writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
350 Commits
45 Branches
270 MiB
 
 
 
 
 
Tree: d8937e89a8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd8937e89a8'
${ noResults }
writefreely/unregisteredusers.go

145 lines
4.1 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2018-2019 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"encoding/json"

  16. 	"github.com/writeas/impart"

  17. 	"github.com/writeas/web-core/log"

  18. 	"net/http"

  19. )

  20. 

  21. func handleWebSignup(app *App, w http.ResponseWriter, r *http.Request) error {

  22. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  23. 

  24. 	// Get params

  25. 	var ur userRegistration

  26. 	if reqJSON {

  27. 		decoder := json.NewDecoder(r.Body)

  28. 		err := decoder.Decode(&ur)

  29. 		if err != nil {

  30. 			log.Error("Couldn't parse signup JSON request: %v\n", err)

  31. 			return ErrBadJSON

  32. 		}

  33. 	} else {

  34. 		err := r.ParseForm()

  35. 		if err != nil {

  36. 			log.Error("Couldn't parse signup form request: %v\n", err)

  37. 			return ErrBadFormData

  38. 		}

  39. 

  40. 		err = app.formDecoder.Decode(&ur, r.PostForm)

  41. 		if err != nil {

  42. 			log.Error("Couldn't decode signup form request: %v\n", err)

  43. 			return ErrBadFormData

  44. 		}

  45. 	}

  46. 	ur.Web = true

  47. 	ur.Normalize = true

  48. 

  49. 	to := "/"

  50. 	if ur.InviteCode != "" {

  51. 		to = "/invite/" + ur.InviteCode

  52. 	}

  53. 	_, err := signupWithRegistration(app, ur, w, r)

  54. 	if err != nil {

  55. 		if err, ok := err.(impart.HTTPError); ok {

  56. 			session, _ := app.sessionStore.Get(r, cookieName)

  57. 			if session != nil {

  58. 				session.AddFlash(err.Message)

  59. 				session.Save(r, w)

  60. 				return impart.HTTPError{http.StatusFound, to}

  61. 			}

  62. 		}

  63. 		return err

  64. 	}

  65. 	return impart.HTTPError{http.StatusFound, to}

  66. }

  67. 

  68. // { "username": "asdf" }

  69. // result: { code: 204 }

  70. func handleUsernameCheck(app *App, w http.ResponseWriter, r *http.Request) error {

  71. 	reqJSON := IsJSON(r.Header.Get("Content-Type"))

  72. 

  73. 	// Get params

  74. 	var d struct {

  75. 		Username string `json:"username"`

  76. 	}

  77. 	if reqJSON {

  78. 		decoder := json.NewDecoder(r.Body)

  79. 		err := decoder.Decode(&d)

  80. 		if err != nil {

  81. 			log.Error("Couldn't decode username check: %v\n", err)

  82. 			return ErrBadFormData

  83. 		}

  84. 	} else {

  85. 		return impart.HTTPError{http.StatusNotAcceptable, "Must be JSON request"}

  86. 	}

  87. 

  88. 	// Check if username is okay

  89. 	finalUsername := getSlug(d.Username, "")

  90. 	if finalUsername == "" {

  91. 		errMsg := "Invalid username"

  92. 		if d.Username != "" {

  93. 			// Username was provided, but didn't convert into valid latin characters

  94. 			errMsg += " - must have at least 2 letters or numbers"

  95. 		}

  96. 		return impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  97. 	}

  98. 	if app.db.PostIDExists(finalUsername) {

  99. 		return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  100. 	}

  101. 	var un string

  102. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  103. 	switch {

  104. 	case err == sql.ErrNoRows:

  105. 		return impart.WriteSuccess(w, finalUsername, http.StatusOK)

  106. 	case err != nil:

  107. 		log.Error("Couldn't SELECT username: %v", err)

  108. 		return impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  109. 	}

  110. 

  111. 	// Username was found, so it's taken

  112. 	return impart.HTTPError{http.StatusConflict, "Username is already taken."}

  113. }

  114. 

  115. func getValidUsername(app *App, reqName, prevName string) (string, *impart.HTTPError) {

  116. 	// Check if username is okay

  117. 	finalUsername := getSlug(reqName, "")

  118. 	if finalUsername == "" {

  119. 		errMsg := "Invalid username"

  120. 		if reqName != "" {

  121. 			// Username was provided, but didn't convert into valid latin characters

  122. 			errMsg += " - must have at least 2 letters or numbers"

  123. 		}

  124. 		return "", &impart.HTTPError{http.StatusBadRequest, errMsg + "."}

  125. 	}

  126. 	if finalUsername == prevName {

  127. 		return "", &impart.HTTPError{http.StatusNotModified, "Username unchanged."}

  128. 	}

  129. 	if app.db.PostIDExists(finalUsername) {

  130. 		return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  131. 	}

  132. 	var un string

  133. 	err := app.db.QueryRow("SELECT username FROM users WHERE username = ?", finalUsername).Scan(&un)

  134. 	switch {

  135. 	case err == sql.ErrNoRows:

  136. 		return finalUsername, nil

  137. 	case err != nil:

  138. 		log.Error("Couldn't SELECT username: %v", err)

  139. 		return "", &impart.HTTPError{http.StatusInternalServerError, "We messed up."}

  140. 	}

  141. 

  142. 	// Username was found, so it's taken

  143. 	return "", &impart.HTTPError{http.StatusConflict, "Username is already taken."}

  144. }