diff --git a/res/static/style/layout.css b/res/static/style/layout.css index 236b09f..3590028 100644 --- a/res/static/style/layout.css +++ b/res/static/style/layout.css @@ -103,7 +103,7 @@ body{ font-family: "Lato Thin", sans-serif; font-weight: bold; font-size: 1.8em; - transition: box-shadow 2s; + transition: box-shadow 5s; } .navigation a:hover { background: linear-gradient(var(--highlight_color), var(--highlight_color_dark)); diff --git a/res/template/account/login.html b/res/template/account/login.html deleted file mode 100644 index 4007995..0000000 --- a/res/template/account/login.html +++ /dev/null @@ -1,69 +0,0 @@ -{{define "login"}} - - - - {{template "meta_tags" "Login"}} - {{template "user_style" .}} - - - -
- {{template "menu" .}} - -

Log in to your PixelDrain account

-
-
- - - - - - - - - - - - -
Username / e-mail
Password
-
-
- If you don't have a PixelDrain account yet, you can register here. No e-mail address is required.
- {{template "footer"}} -
- - - {{template "analytics"}} - - -{{end}} diff --git a/res/template/account/logout.html b/res/template/account/logout.html index 6aa9a48..e05f4f4 100644 --- a/res/template/account/logout.html +++ b/res/template/account/logout.html @@ -8,18 +8,18 @@
{{template "menu" .}} -

Please confirm that you want to log out of your Pixeldrain account

+

Please confirm that you want to log out of your pixeldrain account


Why do I need to confirm my logout?

- We need you to confirm your action here so we can be sure that - you really requested a logout. If we didn't do this, anyone (or - any website) would be able to send you to this page and you - would automatically get logged out of Pixeldrain, which would be - very annoying. + We need you to confirm your action so we can be sure that you + really requested a logout. If we didn't do this, anyone (or any + website) would be able to send you to this page and you would + automatically get logged out of pixeldrain, which would be very + annoying.

To prevent this from happening we're verifying that you actually diff --git a/res/template/account/user_home.html b/res/template/account/user_home.html index e7a7edd..9771c01 100644 --- a/res/template/account/user_home.html +++ b/res/template/account/user_home.html @@ -12,11 +12,10 @@

Welcome home, {{.Username}}!

-

Actions

Your most recently uploaded files:

diff --git a/webcontroller/forms/form.go b/webcontroller/forms/form.go index c3a92d0..3f23e41 100644 --- a/webcontroller/forms/form.go +++ b/webcontroller/forms/form.go @@ -29,6 +29,9 @@ type Form struct { // Used for letting the browser know which user is logged in Username string + + // Actions to perform when the form is rendered + Extra ExtraActions } // Field is a single input field in a form @@ -54,11 +57,22 @@ type Field struct { Type FieldType - // Only used when Type = `captcha`. When using reCaptcha the field name has - // to be `recaptcha_response` + // Only used when Type == FieldTypeCaptcha CaptchaSiteKey string } +// ExtraActions contains extra actions to performs when rendering the form +type ExtraActions struct { + // Redirects the browser to a different URL with a HTTP 303: See Other + // status. This is useful for redirecting the user to a different page if + // the form submission was successful + RedirectTo string + + // A cookie to install in the browser when the form is rendered. Useful for + // setting / destroying user sessions or configurations + SetCookie *http.Cookie +} + // FieldType defines the type a form field has and how it should be rendered type FieldType string @@ -82,15 +96,17 @@ func (f *Form) ReadInput(r *http.Request) (success bool) { } f.Submitted = true - var val string - for i, field := range f.Fields { - val = r.FormValue(field.Name) - field.EnteredValue = val + field.EnteredValue = r.FormValue(field.Name) if field.DefaultValue == "" { - field.DefaultValue = val + field.DefaultValue = field.EnteredValue } + + if field.Type == FieldTypeCaptcha && field.EnteredValue == "" { + field.EnteredValue = r.FormValue("g-recaptcha-response") + } + f.Fields[i] = field // Update the new values in the array } diff --git a/webcontroller/user_account.go b/webcontroller/user_account.go index 24b94e4..e0f0c1b 100644 --- a/webcontroller/user_account.go +++ b/webcontroller/user_account.go @@ -3,6 +3,7 @@ package webcontroller import ( "html/template" "net/http" + "time" "fornaxian.com/pixeldrain-web/pixelapi" "fornaxian.com/pixeldrain-web/webcontroller/forms" @@ -99,7 +100,7 @@ func (wc *WebController) registerForm(td *TemplateData, r *http.Request) (f form "website with fake accounts", Separator: true, Type: forms.FieldTypeCaptcha, - CaptchaSiteKey: wc.captchaSiteKey, + CaptchaSiteKey: wc.captchaKey(), }, }, BackLink: "/", @@ -114,7 +115,7 @@ func (wc *WebController) registerForm(td *TemplateData, r *http.Request) (f form "password in both password fields"} return f } - + log.Debug("capt: %s", f.FieldVal("recaptcha_response")) resp, err := td.PixelAPI.UserRegister( f.FieldVal("username"), f.FieldVal("e-mail"), @@ -145,6 +146,57 @@ func (wc *WebController) registerForm(td *TemplateData, r *http.Request) (f form return f } +func (wc *WebController) loginForm(td *TemplateData, r *http.Request) (f forms.Form) { + td.Title = "Login" + f = forms.Form{ + Name: "login", + Title: "Log in to your pixeldrain account", + Fields: []forms.Field{ + { + Name: "username", + Label: "Username / e-mail", + Type: forms.FieldTypeUsername, + }, { + Name: "password", + Label: "Password", + Type: forms.FieldTypeCurrentPassword, + }, + }, + BackLink: "/", + SubmitLabel: "Login", + PostFormHTML: template.HTML( + `
If you don't have a pixeldrain account yet, you can ` + + `register here. No e-mail address is ` + + `required.
`, + ), + } + + if f.ReadInput(r) { + loginResp, err := td.PixelAPI.UserLogin(f.FieldVal("username"), f.FieldVal("password"), false) + if err != nil { + if apiErr, ok := err.(pixelapi.Error); ok { + f.SubmitMessages = []template.HTML{template.HTML(apiErr.Message)} + } else { + log.Error("%s", err) + f.SubmitMessages = []template.HTML{"Internal Server Error"} + } + } else { + log.Debug("key %s", loginResp.APIKey) + // Request was a success + f.SubmitSuccess = true + f.SubmitMessages = []template.HTML{"Success!"} + f.Extra.SetCookie = &http.Cookie{ + Name: "pd_auth_key", + Value: loginResp.APIKey, + Path: "/", + Expires: time.Now().AddDate(50, 0, 0), + } + f.Extra.RedirectTo = "/user" + } + } + return f +} + func (wc *WebController) passwordForm(td *TemplateData, r *http.Request) (f forms.Form) { td.Title = "Change Password" f = forms.Form{ diff --git a/webcontroller/web_controller.go b/webcontroller/web_controller.go index 3eb69c9..303396f 100644 --- a/webcontroller/web_controller.go +++ b/webcontroller/web_controller.go @@ -64,7 +64,9 @@ func New(r *httprouter.Router, prefix string, conf *conf.PixelWebConfig) *WebCon r.GET(p+"/register_old" /* */, wc.serveRegister) r.GET(p+"/register" /* */, wc.serveForm(wc.registerForm, false)) r.POST(p+"/register" /* */, wc.serveForm(wc.registerForm, false)) - r.GET(p+"/login" /* */, wc.serveTemplate("login", false)) + r.GET(p+"/login" /* */, wc.serveForm(wc.loginForm, false)) + r.POST(p+"/login" /* */, wc.serveForm(wc.loginForm, false)) + // r.GET(p+"/login" /* */, wc.serveTemplate("login", false)) r.GET(p+"/logout" /* */, wc.serveTemplate("logout", true)) r.POST(p+"/logout" /* */, wc.serveLogout) r.GET(p+"/user" /* */, wc.serveTemplate("user_home", true)) @@ -133,8 +135,18 @@ func (wc *WebController) serveForm( td.Form.Username = td.Username + // Execute the extra actions if any + if td.Form.Extra.SetCookie != nil { + http.SetCookie(w, td.Form.Extra.SetCookie) + } + if td.Form.Extra.RedirectTo != "" { + http.Redirect(w, r, td.Form.Extra.RedirectTo, http.StatusSeeOther) + log.Debug("redirect: %s", td.Form.Extra.RedirectTo) + return // Don't need to render a form if the user is redirected + } + // Remove the recaptcha field if captcha is disabled - if wc.captchaSiteKey == "none" { + if wc.captchaKey() == "none" { for i, field := range td.Form.Fields { if field.Type == forms.FieldTypeCaptcha { td.Form.Fields = append(