forked from jason/cpolis
Add encrypted email to user info
This commit is contained in:
@ -11,8 +11,8 @@ import (
|
||||
)
|
||||
|
||||
func checkUserStrings(user *b.User) (string, int, bool) {
|
||||
userLen := 15
|
||||
nameLen := 50
|
||||
userLen := 255
|
||||
nameLen := 56 // max value when aes encrypting up to 255 bytes
|
||||
|
||||
if len(user.UserName) > userLen {
|
||||
return "Benutzername", userLen, false
|
||||
@ -55,12 +55,13 @@ func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
UserName: r.PostFormValue("username"),
|
||||
FirstName: r.PostFormValue("first-name"),
|
||||
LastName: r.PostFormValue("last-name"),
|
||||
Email: r.PostFormValue("email"),
|
||||
}
|
||||
pass := r.PostFormValue("password")
|
||||
pass2 := r.PostFormValue("password2")
|
||||
email2 := r.PostFormValue("email2")
|
||||
|
||||
if len(user.UserName) == 0 || len(user.FirstName) == 0 ||
|
||||
len(user.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
|
||||
if len(user.UserName) == 0 || len(user.FirstName) == 0 || len(user.LastName) == 0 || len(user.Email) == 0 || len(email2) == 0 || len(pass) == 0 || len(pass2) == 0 {
|
||||
http.Error(w, "Bitte alle Felder ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
@ -76,6 +77,11 @@ func AddUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
if user.Email != email2 {
|
||||
http.Error(w, "Die Emailadressen stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if pass != pass2 {
|
||||
http.Error(w, "Die Passwörter stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
@ -153,11 +159,13 @@ func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
UserName: r.PostFormValue("username"),
|
||||
FirstName: r.PostFormValue("first-name"),
|
||||
LastName: r.PostFormValue("last-name"),
|
||||
Email: r.PostFormValue("email"),
|
||||
}
|
||||
|
||||
oldPass := r.PostFormValue("old-password")
|
||||
newPass := r.PostFormValue("password")
|
||||
newPass2 := r.PostFormValue("password2")
|
||||
email2 := r.PostFormValue("email2")
|
||||
|
||||
if len(user.UserName) == 0 {
|
||||
http.Error(w, "Bitte den Benutzernamen ausfüllen.", http.StatusBadRequest)
|
||||
@ -169,6 +177,20 @@ func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
if len(user.Email) == 0 || len(email2) == 0 {
|
||||
http.Error(w, "Bitte die Emailadresse ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if user.Email != email2 {
|
||||
http.Error(w, "Die Emailadressen stimmen nicht überein", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if newPass != newPass2 {
|
||||
http.Error(w, "Die Passwörter stimmen nicht überein", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
userString, stringLen, ok := checkUserStrings(user)
|
||||
if !ok {
|
||||
http.Error(w, fmt.Sprint(userString, " ist zu lang. Maximal ", stringLen, " Zeichen erlaubt."), http.StatusBadRequest)
|
||||
@ -180,7 +202,7 @@ func UpdateSelf(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
if err = db.UpdateOwnUserAttributes(c, user.ID, user.UserName, user.FirstName, user.LastName, oldPass, newPass, newPass2); err != nil {
|
||||
if err = db.UpdateOwnUserAttributes(c, user.ID, user.UserName, user.FirstName, user.LastName, user.Email, oldPass, newPass); err != nil {
|
||||
log.Println("error: user:", user.ID, err)
|
||||
http.Error(w, "Benutzerdaten konnten nicht aktualisiert werden.", http.StatusInternalServerError)
|
||||
return
|
||||
@ -206,13 +228,14 @@ func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
UserName: r.PostFormValue("username"),
|
||||
FirstName: r.PostFormValue("first-name"),
|
||||
LastName: r.PostFormValue("last-name"),
|
||||
Email: r.PostFormValue("email"),
|
||||
Role: b.Admin,
|
||||
}
|
||||
pass := r.PostFormValue("password")
|
||||
pass2 := r.PostFormValue("password2")
|
||||
email2 := r.PostFormValue("email2")
|
||||
|
||||
if len(user.UserName) == 0 || len(user.FirstName) == 0 ||
|
||||
len(user.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
|
||||
if len(user.UserName) == 0 || len(user.FirstName) == 0 || len(user.LastName) == 0 || len(user.Email) == 0 || len(email2) == 0 || len(pass) == 0 || len(pass2) == 0 {
|
||||
http.Error(w, "Bitte alle Felder ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
@ -223,6 +246,11 @@ func AddFirstUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
if user.Email != email2 {
|
||||
http.Error(w, "Die Emailadressen stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if pass != pass2 {
|
||||
http.Error(w, "Die Passwörter stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
@ -352,19 +380,34 @@ func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
|
||||
user.UserName = r.PostFormValue("username")
|
||||
if len(user.UserName) == 0 {
|
||||
http.Error(w, "Bitte den Benutzernamen ausfüllen.", http.StatusInternalServerError)
|
||||
http.Error(w, "Bitte den Benutzernamen ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user.FirstName = r.PostFormValue("first-name")
|
||||
user.LastName = r.PostFormValue("last-name")
|
||||
if len(user.FirstName) == 0 || len(user.LastName) == 0 {
|
||||
http.Error(w, "Bitte den vollständigen Namen ausfüllen.", http.StatusInternalServerError)
|
||||
http.Error(w, "Bitte den vollständigen Namen ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user.Email = r.PostFormValue("email")
|
||||
email2 := r.PostFormValue("email2")
|
||||
if len(user.Email) == 0 || len(email2) == 0 {
|
||||
http.Error(w, "Bitte die Emailadresse ausfüllen.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if user.Email != email2 {
|
||||
http.Error(w, "Die Emailadressen stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
newPass := r.PostFormValue("password")
|
||||
newPass2 := r.PostFormValue("password2")
|
||||
if newPass != newPass2 {
|
||||
http.Error(w, "Die Passwörter stimmen nicht überein.", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
userString, stringLen, ok := checkUserStrings(user)
|
||||
if !ok {
|
||||
@ -377,7 +420,7 @@ func UpdateUser(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
if err = db.UpdateUserAttributes(c, user.ID, user.UserName, user.FirstName, user.LastName, newPass, newPass2, user.Role); err != nil {
|
||||
if err = db.UpdateUserAttributes(c, user.ID, user.UserName, user.FirstName, user.LastName, user.Email, newPass, user.Role); err != nil {
|
||||
log.Println("error: user:", user.ID, err)
|
||||
http.Error(w, "Benutzerdaten konnten nicht aktualisiert werden.", http.StatusInternalServerError)
|
||||
return
|
||||
|
||||
Reference in New Issue
Block a user