Add account settings page to change passwords
This commit is contained in:
parent
00925bb267
commit
419ae157cc
|
@ -82,8 +82,7 @@ func New(documentRoot, userRoot string) *Blog {
|
|||
// Initialize the router.
|
||||
r := mux.NewRouter()
|
||||
r.HandleFunc("/initial-setup", blog.SetupHandler)
|
||||
r.HandleFunc("/login", blog.LoginHandler)
|
||||
r.HandleFunc("/logout", blog.LogoutHandler)
|
||||
blog.AuthRoutes(r)
|
||||
blog.AdminRoutes(r)
|
||||
blog.ContactRoutes(r)
|
||||
blog.BlogRoutes(r)
|
||||
|
|
89
core/auth.go
89
core/auth.go
|
@ -4,10 +4,18 @@ import (
|
|||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/kirsle/blog/core/forms"
|
||||
"github.com/kirsle/blog/core/models/users"
|
||||
)
|
||||
|
||||
// AuthRoutes attaches the auth routes to the app.
|
||||
func (b *Blog) AuthRoutes(r *mux.Router) {
|
||||
r.HandleFunc("/login", b.LoginHandler)
|
||||
r.HandleFunc("/logout", b.LogoutHandler)
|
||||
r.HandleFunc("/account", b.AccountHandler)
|
||||
}
|
||||
|
||||
// Login logs the browser in as the given user.
|
||||
func (b *Blog) Login(w http.ResponseWriter, r *http.Request, u *users.User) error {
|
||||
session, err := b.store.Get(r, "session") // TODO session name
|
||||
|
@ -75,3 +83,84 @@ func (b *Blog) LogoutHandler(w http.ResponseWriter, r *http.Request) {
|
|||
session.Save(r, w)
|
||||
b.Redirect(w, "/")
|
||||
}
|
||||
|
||||
// AccountHandler shows the account settings page.
|
||||
func (b *Blog) AccountHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if !b.LoggedIn(r) {
|
||||
b.FlashAndRedirect(w, r, "/login?next=/account", "You must be logged in to do that!")
|
||||
return
|
||||
}
|
||||
currentUser, err := b.CurrentUser(r)
|
||||
if err != nil {
|
||||
b.FlashAndRedirect(w, r, "/login?next=/account", "You must be logged in to do that!!")
|
||||
return
|
||||
}
|
||||
|
||||
// Load an editable copy of the user.
|
||||
user, err := users.Load(currentUser.ID)
|
||||
if err != nil {
|
||||
b.FlashAndRedirect(w, r, "/login?next=/account", "User ID %d not loadable?", currentUser.ID)
|
||||
return
|
||||
}
|
||||
|
||||
v := NewVars()
|
||||
form := &forms.Account{
|
||||
Username: user.Username,
|
||||
Email: user.Email,
|
||||
Name: user.Name,
|
||||
}
|
||||
v.Form = form
|
||||
|
||||
if r.Method == http.MethodPost {
|
||||
form.Username = users.Normalize(r.FormValue("username"))
|
||||
form.Email = r.FormValue("email")
|
||||
form.Name = r.FormValue("name")
|
||||
form.OldPassword = r.FormValue("oldpassword")
|
||||
form.NewPassword = r.FormValue("newpassword")
|
||||
form.NewPassword2 = r.FormValue("newpassword2")
|
||||
if err = form.Validate(); err != nil {
|
||||
b.Flash(w, r, err.Error())
|
||||
} else {
|
||||
var ok = true
|
||||
|
||||
// Validate the username is available.
|
||||
if form.Username != user.Username {
|
||||
if _, err = users.LoadUsername(form.Username); err == nil {
|
||||
b.Flash(w, r, "That username already exists.")
|
||||
ok = false
|
||||
}
|
||||
}
|
||||
|
||||
// Changing their password?
|
||||
if len(form.OldPassword) > 0 {
|
||||
// Validate their old password.
|
||||
if _, err = users.CheckAuth(form.Username, form.OldPassword); err != nil {
|
||||
b.Flash(w, r, "Your old password is incorrect.")
|
||||
ok = false
|
||||
} else {
|
||||
err = user.SetPassword(form.NewPassword)
|
||||
if err != nil {
|
||||
b.Flash(w, r, "Change password error: %s", err)
|
||||
ok = false
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Still good?
|
||||
if ok {
|
||||
user.Username = form.Username
|
||||
user.Name = form.Name
|
||||
user.Email = form.Email
|
||||
err = user.Save()
|
||||
if err != nil {
|
||||
b.Flash(w, r, "Error saving user: %s", err)
|
||||
} else {
|
||||
b.FlashAndRedirect(w, r, "/account", "Settings saved!")
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
b.RenderTemplate(w, r, "account", v)
|
||||
}
|
||||
|
|
|
@ -19,3 +19,29 @@ func (f Login) Validate() error {
|
|||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Account is for updating account settings.
|
||||
type Account struct {
|
||||
Username string
|
||||
OldPassword string
|
||||
NewPassword string
|
||||
NewPassword2 string
|
||||
Email string
|
||||
Name string
|
||||
}
|
||||
|
||||
// Validate the account form.
|
||||
func (f Account) Validate() error {
|
||||
if len(f.Username) == 0 {
|
||||
return errors.New("username is required")
|
||||
}
|
||||
if len(f.OldPassword) > 0 && len(f.NewPassword) > 0 {
|
||||
if f.NewPassword != f.NewPassword2 {
|
||||
return errors.New("your passwords don't match")
|
||||
}
|
||||
}
|
||||
if len(f.Name) == 0 {
|
||||
f.Name = f.Username
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -101,7 +101,7 @@
|
|||
<h4 class="cart-title">Control Center</h4>
|
||||
|
||||
<p>
|
||||
Logged in as: {{ .CurrentUser.Username }}
|
||||
Logged in as: <a href="/account">{{ .CurrentUser.Username }}</a>
|
||||
</p>
|
||||
|
||||
<ul class="list-unstyled">
|
||||
|
|
75
root/account.gohtml
Normal file
75
root/account.gohtml
Normal file
|
@ -0,0 +1,75 @@
|
|||
{{ define "title" }}Account Settings{{ end }}
|
||||
{{ define "content" }}
|
||||
<h1>Account Settings</h1>
|
||||
|
||||
<form action="/account" method="POST">
|
||||
<input type="hidden" name="_csrf" value="{{ .CSRF }}">
|
||||
|
||||
<h3>The Basics</h3>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="username">Username</label>
|
||||
<small class="text-muted">You log in using this name.</small>
|
||||
<input type="text"
|
||||
class="form-control"
|
||||
name="username"
|
||||
id="username"
|
||||
value="{{ .Form.Username }}"
|
||||
placeholder="soandso">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="name">Name</label>
|
||||
<input type="text"
|
||||
class="form-control"
|
||||
name="name"
|
||||
id="name"
|
||||
value="{{ .Form.Name }}"
|
||||
placeholder="{{ or .Form.Username "Anonymous" }}">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="email">Email</label>
|
||||
<input type="text"
|
||||
class="form-control"
|
||||
name="email"
|
||||
id="email"
|
||||
value="{{ .Form.Email }}"
|
||||
placeholder="name@domain.com">
|
||||
</div>
|
||||
|
||||
<h3>Change Password</h3>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="oldpassword">Current Password</label>
|
||||
<input type="password"
|
||||
class="form-control"
|
||||
name="oldpassword"
|
||||
id="oldpassword"
|
||||
placeholder="Current Password">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="newpassword">New Password</label>
|
||||
<input type="password"
|
||||
class="form-control"
|
||||
name="newpassword"
|
||||
id="newpassword"
|
||||
placeholder="New Password">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label for="newpassword2">Confirm</label>
|
||||
<input type="password"
|
||||
class="form-control"
|
||||
name="newpassword2"
|
||||
id="newpassword2"
|
||||
placeholder="Confirm">
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<button type="submit" class="btn btn-primary">Save Settings</button>
|
||||
<a href="/" class="btn btn-secondary">Cancel</a>
|
||||
</div>
|
||||
</form>
|
||||
{{ end }}
|
Loading…
Reference in New Issue
Block a user