writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
229 Commits
45 Branches
208 MiB
 
 
 
 
 
Tree: 3ae45bc156
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3ae45bc156'
${ noResults }
writefreely/unregisteredusers.go

141 lines
4.0 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2018 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"encoding/json"

  16. 	"github.com/writeas/impart"

  17. 	"github.com/writeas/web-core/log"

  18. 	"net/http"

  19. )

  20. 

  21. func handleWebSignup(app *app, w http.ResponseWriter, r *http.Request) error {

  22. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  23. 

  24. 	// Get params

  25. 	var ur userRegistration

  26. 	if reqJSON {

  27. 		decoder := json.NewDecoder(r.Body)

  28. 		err := decoder.Decode(&ur)

  29. 		if err != nil {

  30. 			log.Error("Couldn't parse signup JSON request: %v\n", err)

  31. 			return ErrBadJSON

  32. 		}

  33. 	} else {

  34. 		err := r.ParseForm()

  35. 		if err != nil {

  36. 			log.Error("Couldn't parse signup form request: %v\n", err)

  37. 			return ErrBadFormData

  38. 		}

  39. 

  40. 		err = app.formDecoder.Decode(&ur, r.PostForm)

  41. 		if err != nil {

  42. 			log.Error("Couldn't decode signup form request: %v\n", err)

  43. 			return ErrBadFormData

  44. 		}

  45. 	}

  46. 	ur.Web = true

  47. 	ur.Normalize = true

  48. 

  49. 	_, err := signupWithRegistration(app, ur, w, r)

  50. 	if err != nil {

  51. 		if err, ok := err.(impart.HTTPError); ok {

  52. 			session, _ := app.sessionStore.Get(r, cookieName)

  53. 			if session != nil {

  54. 				session.AddFlash(err.Message)

  55. 				session.Save(r, w)

  56. 				return impart.HTTPError{http.StatusFound, "/"}

  57. 			}

  58. 		}

  59. 		return err

  60. 	}

  61. 	return impart.HTTPError{http.StatusFound, "/"}

  62. }

  63. 

  64. // { "username": "asdf" }

  65. // result: { code: 204 }

  66. func handleUsernameCheck(app *app, w http.ResponseWriter, r *http.Request) error {

  67. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  68. 

  69. 	// Get params

  70. 	var d struct {

  71. 		Username string `json:"username"`

  72. 	}

  73. 	if reqJSON {

  74. 		decoder := json.NewDecoder(r.Body)

  75. 		err := decoder.Decode(&d)

  76. 		if err != nil {

  77. 			log.Error("Couldn't decode username check: %v\n", err)

  78. 			return ErrBadFormData

  79. 		}

  80. 	} else {

  81. 		return impart.HTTPError{http.StatusNotAcceptable, "Must be JSON request"}

  82. 	}

  83. 

  84. 	// Check if username is okay

  85. 	finalUsername := getSlug(d.Username, "")

  86. 	if finalUsername == "" {

  87. 		errMsg := "Invalid username"

  88. 		if d.Username != "" {

  89. 			// Username was provided, but didn't convert into valid latin characters

  90. 			errMsg += " - must have at least 2 letters or numbers"

  91. 		}

  92. 		return impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  93. 	}

  94. 	if app.db.PostIDExists(finalUsername) {

  95. 		return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  96. 	}

  97. 	var un string

  98. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  99. 	switch {

  100. 	case err == sql.ErrNoRows:

  101. 		return impart.WriteSuccess(w, finalUsername, http.StatusOK)

  102. 	case err != nil:

  103. 		log.Error("Couldn't SELECT username: %v", err)

  104. 		return impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  105. 	}

  106. 

  107. 	// Username was found, so it's taken

  108. 	return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  109. }

  110. 

  111. func getValidUsername(app *app, reqName, prevName string) (string, *impart.HTTPError) {

  112. 	// Check if username is okay

  113. 	finalUsername := getSlug(reqName, "")

  114. 	if finalUsername == "" {

  115. 		errMsg := "Invalid username"

  116. 		if reqName != "" {

  117. 			// Username was provided, but didn't convert into valid latin characters

  118. 			errMsg += " - must have at least 2 letters or numbers"

  119. 		}

  120. 		return "", &impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  121. 	}

  122. 	if finalUsername == prevName {

  123. 		return "", &impart.HTTPError{http.StatusNotModified, "Username unchanged."}

  124. 	}

  125. 	if app.db.PostIDExists(finalUsername) {

  126. 		return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  127. 	}

  128. 	var un string

  129. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  130. 	switch {

  131. 	case err == sql.ErrNoRows:

  132. 		return finalUsername, nil

  133. 	case err != nil:

  134. 		log.Error("Couldn't SELECT username: %v", err)

  135. 		return "", &impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  136. 	}

  137. 

  138. 	// Username was found, so it's taken

  139. 	return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  140. }