diff options
| author |  Frédéric Guillot <fred@miniflux.net> | 2018-04-29 16:35:04 -0700 |
|---|---|---|
| committer | Frédéric Guillot <fred@miniflux.net> | 2018-04-29 16:35:04 -0700 |
| commit | f49b42f70f902d4da1e0fa4080e99164b331b716 (patch) | |
| tree | c6bdd19f11d100c44b0d30344ec37038f649e988 /ui/login_check.go | |
| parent | 1eba1730d1af50ed545f4fde78b22d6fb62ca11e (diff) | |
Use vanilla HTTP handlers (refactoring)
Diffstat (limited to 'ui/login_check.go')
| -rw-r--r-- | ui/login_check.go | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/ui/login_check.go b/ui/login_check.go new file mode 100644 index 0000000..bc49c8d --- /dev/null +++ b/ui/login_check.go @@ -0,0 +1,66 @@ +package ui + +import ( + "net/http" + + "github.com/miniflux/miniflux/http/context" + "github.com/miniflux/miniflux/http/cookie" + "github.com/miniflux/miniflux/http/response" + "github.com/miniflux/miniflux/http/response/html" + "github.com/miniflux/miniflux/http/route" + "github.com/miniflux/miniflux/logger" + "github.com/miniflux/miniflux/ui/form" + "github.com/miniflux/miniflux/ui/session" + "github.com/miniflux/miniflux/ui/view" + "github.com/tomasen/realip" +) + +// CheckLogin validates the username/password and redirects the user to the unread page. +func (c *Controller) CheckLogin(w http.ResponseWriter, r *http.Request) { + ctx := context.New(r) + sess := session.New(c.store, ctx) + + authForm := form.NewAuthForm(r) + + view := view.New(c.tpl, ctx, sess) + view.Set("errorMessage", "Invalid username or password.") + view.Set("form", authForm) + + if err := authForm.Validate(); err != nil { + logger.Error("[Controller:CheckLogin] %v", err) + html.OK(w, view.Render("login")) + return + } + + if err := c.store.CheckPassword(authForm.Username, authForm.Password); err != nil { + logger.Error("[Controller:CheckLogin] %v", err) + html.OK(w, view.Render("login")) + return + } + + sessionToken, userID, err := c.store.CreateUserSession(authForm.Username, r.UserAgent(), realip.RealIP(r)) + if err != nil { + html.ServerError(w, err) + return + } + + logger.Info("[Controller:CheckLogin] username=%s just logged in", authForm.Username) + c.store.SetLastLogin(userID) + + userLanguage, err := c.store.UserLanguage(userID) + if err != nil { + html.ServerError(w, err) + return + } + + sess.SetLanguage(userLanguage) + + http.SetCookie(w, cookie.New( + cookie.CookieUserSessionID, + sessionToken, + c.cfg.IsHTTPS, + c.cfg.BasePath(), + )) + + response.Redirect(w, r, route.Path(c.router, "unread")) +} |