a
/
gosora
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gosora/routes/account.go

193 lines
6.2 KiB
Go
Raw Normal View History

Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
package routes
import (
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
"html"
"log"
Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
"net/http"
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
"strings"
Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
"../common"
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
"../query_gen/lib"
Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
)
// A blank list to fill out that parameter in Page for routes which don't use it
var tList []interface{}
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
func AccountLogin(w http.ResponseWriter, r *http.Request, user common.User) common.RouteError {
headerVars, ferr := common.UserCheck(w, r, &user)
if ferr != nil {
return ferr
}
if user.Loggedin {
return common.LocalError("You're already logged in.", w, r, user)
}
pi := common.Page{common.GetTitlePhrase("login"), user, headerVars, tList, nil}
Moved the counters to their own package. De-duped some of the logging code. Added per-route state to the not found errors. Exported debugDetail, debugDetailf, debugLog, and debugLogf. Tweaked the padding on Tempra Simple. Added panel submenus to Tempra Conflux. Added Chart CSS to Tempra Conflux. Fixed the padding and margins for the Control Panel in Cosora. Made Cosora's Control Panel a little more tablet friendly. Added the rowmsg CSS class to better style message rows. Removed the repetitive guard code for the pre-render hooks. Removed the repetitive guard code for the string-string hooks. We now capture views for routes.StaticFile Added the move action to the moderation logs. Added the viewchunks_forums table. Began work on Per-forum Views. I probably missed a few things in this changelog.
2018-02-19 04:26:01 +00:00
if common.RunPreRenderHook("pre_render_login", w, r, &user, &pi) {
return nil
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
}
Added support for phrases in templates. The language of the end-user is now tracked and presented in the Analytics Manager. Profile owners now get alerts when someone posts on their profiles. The login page is now transpiled, estimated to be sixty times faster. The registration page is now transpiled, estimated to be sixty times faster. The IP Search page is now transpiled, estimated to be sixty times faster. The error pages are now transpiled, estimated to be sixty times faster. The login page now uses phrases. The registration page now uses phrases. IP Search now uses phrases. Renamed the ip-search template to ip_search. Alerts are now held in an alertbox container div. Added ids for the main container divs for the account manager sections. Added an id to the main container for the topic list template. Added an id to the main container for the forum list template. Added an id to the main container for the forum template. Added an avatar box CSS class for the avatar box in the account manager's avatar page. Did a bit of renaming for a future refactor in the routes counter. Did a bit of renaming for a future refactor in the operating system counter. A notice is shown to the user now when their account is inactive. The account activation status is now fetched by the user store. We now track Slackbot. You can now prepend strings to the start of router.DumpRequest request dumps to avoid tearing these bits of contextual data away from the bodies. .action file extensions are now seen as suspicious by the router. Moved routeWebsockets to common.RouteWebsockets for now. Moved routeCreateReplySubmit to routes.CreateReplySubmit. Moved alert.go into common. Moved the WebSockets logic into common. Escape strings a little earlier in the analytics routes and use integers instead of strings where possible. We now show a success notification when you update a user via the User Manager. Split the configuration properties off from CTemplateSet into CTemplateConfig. Renamed some of the properties of CTemplateSet to make them easier to understand. Removed some obsolete properties from CTemplateSet. Did a bit of spring cleaning in the template transpiler to cut down on unneccessary lines and to reduce duplication. Fixed a double else bug in ranges over maps in the template transpiler. Split the minifiers off the main template transpilation file into their own file. Refactored some of the routes which rely on alerts to use shared functions rather than having unique implementations in the routes themselves. All Themes Except Cosora: Refactored the opt nodes to make it easier to roll out bulk moderation. Shadow: Improved the notice CSS. Tweaked the sticky border colour. Cosora: The theme JS file now uses strict mode. Notices are shunted under rowhead with JS now, although this change might be reverted soon. Added CSS for notices. Fixed the padding under the avatar box in the account manager avatar page. Schema: Added the viewchunks_langs table.
2018-03-08 03:59:47 +00:00
err := common.RunThemeTemplate(headerVars.Theme.Name, "login", pi, w)
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
if err != nil {
return common.InternalError(err, w, r)
}
return nil
}
// TODO: Log failed attempted logins?
// TODO: Lock IPS out if they have too many failed attempts?
// TODO: Log unusual countries in comparison to the country a user usually logs in from? Alert the user about this?
func AccountLoginSubmit(w http.ResponseWriter, r *http.Request, user common.User) common.RouteError {
if user.Loggedin {
return common.LocalError("You're already logged in.", w, r, user)
}
username := html.EscapeString(strings.Replace(r.PostFormValue("username"), "\n", "", -1))
uid, err := common.Auth.Authenticate(username, r.PostFormValue("password"))
if err != nil {
return common.LocalError(err.Error(), w, r, user)
}
userPtr, err := common.Users.Get(uid)
if err != nil {
return common.LocalError("Bad account", w, r, user)
}
user = *userPtr
var session string
if user.Session == "" {
session, err = common.Auth.CreateSession(uid)
if err != nil {
return common.InternalError(err, w, r)
}
} else {
session = user.Session
}
common.Auth.SetCookies(w, uid, session)
if user.IsAdmin {
// Is this error check redundant? We already check for the error in PreRoute for the same IP
// TODO: Should we be logging this?
log.Printf("#%d has logged in with IP %s", uid, user.LastIP)
}
http.Redirect(w, r, "/", http.StatusSeeOther)
return nil
}
func AccountRegister(w http.ResponseWriter, r *http.Request, user common.User) common.RouteError {
headerVars, ferr := common.UserCheck(w, r, &user)
if ferr != nil {
return ferr
}
if user.Loggedin {
return common.LocalError("You're already logged in.", w, r, user)
}
pi := common.Page{common.GetTitlePhrase("register"), user, headerVars, tList, nil}
Moved the counters to their own package. De-duped some of the logging code. Added per-route state to the not found errors. Exported debugDetail, debugDetailf, debugLog, and debugLogf. Tweaked the padding on Tempra Simple. Added panel submenus to Tempra Conflux. Added Chart CSS to Tempra Conflux. Fixed the padding and margins for the Control Panel in Cosora. Made Cosora's Control Panel a little more tablet friendly. Added the rowmsg CSS class to better style message rows. Removed the repetitive guard code for the pre-render hooks. Removed the repetitive guard code for the string-string hooks. We now capture views for routes.StaticFile Added the move action to the moderation logs. Added the viewchunks_forums table. Began work on Per-forum Views. I probably missed a few things in this changelog.
2018-02-19 04:26:01 +00:00
if common.RunPreRenderHook("pre_render_register", w, r, &user, &pi) {
return nil
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
}
Added support for phrases in templates. The language of the end-user is now tracked and presented in the Analytics Manager. Profile owners now get alerts when someone posts on their profiles. The login page is now transpiled, estimated to be sixty times faster. The registration page is now transpiled, estimated to be sixty times faster. The IP Search page is now transpiled, estimated to be sixty times faster. The error pages are now transpiled, estimated to be sixty times faster. The login page now uses phrases. The registration page now uses phrases. IP Search now uses phrases. Renamed the ip-search template to ip_search. Alerts are now held in an alertbox container div. Added ids for the main container divs for the account manager sections. Added an id to the main container for the topic list template. Added an id to the main container for the forum list template. Added an id to the main container for the forum template. Added an avatar box CSS class for the avatar box in the account manager's avatar page. Did a bit of renaming for a future refactor in the routes counter. Did a bit of renaming for a future refactor in the operating system counter. A notice is shown to the user now when their account is inactive. The account activation status is now fetched by the user store. We now track Slackbot. You can now prepend strings to the start of router.DumpRequest request dumps to avoid tearing these bits of contextual data away from the bodies. .action file extensions are now seen as suspicious by the router. Moved routeWebsockets to common.RouteWebsockets for now. Moved routeCreateReplySubmit to routes.CreateReplySubmit. Moved alert.go into common. Moved the WebSockets logic into common. Escape strings a little earlier in the analytics routes and use integers instead of strings where possible. We now show a success notification when you update a user via the User Manager. Split the configuration properties off from CTemplateSet into CTemplateConfig. Renamed some of the properties of CTemplateSet to make them easier to understand. Removed some obsolete properties from CTemplateSet. Did a bit of spring cleaning in the template transpiler to cut down on unneccessary lines and to reduce duplication. Fixed a double else bug in ranges over maps in the template transpiler. Split the minifiers off the main template transpilation file into their own file. Refactored some of the routes which rely on alerts to use shared functions rather than having unique implementations in the routes themselves. All Themes Except Cosora: Refactored the opt nodes to make it easier to roll out bulk moderation. Shadow: Improved the notice CSS. Tweaked the sticky border colour. Cosora: The theme JS file now uses strict mode. Notices are shunted under rowhead with JS now, although this change might be reverted soon. Added CSS for notices. Fixed the padding under the avatar box in the account manager avatar page. Schema: Added the viewchunks_langs table.
2018-03-08 03:59:47 +00:00
err := common.RunThemeTemplate(headerVars.Theme.Name, "register", pi, w)
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
if err != nil {
return common.InternalError(err, w, r)
}
return nil
}
func AccountRegisterSubmit(w http.ResponseWriter, r *http.Request, user common.User) common.RouteError {
headerLite, _ := common.SimpleUserCheck(w, r, &user)
username := html.EscapeString(strings.Replace(r.PostFormValue("username"), "\n", "", -1))
if username == "" {
return common.LocalError("You didn't put in a username.", w, r, user)
}
email := html.EscapeString(strings.Replace(r.PostFormValue("email"), "\n", "", -1))
if email == "" {
return common.LocalError("You didn't put in an email.", w, r, user)
}
password := r.PostFormValue("password")
switch password {
case "":
return common.LocalError("You didn't put in a password.", w, r, user)
case username:
return common.LocalError("You can't use your username as your password.", w, r, user)
case email:
return common.LocalError("You can't use your email as your password.", w, r, user)
}
// ? Move this into Create()? What if we want to programatically set weak passwords for tests?
err := common.WeakPassword(password)
if err != nil {
return common.LocalError(err.Error(), w, r, user)
}
confirmPassword := r.PostFormValue("confirm_password")
Moved the counters to their own package. De-duped some of the logging code. Added per-route state to the not found errors. Exported debugDetail, debugDetailf, debugLog, and debugLogf. Tweaked the padding on Tempra Simple. Added panel submenus to Tempra Conflux. Added Chart CSS to Tempra Conflux. Fixed the padding and margins for the Control Panel in Cosora. Made Cosora's Control Panel a little more tablet friendly. Added the rowmsg CSS class to better style message rows. Removed the repetitive guard code for the pre-render hooks. Removed the repetitive guard code for the string-string hooks. We now capture views for routes.StaticFile Added the move action to the moderation logs. Added the viewchunks_forums table. Began work on Per-forum Views. I probably missed a few things in this changelog.
2018-02-19 04:26:01 +00:00
common.DebugLog("Registration Attempt! Username: " + username) // TODO: Add more controls over what is logged when?
Replaced the user agent parser with a faster and more flexible one. More progress on poll posts. Improved the poll UI on the other themes. De-duplicated some avatar logic. Added Exec() to accInsertBuilder. Moved routeOverview to routes.Overview Moved routeCustomPage to routes.CustomPage Moved routeTopicID to routes.ViewTopic Moved routeLogin to routes.AccountLogin Moved routeRegister to routes.AccountRegister Moved routeLoginSubmit to routes.AccountLoginSubmit Moved routeRegisterSubmit to routes.AccountRegisterSubmit We now track the Android Chrome user agent. We now track the UCBrowser user agent. We now track the zgrab user agent. Fixed a few cases where Googlebot wasn't tracked properly. Moved routeStatic to routes.StaticFile
2018-02-03 05:47:14 +00:00
// Do the two inputted passwords match..?
if password != confirmPassword {
return common.LocalError("The two passwords don't match.", w, r, user)
}
var active bool
var group int
switch headerLite.Settings["activation_type"] {
case 1: // Activate All
active = true
group = common.Config.DefaultGroup
default: // Anything else. E.g. Admin Activation or Email Activation.
group = common.Config.ActivationGroup
}
uid, err := common.Users.Create(username, password, email, group, active)
if err == common.ErrAccountExists {
return common.LocalError("This username isn't available. Try another.", w, r, user)
} else if err != nil {
return common.InternalError(err, w, r)
}
// Check if this user actually owns this email, if email activation is on, automatically flip their account to active when the email is validated. Validation is also useful for determining whether this user should receive any alerts, etc. via email
if common.Site.EnableEmails {
token, err := common.GenerateSafeString(80)
if err != nil {
return common.InternalError(err, w, r)
}
// TODO: Add an EmailStore and move this there
acc := qgen.Builder.Accumulator()
_, err = acc.Insert("emails").Columns("email, uid, validated, token").Fields("?,?,?,?").Exec(email, uid, 0, token)
//_, err = stmts.addEmail.Exec(email, uid, 0, token)
if err != nil {
return common.InternalError(err, w, r)
}
if !common.SendValidationEmail(username, email, token) {
return common.LocalError("We were unable to send the email for you to confirm that this email address belongs to you. You may not have access to some functionality until you do so. Please ask an administrator for assistance.", w, r, user)
}
}
session, err := common.Auth.CreateSession(uid)
if err != nil {
return common.InternalError(err, w, r)
}
common.Auth.SetCookies(w, uid, session)
http.Redirect(w, r, "/", http.StatusSeeOther)
return nil
}
Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
func AccountEditCritical(w http.ResponseWriter, r *http.Request, user common.User) common.RouteError {
headerVars, ferr := common.UserCheck(w, r, &user)
if ferr != nil {
return ferr
}
pi := common.Page{"Edit Password", user, headerVars, tList, nil}
Moved the counters to their own package. De-duped some of the logging code. Added per-route state to the not found errors. Exported debugDetail, debugDetailf, debugLog, and debugLogf. Tweaked the padding on Tempra Simple. Added panel submenus to Tempra Conflux. Added Chart CSS to Tempra Conflux. Fixed the padding and margins for the Control Panel in Cosora. Made Cosora's Control Panel a little more tablet friendly. Added the rowmsg CSS class to better style message rows. Removed the repetitive guard code for the pre-render hooks. Removed the repetitive guard code for the string-string hooks. We now capture views for routes.StaticFile Added the move action to the moderation logs. Added the viewchunks_forums table. Began work on Per-forum Views. I probably missed a few things in this changelog.
2018-02-19 04:26:01 +00:00
if common.RunPreRenderHook("pre_render_account_own_edit_critical", w, r, &user, &pi) {
return nil
Cosora shouldn't warp on large screens now. Control Panel looks a little off over a thousand now, this is going to be fixed in the following commit. Added the poll column to the replies table. Renamed *Reply.SetBody() to *Reply.SetPost() Moved routeAccountEditCritical into /routes/account.go
2018-01-23 10:48:44 +00:00
}
err := common.Templates.ExecuteTemplate(w, "account_own_edit.html", pi)
if err != nil {
return common.InternalError(err, w, r)
}
return nil
}