(res, cookie)
|
|
|
|
|
}
|
2020-09-22 14:37:54 -04:00
|
|
|
|
|
|
|
|
func signup(res http.ResponseWriter, req *http.Request) {
|
|
|
|
|
username := req.FormValue("username")
|
|
|
|
|
password := req.FormValue("password")
|
|
|
|
|
email := req.FormValue("email")
|
|
|
|
|
secret := req.FormValue("secret")
|
|
|
|
|
|
|
|
|
|
if Conf.Secret != "" && Conf.Secret != secret {
|
|
|
|
|
//Checking it as a token
|
2021-03-02 14:26:58 -05:00
|
|
|
_, err := validateToken(secret, false)
|
2020-09-22 14:37:54 -04:00
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Bad secret entered: %v\n", err)
|
2020-11-12 14:33:01 -05:00
|
|
|
genericErrorPage(res, "User Creation Failure", "Unregistered", false, "Invalid Secret Token.", "to create account")
|
|
|
|
|
|
2020-09-22 14:37:54 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
//insert into LDAP
|
|
|
|
|
log.Printf("Attempting to create account for %v", username)
|
2021-03-02 15:03:56 -05:00
|
|
|
err := createLDAPAccount(strings.ToLower(username), password, email)
|
2020-09-22 14:37:54 -04:00
|
|
|
if err == nil {
|
2020-11-12 14:33:01 -05:00
|
|
|
genericSuccessPage(res, "User Created", "Unregistered", false, "User created")
|
2020-09-22 14:37:54 -04:00
|
|
|
return
|
|
|
|
|
} else {
|
2020-11-12 14:33:01 -05:00
|
|
|
genericErrorPage(res, "User Creation Failure", "Unregistered", false, err.Error(), "to create account")
|
2020-09-22 14:37:54 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func login(res http.ResponseWriter, req *http.Request) {
|
2021-03-02 15:03:56 -05:00
|
|
|
username := strings.ToLower(req.FormValue("username"))
|
2020-09-22 14:37:54 -04:00
|
|
|
password := req.FormValue("password")
|
|
|
|
|
err := loginLDAPAccount(username, password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error logging in user %v: %v\n", username, err)
|
2020-11-12 14:33:01 -05:00
|
|
|
genericErrorPage(res, "Login Failure", "Unregistered", false, err.Error(), "to login")
|
2020-09-22 14:37:54 -04:00
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
setSession(username, res)
|
2021-03-31 16:18:02 -04:00
|
|
|
log.Printf("Succesful logging in user %v\n", username)
|
2020-09-22 14:37:54 -04:00
|
|
|
http.Redirect(res, req, "/", 302)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func logout(res http.ResponseWriter, req *http.Request) {
|
|
|
|
|
clearSession(res)
|
|
|
|
|
}
|
