miniflux-v2/ui/login_check.go

package ui  // import "miniflux.app/ui"

import (
	"net/http"

	"miniflux.app/http/cookie"
	"miniflux.app/http/request"
	"miniflux.app/http/response"
	"miniflux.app/http/response/html"
	"miniflux.app/http/route"
	"miniflux.app/logger"
	"miniflux.app/ui/form"
	"miniflux.app/ui/session"
	"miniflux.app/ui/view"
)

// CheckLogin validates the username/password and redirects the user to the unread page.
func (c *Controller) CheckLogin(w http.ResponseWriter, r *http.Request) {
	clientIP := request.ClientIP(r)
	sess := session.New(c.store, request.SessionID(r))
	authForm := form.NewAuthForm(r)

	view := view.New(c.tpl, r, sess)
	view.Set("errorMessage", "Invalid username or password.")
	view.Set("form", authForm)

	if err := authForm.Validate(); err != nil {
		logger.Error("[Controller:CheckLogin] %v", err)
		html.OK(w, r, view.Render("login"))
		return
	}

	if err := c.store.CheckPassword(authForm.Username, authForm.Password); err != nil {
		logger.Error("[Controller:CheckLogin] [ClientIP=%s] %v", clientIP, err)
		html.OK(w, r, view.Render("login"))
		return
	}

	sessionToken, userID, err := c.store.CreateUserSession(authForm.Username, r.UserAgent(), clientIP)
	if err != nil {
		html.ServerError(w, err)
		return
	}

	logger.Info("[Controller:CheckLogin] username=%s just logged in", authForm.Username)
	c.store.SetLastLogin(userID)

	user, err := c.store.UserByID(userID)
	if err != nil {
		html.ServerError(w, err)
		return
	}

	sess.SetLanguage(user.Language)
	sess.SetTheme(user.Theme)

	http.SetCookie(w, cookie.New(
		cookie.CookieUserSessionID,
		sessionToken,
		c.cfg.IsHTTPS,
		c.cfg.BasePath(),
	))

	response.Redirect(w, r, route.Path(c.router, "unread"))
}
Use canonical imports 2018-08-25 06:51:50 +02:00			`package ui // import "miniflux.app/ui"`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00
			`import (`
			`"net/http"`

Use canonical imports 2018-08-25 06:51:50 +02:00			`"miniflux.app/http/cookie"`
			`"miniflux.app/http/request"`
			`"miniflux.app/http/response"`
			`"miniflux.app/http/response/html"`
			`"miniflux.app/http/route"`
			`"miniflux.app/logger"`
			`"miniflux.app/ui/form"`
			`"miniflux.app/ui/session"`
			`"miniflux.app/ui/view"`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`)`

			`// CheckLogin validates the username/password and redirects the user to the unread page.`
			`func (c Controller) CheckLogin(w http.ResponseWriter, r http.Request) {`
Store client IP address in request context 2018-09-10 00:15:14 +02:00			`clientIP := request.ClientIP(r)`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`sess := session.New(c.store, request.SessionID(r))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`authForm := form.NewAuthForm(r)`

Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`view := view.New(c.tpl, r, sess)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`view.Set("errorMessage", "Invalid username or password.")`
			`view.Set("form", authForm)`

			`if err := authForm.Validate(); err != nil {`
			`logger.Error("[Controller:CheckLogin] %v", err)`
Compress HTML responses to Gzip/Deflate if supported by browser 2018-07-07 05:39:28 +02:00			`html.OK(w, r, view.Render("login"))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`return`
			`}`

			`if err := c.store.CheckPassword(authForm.Username, authForm.Password); err != nil {`
Store client IP address in request context 2018-09-10 00:15:14 +02:00			`logger.Error("[Controller:CheckLogin] [ClientIP=%s] %v", clientIP, err)`
Compress HTML responses to Gzip/Deflate if supported by browser 2018-07-07 05:39:28 +02:00			`html.OK(w, r, view.Render("login"))`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`return`
			`}`

Store client IP address in request context 2018-09-10 00:15:14 +02:00			`sessionToken, userID, err := c.store.CreateUserSession(authForm.Username, r.UserAgent(), clientIP)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`if err != nil {`
			`html.ServerError(w, err)`
			`return`
			`}`

			`logger.Info("[Controller:CheckLogin] username=%s just logged in", authForm.Username)`
			`c.store.SetLastLogin(userID)`

Improve themes handling - Store user theme in session - Logged out users will keep their theme - Add theme background color to web manifest and meta tag 2018-07-19 07:30:05 +02:00			`user, err := c.store.UserByID(userID)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00			`if err != nil {`
			`html.ServerError(w, err)`
			`return`
			`}`

Improve themes handling - Store user theme in session - Logged out users will keep their theme - Add theme background color to web manifest and meta tag 2018-07-19 07:30:05 +02:00			`sess.SetLanguage(user.Language)`
			`sess.SetTheme(user.Theme)`
Use vanilla HTTP handlers (refactoring) 2018-04-30 01:35:04 +02:00
			`http.SetCookie(w, cookie.New(`
			`cookie.CookieUserSessionID,`
			`sessionToken,`
			`c.cfg.IsHTTPS,`
			`c.cfg.BasePath(),`
			`))`

			`response.Redirect(w, r, route.Path(c.router, "unread"))`
			`}`