Implemented ChangePassword() (now password can be changed from /settings)

A couple of UI fixes in tables
pull/24/head
Jordan 2014-02-10 13:02:44 -06:00
parent 34b93b7bf4
commit eb8491c144
4 changed files with 42 additions and 14 deletions

View File

@ -1,7 +1,9 @@
package auth
import (
"database/sql"
"encoding/gob"
"errors"
"fmt"
"io"
"net/http"
@ -25,6 +27,8 @@ var Store = sessions.NewCookieStore(
[]byte(securecookie.GenerateRandomKey(64)), //Signing key
[]byte(securecookie.GenerateRandomKey(32)))
var ErrInvalidPassword = errors.New("Invalid Password")
// Login attempts to login the user given a request.
func Login(r *http.Request) (bool, error) {
username, password := r.FormValue("username"), r.FormValue("password")
@ -52,7 +56,8 @@ func Login(r *http.Request) (bool, error) {
func Register(r *http.Request) (bool, error) {
username, password := r.FormValue("username"), r.FormValue("password")
u, err := db.GetUserByUsername(username)
if err != nil {
// If we have an error which is not simply indicating that no user was found, report it
if err != sql.ErrNoRows {
return false, err
}
//If we've made it here, we should have a valid username given
@ -78,21 +83,23 @@ func GenerateSecureKey() string {
return fmt.Sprintf("%x", k)
}
func ChangePassword(u *models.User, c string, n string) bool {
func ChangePassword(r *http.Request) error {
u := ctx.Get(r, "user").(models.User)
c, n := r.FormValue("current_password"), r.FormValue("new_password")
// Check the current password
err := bcrypt.CompareHashAndPassword([]byte(u.Hash), []byte(c))
if err != nil {
return false
return ErrInvalidPassword
} else {
// Generate the new hash
h, err := bcrypt.GenerateFromPassword([]byte(n), bcrypt.DefaultCost)
if err != nil {
return false
return err
}
u.Hash = string(h)
if err = db.PutUser(u); err != nil {
return false
if err = db.PutUser(&u); err != nil {
return err
}
return true
return nil
}
}

View File

@ -142,10 +142,23 @@ func Settings(w http.ResponseWriter, r *http.Request) {
Token string
}{Title: "Settings", User: ctx.Get(r, "user").(models.User)}
session := ctx.Get(r, "session").(*sessions.Session)
params.Token = nosurf.Token(r)
params.Flashes = session.Flashes()
session.Save(r, w)
getTemplate(w, "settings").ExecuteTemplate(w, "base", params)
switch {
case r.Method == "GET":
params.Token = nosurf.Token(r)
params.Flashes = session.Flashes()
session.Save(r, w)
getTemplate(w, "settings").ExecuteTemplate(w, "base", params)
case r.Method == "POST":
err := auth.ChangePassword(r)
if err == auth.ErrInvalidPassword {
Flash(w, r, "danger", "Invalid Password")
} else if err != nil {
Flash(w, r, "danger", "Unknown Error")
} else {
Flash(w, r, "success", "Password successfully reset")
}
http.Redirect(w, r, "/settings", 302)
}
}
func Campaigns_Id(w http.ResponseWriter, r *http.Request) {

View File

@ -101,9 +101,16 @@ app.controller('GroupCtrl', function($scope, GroupService, ngTableParams) {
if ($scope.newGroup) {
newGroup.$save(function() {
$scope.groups.push(newGroup);
$scope.mainTableParams.reload()
});
} else {
newGroup.$update()
}
$scope.group = {
name: '',
targets: [],
id: 0
};
$scope.editGroupTableParams.reload()
}
})

View File

@ -44,19 +44,20 @@
<div class="row">
<label for="current_password" class="col-sm-2 control-label form-label">Old Password:</label>
<div class="col-md-6">
<input type="password" id="current_password" class="form-control" />
<input type="password" id="current_password" name="current_password" class="form-control" />
</div>
</div>
<br />
<div class="row">
<label for="new_password" class="col-sm-2 control-label form-label">New Password:</label>
<div class="col-md-6">
<input type="password" id="new_password" class="form-control" />
<input type="password" id="new_password" name="new_password" class="form-control" />
</div>
</div>
<input type="hidden" name="csrf_token" value={{%.Token%}}/>
<button class="btn btn-primary" type="submit">Save</button>
</form>
<br/>
<button class="btn btn-primary">Save</button>
</div>
</div>
{{%end%}}