rework some account stuff, change passwords

This commit is contained in:
Ted Unangst 2019-05-14 19:18:29 -04:00
parent 5e5438043b
commit 94fd2347c9
5 changed files with 33 additions and 23 deletions

2
go.mod
View File

@ -6,5 +6,5 @@ require (
golang.org/x/crypto v0.0.0-20190424203555-c05e17bb3b2d golang.org/x/crypto v0.0.0-20190424203555-c05e17bb3b2d
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
humungus.tedunangst.com/r/go-sqlite3 v1.1.2 humungus.tedunangst.com/r/go-sqlite3 v1.1.2
humungus.tedunangst.com/r/webs v0.4.1 humungus.tedunangst.com/r/webs v0.4.2
) )

2
go.sum
View File

@ -16,3 +16,5 @@ humungus.tedunangst.com/r/webs v0.4.0 h1:X+CC6+YVSiK7038GTX5X/HvHUFOjEQ0NGgbDT4x
humungus.tedunangst.com/r/webs v0.4.0/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0= humungus.tedunangst.com/r/webs v0.4.0/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=
humungus.tedunangst.com/r/webs v0.4.1 h1:tH3gW492B15ecUeVv1YT83N0lJd6+ZwTiUIQBJB0L9c= humungus.tedunangst.com/r/webs v0.4.1 h1:tH3gW492B15ecUeVv1YT83N0lJd6+ZwTiUIQBJB0L9c=
humungus.tedunangst.com/r/webs v0.4.1/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0= humungus.tedunangst.com/r/webs v0.4.1/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=
humungus.tedunangst.com/r/webs v0.4.2 h1:7+527goDozbQzcSvP/oyX14LemJcY/1ss2/38i23kPY=
humungus.tedunangst.com/r/webs v0.4.2/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=

33
honk.go
View File

@ -97,7 +97,6 @@ func getInfo(r *http.Request) map[string]interface{} {
templinfo["ServerName"] = serverName templinfo["ServerName"] = serverName
templinfo["IconName"] = iconName templinfo["IconName"] = iconName
templinfo["UserInfo"] = login.GetUserInfo(r) templinfo["UserInfo"] = login.GetUserInfo(r)
templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
return templinfo return templinfo
} }
@ -490,9 +489,6 @@ func honkpage(w http.ResponseWriter, r *http.Request, u *login.UserInfo, user *W
reverbolate(honks) reverbolate(honks)
templinfo := getInfo(r) templinfo := getInfo(r)
if u != nil { if u != nil {
if user != nil && u.Username == user.Name {
templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
}
templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r) templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
} }
if u == nil { if u == nil {
@ -501,8 +497,7 @@ func honkpage(w http.ResponseWriter, r *http.Request, u *login.UserInfo, user *W
if user != nil { if user != nil {
templinfo["Name"] = user.Name templinfo["Name"] = user.Name
whatabout := user.About whatabout := user.About
templinfo["RawWhatAbout"] = whatabout whatabout = obfusbreak(user.About)
whatabout = obfusbreak(whatabout)
templinfo["WhatAbout"] = cleanstring(whatabout) templinfo["WhatAbout"] = cleanstring(whatabout)
} }
templinfo["Honks"] = honks templinfo["Honks"] = honks
@ -522,7 +517,7 @@ func saveuser(w http.ResponseWriter, r *http.Request) {
log.Printf("error bouting what: %s", err) log.Printf("error bouting what: %s", err)
} }
http.Redirect(w, r, "/u/"+u.Username, http.StatusSeeOther) http.Redirect(w, r, "/account", http.StatusSeeOther)
} }
func gethonkers(userid int64) []*Honker { func gethonkers(userid int64) []*Honker {
@ -1082,6 +1077,27 @@ func killitwithfire(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/killzone", http.StatusSeeOther) http.Redirect(w, r, "/killzone", http.StatusSeeOther)
} }
func accountpage(w http.ResponseWriter, r *http.Request) {
u := login.GetUserInfo(r)
user, _ := butwhatabout(u.Username)
templinfo := getInfo(r)
templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
templinfo["WhatAbout"] = user.About
err := readviews.Execute(w, "account.html", templinfo)
if err != nil {
log.Print(err)
}
}
func dochpass(w http.ResponseWriter, r *http.Request) {
err := login.ChangePassword(w, r)
if err != nil {
log.Printf("error changing password: %s", err)
}
http.Redirect(w, r, "/account", http.StatusSeeOther)
}
func fingerlicker(w http.ResponseWriter, r *http.Request) { func fingerlicker(w http.ResponseWriter, r *http.Request) {
orig := r.FormValue("resource") orig := r.FormValue("resource")
@ -1196,6 +1212,7 @@ func serve() {
"views/combos.html", "views/combos.html",
"views/honkform.html", "views/honkform.html",
"views/honk.html", "views/honk.html",
"views/account.html",
"views/login.html", "views/login.html",
"views/header.html", "views/header.html",
) )
@ -1237,6 +1254,8 @@ func serve() {
loggedin := mux.NewRoute().Subrouter() loggedin := mux.NewRoute().Subrouter()
loggedin.Use(login.Required) loggedin.Use(login.Required)
loggedin.HandleFunc("/account", accountpage)
loggedin.HandleFunc("/chpass", dochpass)
loggedin.HandleFunc("/atme", homepage) loggedin.HandleFunc("/atme", homepage)
loggedin.HandleFunc("/killzone", killzone) loggedin.HandleFunc("/killzone", killzone)
loggedin.Handle("/honk", login.CSRFWrap("honkhonk", http.HandlerFunc(savehonk))) loggedin.Handle("/honk", login.CSRFWrap("honkhonk", http.HandlerFunc(savehonk)))

View File

@ -12,17 +12,17 @@
<body> <body>
<header> <header>
<span><a href="/">honk</a></span> <span><a href="/">honk</a></span>
{{ if .ShowRSS }}
<span><a href="/rss">rss</a></span>
{{ end }}
{{ if .UserInfo }} {{ if .UserInfo }}
<span><a href="/atme">@me</a></span> <span><a href="/atme">@me</a></span>
<span><a href="/u/{{ .UserInfo.Username }}">{{ .UserInfo.Username }}</a></span> <span><a href="/u/{{ .UserInfo.Username }}">{{ .UserInfo.Username }}</a></span>
<span><a href="/honkers">honkers</a></span> <span><a href="/honkers">honkers</a></span>
<span><a href="/c">combos</a></span> <span><a href="/c">combos</a></span>
<span><a href="/killzone">killzone</a></span> <span><a href="/killzone">killzone</a></span>
<span><a href="/logout?CSRF={{ .LogoutCSRF }}">logout</a></span> <span><a href="/account">account</a></span>
{{ else }} {{ else }}
<span><a href="/login">login</a></span> <span><a href="/login">login</a></span>
{{ end }} {{ end }}
{{ if .ShowRSS }}
<span><a href="/rss">rss</a></span>
{{ end }}
</header> </header>

View File

@ -3,19 +3,8 @@
<div class="info" id="infobox"> <div class="info" id="infobox">
{{ if .Name }} {{ if .Name }}
<p>{{ .Name }} <span style="margin-left:1em;"><a href="/u/{{ .Name }}/rss">rss</a></span> <p>{{ .Name }} <span style="margin-left:1em;"><a href="/u/{{ .Name }}/rss">rss</a></span>
{{ if .HonkCSRF }}
<div>
<form id="aboutform" action="/saveuser" method="POST">
<input type="hidden" name="CSRF" value="{{ .UserCSRF }}">
<textarea name="whatabout">{{ .RawWhatAbout }}</textarea>
<p>
<input type="submit" value="update">
</form>
</div>
{{ else }}
<p>{{ .WhatAbout }} <p>{{ .WhatAbout }}
{{ end }} {{ end }}
{{ end }}
<p>{{ .ServerMessage }} <p>{{ .ServerMessage }}
{{ if .HonkCSRF }} {{ if .HonkCSRF }}
{{ template "honkform.html" . }} {{ template "honkform.html" . }}