opengist/internal/web/settings.go

142 lines
3.2 KiB
Go
Raw Normal View History

2023-03-14 15:22:52 +00:00
package web
import (
"crypto/md5"
"fmt"
2023-03-14 15:22:52 +00:00
"strconv"
"strings"
"time"
"github.com/labstack/echo/v4"
"github.com/thomiceli/opengist/internal/db"
"golang.org/x/crypto/ssh"
2023-03-14 15:22:52 +00:00
)
func userSettings(ctx echo.Context) error {
2023-03-14 15:22:52 +00:00
user := getUserLogged(ctx)
2023-09-02 22:30:57 +00:00
keys, err := db.GetSSHKeysByUserID(user.ID)
2023-03-14 15:22:52 +00:00
if err != nil {
return errorRes(500, "Cannot get SSH keys", err)
}
setData(ctx, "email", user.Email)
2023-03-14 15:22:52 +00:00
setData(ctx, "sshKeys", keys)
2023-11-20 17:03:28 +00:00
setData(ctx, "hasPassword", user.Password != "")
setData(ctx, "htmlTitle", "Settings")
return html(ctx, "settings.html")
2023-03-14 15:22:52 +00:00
}
func emailProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
email := ctx.FormValue("email")
var hash string
if email == "" {
// generate random md5 string
hash = fmt.Sprintf("%x", md5.Sum([]byte(time.Now().String())))
} else {
hash = fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(email)))))
}
2023-03-14 15:22:52 +00:00
user.Email = strings.ToLower(email)
user.MD5Hash = hash
if err := user.Update(); err != nil {
return errorRes(500, "Cannot update email", err)
}
addFlash(ctx, "Email updated", "success")
return redirect(ctx, "/settings")
}
func accountDeleteProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
if err := user.Delete(); err != nil {
return errorRes(500, "Cannot delete this user", err)
}
return redirect(ctx, "/all")
}
func sshKeysProcess(ctx echo.Context) error {
2023-03-14 15:22:52 +00:00
user := getUserLogged(ctx)
dto := new(db.SSHKeyDTO)
2023-03-17 13:56:39 +00:00
if err := ctx.Bind(dto); err != nil {
2023-03-14 15:22:52 +00:00
return errorRes(400, "Cannot bind data", err)
}
2023-03-17 13:56:39 +00:00
if err := ctx.Validate(dto); err != nil {
2023-03-14 15:22:52 +00:00
addFlash(ctx, validationMessages(&err), "error")
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
2023-03-17 13:56:39 +00:00
key := dto.ToSSHKey()
2023-03-14 15:22:52 +00:00
key.UserID = user.ID
2023-05-01 00:55:34 +00:00
pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
2023-03-14 15:22:52 +00:00
if err != nil {
addFlash(ctx, "Invalid SSH key", "error")
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
2023-05-01 00:55:34 +00:00
key.Content = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
2023-03-14 15:22:52 +00:00
2023-03-17 13:56:39 +00:00
if err := key.Create(); err != nil {
2023-03-14 15:22:52 +00:00
return errorRes(500, "Cannot add SSH key", err)
}
addFlash(ctx, "SSH key added", "success")
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
func sshKeysDelete(ctx echo.Context) error {
user := getUserLogged(ctx)
keyId, err := strconv.Atoi(ctx.Param("id"))
if err != nil {
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
2023-09-02 22:30:57 +00:00
key, err := db.GetSSHKeyByID(uint(keyId))
2023-03-14 15:22:52 +00:00
if err != nil || key.UserID != user.ID {
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
2023-03-17 13:56:39 +00:00
if err := key.Delete(); err != nil {
2023-03-14 15:22:52 +00:00
return errorRes(500, "Cannot delete SSH key", err)
}
addFlash(ctx, "SSH key deleted", "success")
return redirect(ctx, "/settings")
2023-03-14 15:22:52 +00:00
}
2023-11-20 17:03:28 +00:00
func passwordProcess(ctx echo.Context) error {
user := getUserLogged(ctx)
dto := new(db.UserDTO)
if err := ctx.Bind(dto); err != nil {
return errorRes(400, "Cannot bind data", err)
}
dto.Username = user.Username
if err := ctx.Validate(dto); err != nil {
addFlash(ctx, validationMessages(&err), "error")
return html(ctx, "settings.html")
}
password, err := argon2id.hash(dto.Password)
if err != nil {
return errorRes(500, "Cannot hash password", err)
}
user.Password = password
if err = user.Update(); err != nil {
return errorRes(500, "Cannot update password", err)
}
addFlash(ctx, "Password updated", "success")
return redirect(ctx, "/settings")
}