user settings speichern

author: jan <jan@ruken.pw> 2016-02-20 21:03:08 (UTC)
committer: jan <jan@ruken.pw> 2016-02-20 21:03:08 (UTC)
commit: de7c862a42f50307f40266127415a73c90ca73e4 (patch)
tree: cdd621009a849d2897cde0c2b9ef164f5daffec3
parent: 55e2659cf78b948c723679b345e3b6697fa07d56 (diff)
1 files changed, 72 insertions, 0 deletions
diff --git a/charakterin.go b/charakterin.go
index 67ee40d..ff3d5c6 100644
--- a/charakterin.go
+++ b/charakterin.go
@@ -208,6 +208,78 @@ func (c *Charakterin) DisplayRegistrationWithData(w http.ResponseWriter, r *http
        c.renderer.RenderRegistrationPage(w, data)
 }
+// SaveUser handlet die neuen Benutzerdaten und speichert sie
+func (c *Charakterin) SaveUserRoute(w http.ResponseWriter, r *http.Request) {
+        user, err := c.GetUserFromRequest(r)
+        if err != nil {
+                http.Error(w, "403", http.StatusForbidden)
+                return
+        }
+        values, err := readBody(r)
+        if err != nil {
+                http.Error(w, "400", http.StatusBadRequest)
+                return
+        }
+        displayName := values.Get("display_name")
+        curPass := values.Get("current_password")
+        newPass := values.Get("new_password")
+        if len(curPass) > 0 && len(newPass) > 0 {
+                var success bool
+                err = c.Database.QueryRow("SELECT login.compare_passwords($1, $2)", user.Password, curPass).Scan(&success)
+                if err != nil {
+                        http.Error(w, "500", http.StatusInternalServerError)
+                        log.Println(err)
+                        return
+                }
+                if !success {
+                        http.Error(w, "Ungueltiges Passwort.", 400)
+                        return
+                }
+                res, err := c.Database.Exec("UPDATE login.users SET password = login.hash_password($1) WHERE id = $2", newPass, user.ID)
+                if err != nil {
+                        http.Error(w, "500", http.StatusInternalServerError)
+                        log.Println(err)
+                        return
+                }
+                if n, _ := res.RowsAffected(); n == 0 {
+                        log.Println("could not change password, no rows affected")
+                }
+        }
+        curDsp, err := user.DisplayName.Value()
+        if len(displayName) > 0 || err == nil {
+                var res sql.Result
+                if err == nil && displayName == curDsp {
+                        http.Error(w, "name unchanged", 400)
+                        return
+                }
+                if len(displayName) == 0 || displayName == user.Name {
+                        res, err = c.Database.Exec("UPDATE login.users SET display_name = NULL WHERE id = $1", user.ID)
+                } else {
+                        res, err = c.Database.Exec("UPDATE login.users SET display_name = $1 WHERE id = $2", displayName, user.ID)
+                }
+                if err != nil {
+                        http.Error(w, "500", http.StatusInternalServerError)
+                        log.Println(err)
+                        return
+                }
+                if n, _ := res.RowsAffected(); n == 0 {
+                        log.Println("could not change display name, no rows affected")
+                }
+        }
+        w.WriteHeader(200)
+        w.Write([]byte("1"))
+}
 // DisplayRegistration zeigt die Route für die Registration an, wenn der User nicht bereits eingeloggt ist.
 func (c *Charakterin) DisplayRegistration(w http.ResponseWriter, r *http.Request) {
        c.DisplayRegistrationWithData(w, r, make(map[string]interface{}))
author	jan <jan@ruken.pw>	2016-02-20 21:03:08 (UTC)
committer	jan <jan@ruken.pw>	2016-02-20 21:03:08 (UTC)
commit	de7c862a42f50307f40266127415a73c90ca73e4 (patch)
tree	cdd621009a849d2897cde0c2b9ef164f5daffec3
parent	55e2659cf78b948c723679b345e3b6697fa07d56 (diff)

diff --git a/charakterin.go b/charakterin.go index 67ee40d..ff3d5c6 100644 --- a/charakterin.go +++ b/charakterin.go
@@ -208,6 +208,78 @@ func (c Charakterin) DisplayRegistrationWithData(w http.ResponseWriter, r http
208	c.renderer.RenderRegistrationPage(w, data)	208	c.renderer.RenderRegistrationPage(w, data)
209	}	209	}
210		210
		211	// SaveUser handlet die neuen Benutzerdaten und speichert sie
		212	func (c Charakterin) SaveUserRoute(w http.ResponseWriter, r http.Request) {
		213	user, err := c.GetUserFromRequest(r)
		214	if err != nil {
		215	http.Error(w, "403", http.StatusForbidden)
		216	return
		217	}
		218
		219	values, err := readBody(r)
		220	if err != nil {
		221	http.Error(w, "400", http.StatusBadRequest)
		222	return
		223	}
		224
		225	displayName := values.Get("display_name")
		226	curPass := values.Get("current_password")
		227	newPass := values.Get("new_password")
		228
		229	if len(curPass) > 0 && len(newPass) > 0 {
		230	var success bool
		231	err = c.Database.QueryRow("SELECT login.compare_passwords($1, $2)", user.Password, curPass).Scan(&success)
		232	if err != nil {
		233	http.Error(w, "500", http.StatusInternalServerError)
		234	log.Println(err)
		235	return
		236	}
		237
		238	if !success {
		239	http.Error(w, "Ungueltiges Passwort.", 400)
		240	return
		241	}
		242
		243	res, err := c.Database.Exec("UPDATE login.users SET password = login.hash_password($1) WHERE id = $2", newPass, user.ID)
		244	if err != nil {
		245	http.Error(w, "500", http.StatusInternalServerError)
		246	log.Println(err)
		247	return
		248	}
		249
		250	if n, _ := res.RowsAffected(); n == 0 {
		251	log.Println("could not change password, no rows affected")
		252	}
		253	}
		254
		255	curDsp, err := user.DisplayName.Value()
		256	if len(displayName) > 0 \|\| err == nil {
		257	var res sql.Result
		258	if err == nil && displayName == curDsp {
		259	http.Error(w, "name unchanged", 400)
		260	return
		261	}
		262
		263	if len(displayName) == 0 \|\| displayName == user.Name {
		264	res, err = c.Database.Exec("UPDATE login.users SET display_name = NULL WHERE id = $1", user.ID)
		265	} else {
		266	res, err = c.Database.Exec("UPDATE login.users SET display_name = $1 WHERE id = $2", displayName, user.ID)
		267	}
		268	if err != nil {
		269	http.Error(w, "500", http.StatusInternalServerError)
		270	log.Println(err)
		271	return
		272	}
		273
		274	if n, _ := res.RowsAffected(); n == 0 {
		275	log.Println("could not change display name, no rows affected")
		276	}
		277	}
		278
		279	w.WriteHeader(200)
		280	w.Write([]byte("1"))
		281	}
		282
211	// DisplayRegistration zeigt die Route für die Registration an, wenn der User nicht bereits eingeloggt ist.	283	// DisplayRegistration zeigt die Route für die Registration an, wenn der User nicht bereits eingeloggt ist.
212	func (c Charakterin) DisplayRegistration(w http.ResponseWriter, r http.Request) {	284	func (c Charakterin) DisplayRegistration(w http.ResponseWriter, r http.Request) {
213	c.DisplayRegistrationWithData(w, r, make(map[string]interface{}))	285	c.DisplayRegistrationWithData(w, r, make(map[string]interface{}))