pcmt/handlers/home.go
surtur 73915fcd98
All checks were successful
continuous-integration/drone/push Build is passing
fix(go): resolve signin/logout issues for all time
affects:
* app/settings
* app/server
* handlers
    * signin
    * signup
    * logout
    * home
    * middleware
2023-09-08 17:22:20 +02:00

123 lines
3.1 KiB
Go

// Copyright 2023 wanderer <a_mirre at utb dot cz>
// SPDX-License-Identifier: AGPL-3.0-only
package handlers
import (
"context"
"net/http"
"git.dotya.ml/mirre-mt/pcmt/ent"
moduser "git.dotya.ml/mirre-mt/pcmt/modules/user"
"github.com/labstack/echo-contrib/session"
"github.com/labstack/echo/v4"
)
func Home(client *ent.Client) echo.HandlerFunc {
return func(c echo.Context) error {
defer addHeaders(c)
sess, _ := session.Get(setting.SessionCookieName(), c)
if sess == nil {
log.Info("no session, redirecting to /signin", "endpoint", "/home")
return c.Redirect(http.StatusSeeOther, "/signin")
}
var username string
username, ok := sess.Values["username"].(string)
if !ok {
log.Info("session cookie found but username invalid, redirecting to signin", "endpoint", "/home")
return c.Redirect(http.StatusSeeOther, "/signin")
}
log.Debug("session", "username", username, "endpoint", "/home")
var u moduser.User
ctx := context.WithValue(context.Background(), moduser.CtxKey{}, slogger)
if usr, err := moduser.QueryUser(ctx, client, username); err == nil && usr != nil {
c.Logger().Debug("got usr: ", usr.Username)
c.Logger().Debug("admin? ", usr.IsAdmin)
u.ID = usr.ID
u.Username = usr.Username
u.IsActive = usr.IsActive
u.IsAdmin = usr.IsAdmin
// TODO: this is redundant, if there is a user object, the user is logged in...
u.IsLoggedIn = true
} else {
c.Logger().Error("failed to query usr", username)
return renderErrorPage(
c,
http.StatusInternalServerError,
http.StatusText(http.StatusInternalServerError)+" failed to query usr (make sure you've got cookies enabled)",
err.Error(),
)
}
if !u.IsAdmin {
f, err := moduser.UsrFinishedSetup(ctx, dbclient, u.ID)
if err != nil {
return renderErrorPage(
c,
http.StatusInternalServerError,
http.StatusText(http.StatusInternalServerError),
err.Error(),
)
}
if !f {
return c.Redirect(http.StatusSeeOther, "/user/initial-password-change")
}
}
csrf := c.Get("csrf").(string)
p := newPage()
p.Title = "Home"
p.Current = "home"
p.CSRF = csrf
p.Name = username
p.User = u
if flsh, ok := sess.Values["flash"].(string); ok {
p.Data["flash"] = flsh
delete(sess.Values, "flash")
}
if _, ok := sess.Values["reauthFlash"].(string); ok {
p.Data["info"] = "First time after changing the password, yay!"
// if this is the first login after the initial password change, delete
// the cookie value.
delete(sess.Values, "reauthFlash")
}
if err := sess.Save(c.Request(), c.Response()); err != nil {
log.Error("Failed to save session", "module", "handlers/home")
return renderErrorPage(
c,
http.StatusInternalServerError,
http.StatusText(http.StatusInternalServerError)+" (make sure you've got cookies enabled)",
err.Error(),
)
}
err := c.Render(http.StatusOK, "home.tmpl", p)
if err != nil {
c.Logger().Errorf("error: %q", err)
return renderErrorPage(
c,
http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError),
err.Error(),
)
}
return nil
}
}