miniflux-v2/ui/login_check.go

package ui

import (
	"net/http"

	"github.com/miniflux/miniflux/http/context"
	"github.com/miniflux/miniflux/http/cookie"
	"github.com/miniflux/miniflux/http/request"
	"github.com/miniflux/miniflux/http/response"
	"github.com/miniflux/miniflux/http/response/html"
	"github.com/miniflux/miniflux/http/route"
	"github.com/miniflux/miniflux/logger"
	"github.com/miniflux/miniflux/ui/form"
	"github.com/miniflux/miniflux/ui/session"
	"github.com/miniflux/miniflux/ui/view"
)

// CheckLogin validates the username/password and redirects the user to the unread page.
func (c *Controller) CheckLogin(w http.ResponseWriter, r *http.Request) {
	ctx := context.New(r)
	sess := session.New(c.store, ctx)

	authForm := form.NewAuthForm(r)

	view := view.New(c.tpl, ctx, sess)
	view.Set("errorMessage", "Invalid username or password.")
	view.Set("form", authForm)

	if err := authForm.Validate(); err != nil {
		logger.Error("[Controller:CheckLogin] %v", err)
		html.OK(w, r, view.Render("login"))
		return
	}

	if err := c.store.CheckPassword(authForm.Username, authForm.Password); err != nil {
		logger.Error("[Controller:CheckLogin] %v", err)
		html.OK(w, r, view.Render("login"))
		return
	}

	sessionToken, userID, err := c.store.CreateUserSession(authForm.Username, r.UserAgent(), request.RealIP(r))
	if err != nil {
		html.ServerError(w, err)
		return
	}

	logger.Info("[Controller:CheckLogin] username=%s just logged in", authForm.Username)
	c.store.SetLastLogin(userID)

	user, err := c.store.UserByID(userID)
	if err != nil {
		html.ServerError(w, err)
		return
	}

	sess.SetLanguage(user.Language)
	sess.SetTheme(user.Theme)

	http.SetCookie(w, cookie.New(
		cookie.CookieUserSessionID,
		sessionToken,
		c.cfg.IsHTTPS,
		c.cfg.BasePath(),
	))

	response.Redirect(w, r, route.Path(c.router, "unread"))
}
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`package ui`

			`import (`
			`"net/http"`

			`"github.com/miniflux/miniflux/http/context"`
			`"github.com/miniflux/miniflux/http/cookie"`
Rewrite RealIP() to avoid returning an empty string 2018-06-01 16:22:18 +02:00			`"github.com/miniflux/miniflux/http/request"`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`"github.com/miniflux/miniflux/http/response"`
			`"github.com/miniflux/miniflux/http/response/html"`
			`"github.com/miniflux/miniflux/http/route"`
			`"github.com/miniflux/miniflux/logger"`
			`"github.com/miniflux/miniflux/ui/form"`
			`"github.com/miniflux/miniflux/ui/session"`
			`"github.com/miniflux/miniflux/ui/view"`
			`)`

			`// CheckLogin validates the username/password and redirects the user to the unread page.`
			`func (c Controller) CheckLogin(w http.ResponseWriter, r http.Request) {`
			`ctx := context.New(r)`
			`sess := session.New(c.store, ctx)`

			`authForm := form.NewAuthForm(r)`

			`view := view.New(c.tpl, ctx, sess)`
			`view.Set("errorMessage", "Invalid username or password.")`
			`view.Set("form", authForm)`

			`if err := authForm.Validate(); err != nil {`
			`logger.Error("[Controller:CheckLogin] %v", err)`
Compress HTML responses to Gzip/Deflate if supported by browser 2018-07-07 05:39:28 +02:00			`html.OK(w, r, view.Render("login"))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`return`
			`}`

			`if err := c.store.CheckPassword(authForm.Username, authForm.Password); err != nil {`
			`logger.Error("[Controller:CheckLogin] %v", err)`
Compress HTML responses to Gzip/Deflate if supported by browser 2018-07-07 05:39:28 +02:00			`html.OK(w, r, view.Render("login"))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`return`
			`}`

Rewrite RealIP() to avoid returning an empty string 2018-06-01 16:22:18 +02:00			`sessionToken, userID, err := c.store.CreateUserSession(authForm.Username, r.UserAgent(), request.RealIP(r))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`if err != nil {`
			`html.ServerError(w, err)`
			`return`
			`}`

			`logger.Info("[Controller:CheckLogin] username=%s just logged in", authForm.Username)`
			`c.store.SetLastLogin(userID)`

Improve themes handling - Store user theme in session - Logged out users will keep their theme - Add theme background color to web manifest and meta tag 2018-07-19 07:30:05 +02:00			`user, err := c.store.UserByID(userID)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`if err != nil {`
			`html.ServerError(w, err)`
			`return`
			`}`

Improve themes handling - Store user theme in session - Logged out users will keep their theme - Add theme background color to web manifest and meta tag 2018-07-19 07:30:05 +02:00			`sess.SetLanguage(user.Language)`
			`sess.SetTheme(user.Theme)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00
			`http.SetCookie(w, cookie.New(`
			`cookie.CookieUserSessionID,`
			`sessionToken,`
			`c.cfg.IsHTTPS,`
			`c.cfg.BasePath(),`
			`))`

			`response.Redirect(w, r, route.Path(c.router, "unread"))`
			`}`