Admin: Added user editing

Added user editing route both backend and frontend, fully functional. Currently working on new user frontend route, then setup process. Also changed to use gorilla/feeds now that code has been upstreamed, so please update your dependencies.
2024-09-19 17:21:10 +01:00 · 2017-11-17 13:59:53 -08:00 · 2017-11-17 13:59:53 -08:00 · 4ef5d671f3
parent 1cf9e5c9dc
commit 4ef5d671f3
7 changed files with 98 additions and 16 deletions
--- a/README.md
+++ b/README.md
@ -20,7 +20,7 @@ To produce a product that is easy to deploy and easier to use when hosting a pod

 ## Requirements

-[github.com/gmemstr/feeds](https://github.com/gmemstr/feeds) _this branch contains some fixes for "podcast specific" tags_
+[github.com/gorilla/feeds](https://github.com/gorilla/feeds)

 [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify)

--- a/admin/admin.go
+++ b/admin/admin.go
@ -80,6 +80,95 @@ func AddUser() common.Handler {

 }

+func EditUser() common.Handler {
+
+	return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
+		db, err := sql.Open("sqlite3", "assets/config/users.db")
+
+		if err != nil {
+			return &common.HTTPError{
+				Message:    fmt.Sprintf("error in reading user database: %v", err),
+				StatusCode: http.StatusInternalServerError,
+			}
+		}
+
+		err = r.ParseMultipartForm(32 << 20)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    err.Error(),
+				StatusCode: http.StatusBadRequest,
+			}
+		}
+		id := strings.Join(r.Form["id"], "")
+		username := strings.Join(r.Form["username"], "")
+		password := strings.Join(r.Form["oldpw"], "")
+		newpassword := strings.Join(r.Form["newpw1"], "")
+		realname := strings.Join(r.Form["realname"], "")
+		email := strings.Join(r.Form["email"], "")
+		pwhash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
+
+		statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=? WHERE id=?")
+		if err != nil {
+			return &common.HTTPError{
+				Message:    fmt.Sprintf("error preparing sqlite3 statement: %v", err),
+				StatusCode: http.StatusInternalServerError,
+			}
+		}
+
+		pwstatement, err := db.Prepare("SELECT hash FROM users WHERE id=?")
+		if err != nil {
+			return &common.HTTPError{
+				Message:    fmt.Sprintf("error preparing sqlite3 statement: %v", err),
+				StatusCode: http.StatusInternalServerError,
+			}
+		}
+
+		tmp, err := pwstatement.Query(id)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    fmt.Sprintf("error executing sqlite3 statement: %v", err),
+				StatusCode: http.StatusInternalServerError,
+			}
+		}
+
+		var hash []byte
+
+		for tmp.Next() {
+			err = tmp.Scan(&hash)
+			if err != nil {
+				return &common.HTTPError{
+					Message:    fmt.Sprintf("error executing sqlite3 statement: %v", err),
+					StatusCode: http.StatusInternalServerError,
+				}
+			}
+		}
+		fmt.Println(hash)
+		if bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) != nil {
+			fmt.Println("Passwords do not match")
+			w.Write([]byte("<script>window.location = '/admin#/users/editerror';</script>"))
+			db.Close()
+
+			return nil
+		}
+
+		if newpassword != "" {
+			pwhash, err = bcrypt.GenerateFromPassword([]byte(newpassword), 4)
+		} 
+
+		_, err = statement.Exec(username,pwhash,realname,email,id)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    fmt.Sprintf("error executing sqlite3 statement: %v", err),
+				StatusCode: http.StatusInternalServerError,
+			}
+		}
+		w.Write([]byte("<script>window.location = '/admin#/users/edited';</script>"))
+		db.Close()
+
+		return nil
+	}
+}
+
 func ListUsers() common.Handler {

 	return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
--- a/assets/config/users.db
+++ b/assets/config/users.db
--- a/assets/config/users.json
+++ b/assets/config/users.json
@ -1,12 +0,0 @@
-{
-	"admin": {
-		"password": "$2a$04$ZAf88Bao4Q768vKfCaKBlOqtPumwKwFhrcpBCdfMWWFX69wyhgTqi",
-		"realname": "Administrator",
-		"email": "admin@localhost.com"
-	},
-	"gabriel": {
-		"password": "$2a$04$KrhZ1q6FpOGqs0FVKMYhQ.BTYeVXztnjrM9RbK.0buI1OHfmyNEAy",
-		"realname": "Gabriel Simmer",
-		"email": "gabriel@localhost.com"
-	} 
-}
--- a/assets/web/static/app.js
+++ b/assets/web/static/app.js
@ -77,8 +77,8 @@ const useredit = {
    <div>
        <h3>Edit User</h3>
        <form enctype="multipart/form-data" action="/admin/edituser" method="post">
-        <label for="title">Username</label>
-        <input type="text" id="title" name="title" :value="user.username">
+        <label for="username">Username</label>
+        <input type="text" id="username" name="username" :value="user.username">
        <label for="email">Email</label>
        <input type="text" id="email" name="email" :value="user.email">
        <label for="realname">Real Name</label>
--- a/generate_rss.go
+++ b/generate_rss.go
@ -17,7 +17,7 @@ import (
 	"encoding/json"

 	"github.com/fsnotify/fsnotify"
-	"github.com/gmemstr/feeds"
+	"github.com/gorilla/feeds"
 )

 type Config struct {
--- a/router/router.go
+++ b/router/router.go
@ -83,6 +83,11 @@ func Init() *mux.Router {
 		admin.CreateEpisode(),
 	)).Methods("POST")

+	r.Handle("/admin/edituser", Handle(
+		auth.RequireAuthorization(),
+		admin.EditUser(),
+	)).Methods("POST")
+
 	r.Handle("/admin/newuser", Handle(
 		auth.RequireAuthorization(),
 		admin.AddUser(),