aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjan <jan@ruken.pw>2016-02-20 21:03:08 (UTC)
committerjan <jan@ruken.pw>2016-02-20 21:03:08 (UTC)
commitde7c862a42f50307f40266127415a73c90ca73e4 (patch)
treecdd621009a849d2897cde0c2b9ef164f5daffec3
parent55e2659cf78b948c723679b345e3b6697fa07d56 (diff)
user settings speichern
-rw-r--r--charakterin.go72
1 files changed, 72 insertions, 0 deletions
diff --git a/charakterin.go b/charakterin.go
index 67ee40d..ff3d5c6 100644
--- a/charakterin.go
+++ b/charakterin.go
@@ -208,6 +208,78 @@ func (c *Charakterin) DisplayRegistrationWithData(w http.ResponseWriter, r *http
208 c.renderer.RenderRegistrationPage(w, data) 208 c.renderer.RenderRegistrationPage(w, data)
209} 209}
210 210
211// SaveUser handlet die neuen Benutzerdaten und speichert sie
212func (c *Charakterin) SaveUserRoute(w http.ResponseWriter, r *http.Request) {
213 user, err := c.GetUserFromRequest(r)
214 if err != nil {
215 http.Error(w, "403", http.StatusForbidden)
216 return
217 }
218
219 values, err := readBody(r)
220 if err != nil {
221 http.Error(w, "400", http.StatusBadRequest)
222 return
223 }
224
225 displayName := values.Get("display_name")
226 curPass := values.Get("current_password")
227 newPass := values.Get("new_password")
228
229 if len(curPass) > 0 && len(newPass) > 0 {
230 var success bool
231 err = c.Database.QueryRow("SELECT login.compare_passwords($1, $2)", user.Password, curPass).Scan(&success)
232 if err != nil {
233 http.Error(w, "500", http.StatusInternalServerError)
234 log.Println(err)
235 return
236 }
237
238 if !success {
239 http.Error(w, "Ungueltiges Passwort.", 400)
240 return
241 }
242
243 res, err := c.Database.Exec("UPDATE login.users SET password = login.hash_password($1) WHERE id = $2", newPass, user.ID)
244 if err != nil {
245 http.Error(w, "500", http.StatusInternalServerError)
246 log.Println(err)
247 return
248 }
249
250 if n, _ := res.RowsAffected(); n == 0 {
251 log.Println("could not change password, no rows affected")
252 }
253 }
254
255 curDsp, err := user.DisplayName.Value()
256 if len(displayName) > 0 || err == nil {
257 var res sql.Result
258 if err == nil && displayName == curDsp {
259 http.Error(w, "name unchanged", 400)
260 return
261 }
262
263 if len(displayName) == 0 || displayName == user.Name {
264 res, err = c.Database.Exec("UPDATE login.users SET display_name = NULL WHERE id = $1", user.ID)
265 } else {
266 res, err = c.Database.Exec("UPDATE login.users SET display_name = $1 WHERE id = $2", displayName, user.ID)
267 }
268 if err != nil {
269 http.Error(w, "500", http.StatusInternalServerError)
270 log.Println(err)
271 return
272 }
273
274 if n, _ := res.RowsAffected(); n == 0 {
275 log.Println("could not change display name, no rows affected")
276 }
277 }
278
279 w.WriteHeader(200)
280 w.Write([]byte("1"))
281}
282
211// DisplayRegistration zeigt die Route für die Registration an, wenn der User nicht bereits eingeloggt ist. 283// DisplayRegistration zeigt die Route für die Registration an, wenn der User nicht bereits eingeloggt ist.
212func (c *Charakterin) DisplayRegistration(w http.ResponseWriter, r *http.Request) { 284func (c *Charakterin) DisplayRegistration(w http.ResponseWriter, r *http.Request) {
213 c.DisplayRegistrationWithData(w, r, make(map[string]interface{})) 285 c.DisplayRegistrationWithData(w, r, make(map[string]interface{}))