writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
564 Commits
45 Branches
234 MiB
 
 
 
 
 
Tree: 9873fc443f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9873fc443f'
${ noResults }
writefreely/unregisteredusers.go

148 lines
4.1 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2018-2019 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"encoding/json"

  16. 	"github.com/writeas/impart"

  17. 	"github.com/writeas/web-core/log"

  18. 	"net/http"

  19. )

  20. 

  21. func handleWebSignup(app *App, w http.ResponseWriter, r *http.Request) error {

  22. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  23. 

  24. 	// Get params

  25. 	var ur userRegistration

  26. 	if reqJSON {

  27. 		decoder := json.NewDecoder(r.Body)

  28. 		err := decoder.Decode(&ur)

  29. 		if err != nil {

  30. 			log.Error("Couldn't parse signup JSON request: %v\n", err)

  31. 			return ErrBadJSON

  32. 		}

  33. 	} else {

  34. 		err := r.ParseForm()

  35. 		if err != nil {

  36. 			log.Error("Couldn't parse signup form request: %v\n", err)

  37. 			return ErrBadFormData

  38. 		}

  39. 

  40. 		err = app.formDecoder.Decode(&ur, r.PostForm)

  41. 		if err != nil {

  42. 			log.Error("Couldn't decode signup form request: %v\n", err)

  43. 			return ErrBadFormData

  44. 		}

  45. 	}

  46. 	ur.Web = true

  47. 	ur.Normalize = true

  48. 

  49. 	to := "/"

  50. 	if app.cfg.App.SimpleNav {

  51. 		to = "/new"

  52. 	}

  53. 	if ur.InviteCode != "" {

  54. 		to = "/invite/" + ur.InviteCode

  55. 	}

  56. 	_, err := signupWithRegistration(app, ur, w, r)

  57. 	if err != nil {

  58. 		if err, ok := err.(impart.HTTPError); ok {

  59. 			session, _ := app.sessionStore.Get(r, cookieName)

  60. 			if session != nil {

  61. 				session.AddFlash(err.Message)

  62. 				session.Save(r, w)

  63. 				return impart.HTTPError{http.StatusFound, to}

  64. 			}

  65. 		}

  66. 		return err

  67. 	}

  68. 	return impart.HTTPError{http.StatusFound, to}

  69. }

  70. 

  71. // { "username": "asdf" }

  72. // result: { code: 204 }

  73. func handleUsernameCheck(app *App, w http.ResponseWriter, r *http.Request) error {

  74. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  75. 

  76. 	// Get params

  77. 	var d struct {

  78. 		Username string `json:"username"`

  79. 	}

  80. 	if reqJSON {

  81. 		decoder := json.NewDecoder(r.Body)

  82. 		err := decoder.Decode(&d)

  83. 		if err != nil {

  84. 			log.Error("Couldn't decode username check: %v\n", err)

  85. 			return ErrBadFormData

  86. 		}

  87. 	} else {

  88. 		return impart.HTTPError{http.StatusNotAcceptable, "Must be JSON request"}

  89. 	}

  90. 

  91. 	// Check if username is okay

  92. 	finalUsername := getSlug(d.Username, "")

  93. 	if finalUsername == "" {

  94. 		errMsg := "Invalid username"

  95. 		if d.Username != "" {

  96. 			// Username was provided, but didn't convert into valid latin characters

  97. 			errMsg += " - must have at least 2 letters or numbers"

  98. 		}

  99. 		return impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  100. 	}

  101. 	if app.db.PostIDExists(finalUsername) {

  102. 		return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  103. 	}

  104. 	var un string

  105. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  106. 	switch {

  107. 	case err == sql.ErrNoRows:

  108. 		return impart.WriteSuccess(w, finalUsername, http.StatusOK)

  109. 	case err != nil:

  110. 		log.Error("Couldn't SELECT username: %v", err)

  111. 		return impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  112. 	}

  113. 

  114. 	// Username was found, so it's taken

  115. 	return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  116. }

  117. 

  118. func getValidUsername(app *App, reqName, prevName string) (string, *impart.HTTPError) {

  119. 	// Check if username is okay

  120. 	finalUsername := getSlug(reqName, "")

  121. 	if finalUsername == "" {

  122. 		errMsg := "Invalid username"

  123. 		if reqName != "" {

  124. 			// Username was provided, but didn't convert into valid latin characters

  125. 			errMsg += " - must have at least 2 letters or numbers"

  126. 		}

  127. 		return "", &impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  128. 	}

  129. 	if finalUsername == prevName {

  130. 		return "", &impart.HTTPError{http.StatusNotModified, "Username unchanged."}

  131. 	}

  132. 	if app.db.PostIDExists(finalUsername) {

  133. 		return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  134. 	}

  135. 	var un string

  136. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  137. 	switch {

  138. 	case err == sql.ErrNoRows:

  139. 		return finalUsername, nil

  140. 	case err != nil:

  141. 		log.Error("Couldn't SELECT username: %v", err)

  142. 		return "", &impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  143. 	}

  144. 

  145. 	// Username was found, so it's taken

  146. 	return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  147. }