summaryrefslogtreecommitdiff
path: root/register.go
blob: 5bd4d82168f5e94611ca3dfb590d18a0f7a56481 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package main

import (
	"code.google.com/p/go.crypto/bcrypt"
	"github.com/gorilla/sessions"
	"kch42.de/gostuff/mailremind/model"
	"log"
	"math/rand"
	"net/http"
)

type registerData struct {
	Error, Success string
	Timezones      *[]string
}

type registerFormdata struct {
	Mail                     EMail
	Password, RetypePassword string
	Timezone                 timelocForm
}

var acCodeAlphabet = []rune("qwertzuiopasdfghjklyxcvbnmQWERTZUIOPASDFGHJKLYXCVBNM1234567890")

func genAcCode() string {
	const codelen = 10
	alphalen := len(acCodeAlphabet)

	code := make([]rune, codelen)
	for i := 0; i < codelen; i++ {
		code[i] = acCodeAlphabet[rand.Intn(alphalen)]
	}

	return string(code)
}

func register(user model.User, sess *sessions.Session, req *http.Request) (interface{}, model.User) {
	outdata := &registerData{Timezones: &timeLocs}

	if user != nil {
		outdata.Success = "You are already logged in. To register a new account, first log out."
		return outdata, user
	}

	if req.Method != "POST" {
		return outdata, user
	}

	if err := req.ParseForm(); err != nil {
		outdata.Error = "Data of form could not be understand. If this happens again, please contact support!"
		return outdata, user
	}

	indata := new(registerFormdata)
	if err := formdec.Decode(indata, req.Form); (err != nil) || (indata.Mail == "") || (indata.Timezone.Loc == nil) {
		outdata.Error = "Input data wrong or missing. Please fill in all values and make sure to provide a valid E-Mail address."
		return outdata, user
	}

	if indata.Password == "" {
		outdata.Error = "Empty passwords are not allowed."
		return outdata, user
	}

	if indata.Password != indata.RetypePassword {
		outdata.Error = "Passwords are not identical."
		return outdata, user
	}

	mail := string(indata.Mail)

	switch _, err := dbcon.UserByMail(mail); err {
	case nil:
		outdata.Error = "This E-Mail address is already used."
		return outdata, user
	case model.NotFound:
	default:
		log.Printf("Error while checking, if mail is used: %s", err)
		outdata.Error = "Internal error, sorry. If this happens again, please contact support!"
		return outdata, user
	}

	acCode := genAcCode()
	pwhash, err := bcrypt.GenerateFromPassword([]byte(indata.Password), bcrypt.DefaultCost)
	if err != nil {
		log.Printf("Error while hashing password: %s", err)
		outdata.Error = "Internal error, sorry. If this happens again, please contact support!"
		return outdata, user
	}

	user, err = dbcon.AddUser(mail, pwhash, indata.Timezone.Loc, false, acCode)
	if err != nil {
		log.Printf("Could not create user (%s): %s", indata.Mail, err)
		outdata.Error = "Internal error, sorry. If this happens again, please contact support!"
		return outdata, user
	}

	if !SendActivationcode(mail, acCode, user.ID()) {
		outdata.Error = "We could not send you a mail with your confirmation code."
		return outdata, user
	}

	outdata.Success = "Account created successfully! We sent you an E-Mail that contains a link to activate your account."
	return outdata, user
}