package admin import ( "gitlab.ingenieurbuero-peetz.de/tpeetz/kalorienmanager.git/pkg/auth" "gitlab.ingenieurbuero-peetz.de/tpeetz/kalorienmanager.git/pkg/dao" "gitlab.ingenieurbuero-peetz.de/tpeetz/kalorienmanager.git/pkg/properties" "gitlab.ingenieurbuero-peetz.de/tpeetz/kalorienmanager.git/pkg/util" "net/http" "strconv" "fmt" "github.com/gin-gonic/gin" ) var ( // PageTitleUserAdministration defines the page title for user administration PageTitleUserAdministration = fmt.Sprintf("%s User Administration", properties.Application) ) // ShowLoginPage renders login page. func ShowLoginPage(c *gin.Context) { // Call the render function with the name of the template to render util.Render(c, gin.H{"title": "Login"}, "login.html", false) } // PerformLogin reads data from login form and validates input. func PerformLogin(c *gin.Context) { // Obtain the POSTed username and password values username := c.PostForm("username") password := c.PostForm("password") var userDao = UserDAO{Db: dao.KalorienmanagerDb} // Check if the username/password combination is valid if userDao.IsUserValid(username, password) { sessionInterface, _ := c.Get("session") sessionID := sessionInterface.(string) user, _ := userDao.FindByUsername(username) sessionDao := auth.SessionDAO{Db: dao.KalorienmanagerDb} session, _ := sessionDao.FindByID(sessionID) session.Username = username session.IsAdmin = user.IsAdmin sessionDao.Update(session) util.Render(c, gin.H{"title": "Successful Login", "InfoMessage": "Login successfull"}, "index.html", true) } else { // If the username/password combination is invalid, // show the error message on the login page c.HTML(http.StatusBadRequest, "login.html", gin.H{ "ErrorTitle": "Login Failed", "ErrorMessage": "Invalid credentials provided"}) } } // Logout invalidates session. func Logout(c *gin.Context) { sessionInterface, _ := c.Get("session") sessionID := sessionInterface.(string) c.SetCookie("session", sessionID, -1, "", "", false, true) // Redirect to the home page c.Redirect(http.StatusTemporaryRedirect, "/") } func showAdminIndex(c *gin.Context) { // Call the render function with the name of the template to render util.Render(c, gin.H{"title": properties.Application, "payload": nil}, "admin.html", true) } func showUserIndex(c *gin.Context) { var dao = UserDAO{Db: dao.KalorienmanagerDb} if users, err := dao.FindAll(); err == nil && users != nil { util.Render(c, gin.H{"title": PageTitleUserAdministration, "payload": users}, "users.html", true) } else { util.Render(c, gin.H{"title": PageTitleUserAdministration, "payload": users, "ErrorMessage": err}, "users.html", true) } } func showUserDetails(c *gin.Context) { userID := c.Param("userid") var userDao = UserDAO{Db: dao.KalorienmanagerDb} if user, err := userDao.FindByID(userID); err == nil && &user != nil { util.Render(c, gin.H{"title": PageTitleUserAdministration, "payload": user, "action": util.SaveAction}, "user-detail.html", true) } else { c.AbortWithError(http.StatusNotFound, err) } } func showUserCreation(c *gin.Context) { var user = User{} util.Render(c, gin.H{"title": PageTitleUserAdministration, "payload": user, "action": util.AddAction}, "user-detail.html", true) } func validateUserCreation(c *gin.Context) { // Obtain the POSTed username and password values username := c.PostForm("username") firstname := c.PostForm("firstname") lastname := c.PostForm("lastname") password := c.PostForm("password") adminFormVar := c.PostForm("admin") action := c.PostForm("action") userid := c.PostForm("userid") isAdmin, _ := strconv.ParseBool(adminFormVar) var err error var dao = UserDAO{Db: dao.KalorienmanagerDb} var user = User{} switch action { case util.AddAction: user.Username = username user.Firstname = firstname user.Lastname = lastname user.IsAdmin = isAdmin user.Password, _ = HashPassword(password) _, err = dao.Upsert(user) case util.SaveAction: user, _ = dao.FindByID(userid) user.Username = username user.Firstname = firstname user.Lastname = lastname user.IsAdmin = isAdmin user.Password, _ = HashPassword(password) err = dao.Update(user) case util.DeleteAction: user, _ = dao.FindByID(userid) err = dao.Delete(user) } if err == nil { c.Redirect(http.StatusTemporaryRedirect, "/admin/user") } else { c.HTML(http.StatusBadRequest, "kalorienmanager/create-user.html", gin.H{ "ErrorTitle": "User Creation Failed", "ErrorMessage": err.Error()}) } }