2020-06-07 20:28:32 +03:00
|
|
|
package routes
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"github.com/gorilla/schema"
|
2020-10-09 22:37:16 +03:00
|
|
|
conf "github.com/muety/wakapi/config"
|
2020-06-07 20:28:32 +03:00
|
|
|
"github.com/muety/wakapi/models"
|
|
|
|
"github.com/muety/wakapi/services"
|
|
|
|
"github.com/muety/wakapi/utils"
|
|
|
|
"net/http"
|
2020-06-07 20:58:06 +03:00
|
|
|
"net/url"
|
2020-10-27 00:34:50 +03:00
|
|
|
"strconv"
|
2020-06-07 20:28:32 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
type SettingsHandler struct {
|
2020-10-27 00:34:50 +03:00
|
|
|
config *conf.Config
|
|
|
|
userSrvc *services.UserService
|
2020-10-25 09:22:10 +03:00
|
|
|
customRuleSrvc *services.CustomRuleService
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
var credentialsDecoder = schema.NewDecoder()
|
|
|
|
|
2020-10-25 09:22:10 +03:00
|
|
|
func NewSettingsHandler(userService *services.UserService, customRuleService *services.CustomRuleService) *SettingsHandler {
|
2020-06-07 20:28:32 +03:00
|
|
|
return &SettingsHandler{
|
2020-10-27 00:34:50 +03:00
|
|
|
config: conf.Get(),
|
2020-10-25 09:22:10 +03:00
|
|
|
customRuleSrvc: customRuleService,
|
2020-10-27 00:34:50 +03:00
|
|
|
userSrvc: userService,
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SettingsHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
2020-09-12 17:09:23 +03:00
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
2020-10-25 09:22:10 +03:00
|
|
|
rules, _ := h.customRuleSrvc.GetCustomRuleForUser(user.ID)
|
2020-09-12 17:09:23 +03:00
|
|
|
data := map[string]interface{}{
|
2020-10-27 00:34:50 +03:00
|
|
|
"User": user,
|
|
|
|
"Rules": rules,
|
2020-10-25 09:22:10 +03:00
|
|
|
"Success": r.FormValue("success"),
|
2020-10-27 00:34:50 +03:00
|
|
|
"Error": r.FormValue("error"),
|
2020-09-12 17:09:23 +03:00
|
|
|
}
|
|
|
|
|
2020-10-09 22:37:16 +03:00
|
|
|
templates[conf.SettingsTemplate].Execute(w, data)
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SettingsHandler) PostCredentials(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
|
|
|
|
|
|
|
var credentials models.CredentialsReset
|
|
|
|
if err := r.ParseForm(); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
if err := credentialsDecoder.Decode(&credentials, r.PostForm); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "missing parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-16 17:11:14 +03:00
|
|
|
if !utils.CompareBcrypt(user.Password, credentials.PasswordOld, h.config.Security.PasswordSalt) {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "invalid credentials", "", conf.SettingsTemplate, http.StatusUnauthorized)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if !credentials.IsValid() {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "invalid parameters", "", conf.SettingsTemplate, http.StatusBadRequest)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user.Password = credentials.PasswordNew
|
2020-10-16 17:11:14 +03:00
|
|
|
if hash, err := utils.HashBcrypt(user.Password, h.config.Security.PasswordSalt); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
2020-10-16 17:11:14 +03:00
|
|
|
} else {
|
|
|
|
user.Password = hash
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := h.userSrvc.Update(user); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
login := &models.Login{
|
|
|
|
Username: user.ID,
|
|
|
|
Password: user.Password,
|
|
|
|
}
|
2020-10-04 11:37:38 +03:00
|
|
|
encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)
|
2020-06-07 20:28:32 +03:00
|
|
|
if err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-06-07 20:28:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
cookie := &http.Cookie{
|
|
|
|
Name: models.AuthCookieKey,
|
|
|
|
Value: encoded,
|
|
|
|
Path: "/",
|
2020-10-04 11:37:38 +03:00
|
|
|
Secure: !h.config.Security.InsecureCookies,
|
2020-06-07 20:28:32 +03:00
|
|
|
HttpOnly: true,
|
|
|
|
}
|
|
|
|
http.SetCookie(w, cookie)
|
2020-06-07 20:58:06 +03:00
|
|
|
|
|
|
|
msg := url.QueryEscape("password was updated successfully")
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
|
2020-10-25 09:22:10 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SettingsHandler) DeleteCustomRule(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
|
|
|
ruleId, err := strconv.Atoi(r.PostFormValue("ruleid"))
|
|
|
|
if err != nil {
|
2020-10-26 05:00:24 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-10-25 09:22:10 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
rule := &models.CustomRule{
|
2020-10-27 00:34:50 +03:00
|
|
|
ID: uint(ruleId),
|
2020-10-25 09:22:10 +03:00
|
|
|
UserID: user.ID,
|
2020-10-27 00:34:50 +03:00
|
|
|
}
|
2020-11-01 18:56:36 +03:00
|
|
|
|
|
|
|
err = h.customRuleSrvc.Delete(rule)
|
|
|
|
if err != nil {
|
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-27 00:34:50 +03:00
|
|
|
msg := url.QueryEscape("Custom rule deleted successfully.")
|
2020-10-25 09:22:10 +03:00
|
|
|
|
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SettingsHandler) PostCreateCustomRule(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
|
|
|
extension := r.PostFormValue("extension")
|
|
|
|
language := r.PostFormValue("language")
|
|
|
|
|
|
|
|
if extension[0] == '.' {
|
|
|
|
extension = extension[1:]
|
|
|
|
}
|
|
|
|
|
|
|
|
rule := &models.CustomRule{
|
2020-10-27 00:34:50 +03:00
|
|
|
UserID: user.ID,
|
2020-10-25 09:22:10 +03:00
|
|
|
Extension: extension,
|
2020-10-27 00:34:50 +03:00
|
|
|
Language: language,
|
|
|
|
}
|
2020-10-25 09:22:10 +03:00
|
|
|
|
|
|
|
if _, err := h.customRuleSrvc.Create(rule); err != nil {
|
2020-10-26 05:00:24 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-10-25 09:22:10 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-27 00:34:50 +03:00
|
|
|
msg := url.QueryEscape("Custom rule saved successfully.")
|
2020-10-25 09:22:10 +03:00
|
|
|
|
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SettingsHandler) PostResetApiKey(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
2020-06-07 20:58:06 +03:00
|
|
|
|
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
|
|
|
if _, err := h.userSrvc.ResetApiKey(user); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-06-07 20:58:06 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
msg := url.QueryEscape(fmt.Sprintf("your new api key is: %s", user.ApiKey))
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/settings?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
|
2020-06-07 20:28:32 +03:00
|
|
|
}
|
2020-09-12 17:09:23 +03:00
|
|
|
|
|
|
|
func (h *SettingsHandler) PostToggleBadges(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
user := r.Context().Value(models.UserKey).(*models.User)
|
|
|
|
|
|
|
|
if _, err := h.userSrvc.ToggleBadges(user); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "internal server error", "", conf.SettingsTemplate, http.StatusInternalServerError)
|
2020-09-12 17:09:23 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/settings", h.config.Server.BasePath), http.StatusFound)
|
2020-09-12 17:09:23 +03:00
|
|
|
}
|