rework some account stuff, change passwords

2019-05-14 19:18:29 -04:00 · 2019-05-14 19:18:29 -04:00 · 94fd2347c9
parent 5e5438043b
commit 94fd2347c9
5 changed files with 33 additions and 23 deletions
--- a/go.mod
+++ b/go.mod
@ -6,5 +6,5 @@ require (
 	golang.org/x/crypto v0.0.0-20190424203555-c05e17bb3b2d
 	golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
 	humungus.tedunangst.com/r/go-sqlite3 v1.1.2
-	humungus.tedunangst.com/r/webs v0.4.1
+	humungus.tedunangst.com/r/webs v0.4.2
 )
--- a/go.sum
+++ b/go.sum
@ -16,3 +16,5 @@ humungus.tedunangst.com/r/webs v0.4.0 h1:X+CC6+YVSiK7038GTX5X/HvHUFOjEQ0NGgbDT4x
 humungus.tedunangst.com/r/webs v0.4.0/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=
 humungus.tedunangst.com/r/webs v0.4.1 h1:tH3gW492B15ecUeVv1YT83N0lJd6+ZwTiUIQBJB0L9c=
 humungus.tedunangst.com/r/webs v0.4.1/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=
+humungus.tedunangst.com/r/webs v0.4.2 h1:7+527goDozbQzcSvP/oyX14LemJcY/1ss2/38i23kPY=
+humungus.tedunangst.com/r/webs v0.4.2/go.mod h1:6yLLDXBaE4pKURa/3/bxoQPod37uAqc/Kq8J0IopWW0=
--- a/honk.go
+++ b/honk.go
@ -97,7 +97,6 @@ func getInfo(r *http.Request) map[string]interface{} {
 	templinfo["ServerName"] = serverName
 	templinfo["IconName"] = iconName
 	templinfo["UserInfo"] = login.GetUserInfo(r)
-	templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
 	return templinfo
 }

@ -490,9 +489,6 @@ func honkpage(w http.ResponseWriter, r *http.Request, u *login.UserInfo, user *W
 	reverbolate(honks)
 	templinfo := getInfo(r)
 	if u != nil {
-		if user != nil && u.Username == user.Name {
-			templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
-		}
 		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 	}
 	if u == nil {
@ -501,8 +497,7 @@ func honkpage(w http.ResponseWriter, r *http.Request, u *login.UserInfo, user *W
 	if user != nil {
 		templinfo["Name"] = user.Name
 		whatabout := user.About
-		templinfo["RawWhatAbout"] = whatabout
-		whatabout = obfusbreak(whatabout)
+		whatabout = obfusbreak(user.About)
 		templinfo["WhatAbout"] = cleanstring(whatabout)
 	}
 	templinfo["Honks"] = honks
@ -522,7 +517,7 @@ func saveuser(w http.ResponseWriter, r *http.Request) {
 		log.Printf("error bouting what: %s", err)
 	}

-	http.Redirect(w, r, "/u/"+u.Username, http.StatusSeeOther)
+	http.Redirect(w, r, "/account", http.StatusSeeOther)
 }

 func gethonkers(userid int64) []*Honker {
@ -1082,6 +1077,27 @@ func killitwithfire(w http.ResponseWriter, r *http.Request) {
 	http.Redirect(w, r, "/killzone", http.StatusSeeOther)
 }

+func accountpage(w http.ResponseWriter, r *http.Request) {
+	u := login.GetUserInfo(r)
+	user, _ := butwhatabout(u.Username)
+	templinfo := getInfo(r)
+	templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
+	templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
+	templinfo["WhatAbout"] = user.About
+	err := readviews.Execute(w, "account.html", templinfo)
+	if err != nil {
+		log.Print(err)
+	}
+}
+
+func dochpass(w http.ResponseWriter, r *http.Request) {
+	err := login.ChangePassword(w, r)
+	if err != nil {
+		log.Printf("error changing password: %s", err)
+	}
+	http.Redirect(w, r, "/account", http.StatusSeeOther)
+}
+
 func fingerlicker(w http.ResponseWriter, r *http.Request) {
 	orig := r.FormValue("resource")

@ -1196,6 +1212,7 @@ func serve() {
 		"views/combos.html",
 		"views/honkform.html",
 		"views/honk.html",
+		"views/account.html",
 		"views/login.html",
 		"views/header.html",
 	)
@ -1237,6 +1254,8 @@ func serve() {

 	loggedin := mux.NewRoute().Subrouter()
 	loggedin.Use(login.Required)
+	loggedin.HandleFunc("/account", accountpage)
+	loggedin.HandleFunc("/chpass", dochpass)
 	loggedin.HandleFunc("/atme", homepage)
 	loggedin.HandleFunc("/killzone", killzone)
 	loggedin.Handle("/honk", login.CSRFWrap("honkhonk", http.HandlerFunc(savehonk)))
--- a/views/header.html
+++ b/views/header.html
@ -12,17 +12,17 @@
 <body>
 <header>
 <span><a href="/">honk</a></span>
+{{ if .ShowRSS }}
+<span><a href="/rss">rss</a></span>
+{{ end }}
 {{ if .UserInfo }}
 <span><a href="/atme">@me</a></span>
 <span><a href="/u/{{ .UserInfo.Username }}">{{ .UserInfo.Username }}</a></span>
 <span><a href="/honkers">honkers</a></span>
 <span><a href="/c">combos</a></span>
 <span><a href="/killzone">killzone</a></span>
-<span><a href="/logout?CSRF={{ .LogoutCSRF }}">logout</a></span>
+<span><a href="/account">account</a></span>
 {{ else }}
 <span><a href="/login">login</a></span>
 {{ end }}
-{{ if .ShowRSS }}
-<span><a href="/rss">rss</a></span>
-{{ end }}
 </header>
--- a/views/honkpage.html
+++ b/views/honkpage.html
@ -3,19 +3,8 @@
 <div class="info" id="infobox">
 {{ if .Name }}
 <p>{{ .Name }} <span style="margin-left:1em;"><a href="/u/{{ .Name }}/rss">rss</a></span>
-{{ if .HonkCSRF }}
-<div>
-<form id="aboutform" action="/saveuser" method="POST">
-<input type="hidden" name="CSRF" value="{{ .UserCSRF }}">
-<textarea name="whatabout">{{ .RawWhatAbout }}</textarea>
-<p>
-<input type="submit" value="update">
-</form>
-</div>
-{{ else }}
 <p>{{ .WhatAbout }}
 {{ end }}
-{{ end }}
 <p>{{ .ServerMessage }}
 {{ if .HonkCSRF }}
 {{ template "honkform.html" . }}