mirror of
https://github.com/osmarks/mycorrhiza.git
synced 2025-03-10 13:38:20 +00:00
41733c50bd
Didn't have the chance to migrate //all// templates just yet. We'll get there. * Implement yet another template system * Move orphans to the new system and fix a bug in it * Link orphans in the admin panel * Move the backlink handlers to the web package * Move auth routing to web * Move /user-list to the new system * Move change password and translate it * Move stuff * Move admin-related stuff to the web * Move a lot of files into internal dir Outside of it are web and stuff that needs further refactoring * Fix static not loading and de-qtpl tree * Move tree to internal * Keep the globe on the same line #230 * Revert "Keep the globe on the same line #230" This reverts commit ae78e5e459b1e980ba89bf29e61f75c0625ed2c7. * Migrate templates from hypview: delete, edit, start empty and existing WIP The delete media view was removed, I didn't even know it still existed as a GET. A rudiment. * Make views multi-file and break compilation * Megarefactoring of hypha views * Auth-related stuffs * Fix some of those weird imports * Migrate cat views * Fix cat js * Lower standards * Internalize trauma
68 lines
1.6 KiB
Go
68 lines
1.6 KiB
Go
package web
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/bouncepaw/mycorrhiza/internal/user"
|
|
"github.com/bouncepaw/mycorrhiza/util"
|
|
"github.com/bouncepaw/mycorrhiza/web/viewutil"
|
|
"mime"
|
|
"net/http"
|
|
"reflect"
|
|
)
|
|
|
|
func handlerUserChangePassword(w http.ResponseWriter, rq *http.Request) {
|
|
u := user.FromRequest(rq)
|
|
// TODO: is there a better way?
|
|
if reflect.DeepEqual(u, user.EmptyUser()) || u == nil {
|
|
util.HTTP404Page(w, "404 page not found")
|
|
return
|
|
}
|
|
|
|
f := util.FormDataFromRequest(rq, []string{"current_password", "password", "password_confirm"})
|
|
currentPassword := f.Get("current_password")
|
|
|
|
if user.CredentialsOK(u.Name, currentPassword) {
|
|
password := f.Get("password")
|
|
passwordConfirm := f.Get("password_confirm")
|
|
// server side validation
|
|
if password == "" {
|
|
err := fmt.Errorf("passwords should not be empty")
|
|
f = f.WithError(err)
|
|
}
|
|
if password == passwordConfirm {
|
|
previousPassword := u.Password // for rollback
|
|
if err := u.ChangePassword(password); err != nil {
|
|
f = f.WithError(err)
|
|
} else {
|
|
if err := user.SaveUserDatabase(); err != nil {
|
|
u.Password = previousPassword
|
|
f = f.WithError(err)
|
|
} else {
|
|
http.Redirect(w, rq, "/", http.StatusSeeOther)
|
|
return
|
|
}
|
|
}
|
|
} else {
|
|
err := fmt.Errorf("passwords do not match")
|
|
f = f.WithError(err)
|
|
}
|
|
} else {
|
|
// TODO: handle first attempt different
|
|
err := fmt.Errorf("incorrect password")
|
|
f = f.WithError(err)
|
|
}
|
|
|
|
if f.HasError() {
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
}
|
|
w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
|
|
|
|
_ = pageChangePassword.RenderTo(
|
|
viewutil.MetaFrom(w, rq),
|
|
map[string]any{
|
|
"Form": f,
|
|
"U": u,
|
|
},
|
|
)
|
|
}
|