diff --git a/main.go b/main.go index aa45131..af1eb77 100644 --- a/main.go +++ b/main.go @@ -15,29 +15,27 @@ import ( func main() { values := config.ReadConfig("config.json") views.PopulateTemplates() - http.HandleFunc("/", views.ShowAllTasksFunc) + http.HandleFunc("/", views.RequiresLogin(views.ShowAllTasksFunc)) http.HandleFunc("/login/", views.LoginFunc) - http.HandleFunc("/logout/", views.LogoutFunc) - http.HandleFunc("/add-category/", views.AddCategoryFunc) - http.HandleFunc("/add-comment/", views.AddCommentFunc) - http.HandleFunc("/del-comment/", views.DeleteCommentFunc) - http.HandleFunc("/del-category/", views.DeleteCategoryFunc) - http.HandleFunc("/upd-category/", views.UpdateCategoryFunc) - http.HandleFunc("/category/", views.ShowCategoryFunc) - http.HandleFunc("/complete/", views.CompleteTaskFunc) - //delete permanently deletes from db - http.HandleFunc("/delete/", views.DeleteTaskFunc) - http.HandleFunc("/files/", views.UploadedFileHandler) - http.HandleFunc("/deleted/", views.ShowTrashTaskFunc) - //trash moves to recycle bin - http.HandleFunc("/trash/", views.TrashTaskFunc) - http.HandleFunc("/edit/", views.EditTaskFunc) - http.HandleFunc("/completed/", views.ShowCompleteTasksFunc) - http.HandleFunc("/restore/", views.RestoreTaskFunc) - http.HandleFunc("/incomplete/", views.RestoreFromCompleteFunc) - http.HandleFunc("/add/", views.AddTaskFunc) - http.HandleFunc("/update/", views.UpdateTaskFunc) - http.HandleFunc("/search/", views.SearchTaskFunc) + http.HandleFunc("/logout/", views.RequiresLogin(views.LogoutFunc)) + http.HandleFunc("/add-category/", views.RequiresLogin(views.AddCategoryFunc)) + http.HandleFunc("/add-comment/", views.RequiresLogin(views.AddCommentFunc)) + http.HandleFunc("/del-comment/", views.RequiresLogin(views.DeleteCommentFunc)) + http.HandleFunc("/del-category/", views.RequiresLogin(views.DeleteCategoryFunc)) + http.HandleFunc("/upd-category/", views.RequiresLogin(views.UpdateCategoryFunc)) + http.HandleFunc("/category/", views.RequiresLogin(views.ShowCategoryFunc)) + http.HandleFunc("/complete/", views.RequiresLogin(views.CompleteTaskFunc)) + http.HandleFunc("/delete/", views.RequiresLogin(views.DeleteTaskFunc)) + http.HandleFunc("/files/", views.RequiresLogin(views.UploadedFileHandler)) + http.HandleFunc("/deleted/", views.RequiresLogin(views.ShowTrashTaskFunc)) + http.HandleFunc("/trash/", views.RequiresLogin(views.TrashTaskFunc)) + http.HandleFunc("/edit/", views.RequiresLogin(views.EditTaskFunc)) + http.HandleFunc("/completed/", views.RequiresLogin(views.ShowCompleteTasksFunc)) + http.HandleFunc("/restore/", views.RequiresLogin(views.RestoreTaskFunc)) + http.HandleFunc("/incomplete/", views.RequiresLogin(views.RestoreFromCompleteFunc)) + http.HandleFunc("/add/", views.RequiresLogin(views.AddTaskFunc)) + http.HandleFunc("/update/", views.RequiresLogin(views.UpdateTaskFunc)) + http.HandleFunc("/search/", views.RequiresLogin(views.SearchTaskFunc)) //http.HandleFunc("/static/", ServeStaticFunc) http.Handle("/static/", http.FileServer(http.Dir("public"))) log.Println("running server on ", values.ServerPort) diff --git a/views/addViews.go b/views/addViews.go index a8f54e2..4a38f96 100644 --- a/views/addViews.go +++ b/views/addViews.go @@ -16,193 +16,175 @@ import ( "time" "github.com/thewhitetulip/Tasks/db" - "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) // UploadedFileHandler is used to handle the uploaded file related requests func UploadedFileHandler(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - token := r.URL.Path[len("/files/"):] + if r.Method == "GET" { + token := r.URL.Path[len("/files/"):] - //file, err := db.GetFileName(token) - //if err != nil { - log.Println("serving file ./files/" + token) - http.ServeFile(w, r, "./files/"+token) - //} - } + //file, err := db.GetFileName(token) + //if err != nil { + log.Println("serving file ./files/" + token) + http.ServeFile(w, r, "./files/"+token) + //} } } //AddTaskFunc is used to handle the addition of new task, "/add" URL func AddTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "POST" { // Will work only for POST requests, will redirect to home - var filelink string // will store the html when we have files to be uploaded, appened to the note content - r.ParseForm() - file, handler, err := r.FormFile("uploadfile") - if err != nil && handler != nil { - //Case executed when file is uploaded and yet an error occurs - log.Println(err) - message = "Error uploading file" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } - - taskPriority, priorityErr := strconv.Atoi(r.FormValue("priority")) - - if priorityErr != nil { - log.Print(priorityErr) - message = "Bad task priority" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } - priorityList := []int{1, 2, 3} - found := false - for _, priority := range priorityList { - if taskPriority == priority { - found = true - } - } - //If someone gives us incorrect priority number, we give the priority - //to that task as 1 i.e. Low - if !found { - taskPriority = 1 - } - - category := r.FormValue("category") - title := template.HTMLEscapeString(r.Form.Get("title")) - content := template.HTMLEscapeString(r.Form.Get("content")) - formToken := template.HTMLEscapeString(r.Form.Get("CSRFToken")) - - cookie, _ := r.Cookie("csrftoken") - if formToken == cookie.Value { - if handler != nil { - // this will be executed whenever a file is uploaded - r.ParseMultipartForm(32 << 20) //defined maximum size of file - defer file.Close() - randomFileName := md5.New() - io.WriteString(randomFileName, strconv.FormatInt(time.Now().Unix(), 10)) - io.WriteString(randomFileName, handler.Filename) - token := fmt.Sprintf("%x", randomFileName.Sum(nil)) - f, err := os.OpenFile("./files/"+token, os.O_WRONLY|os.O_CREATE, 0666) - if err != nil { - log.Println(err) - return - } - defer f.Close() - io.Copy(f, file) - - if strings.HasSuffix(handler.Filename, ".png") || strings.HasSuffix(handler.Filename, ".jpg") { - filelink = "
" - } else { - filelink = "
" + handler.Filename + "" - } - content = content + filelink - - fileTruth := db.AddFile(handler.Filename, token) - if fileTruth != nil { - message = "Error adding filename in db" - log.Println("error adding task to db") - } - } - - taskTruth := db.AddTask(title, content, category, taskPriority) - - if taskTruth != nil { - message = "Error adding task" - log.Println("error adding task to db") - http.Redirect(w, r, "/", http.StatusInternalServerError) - } else { - message = "Task added" - log.Println("added task to db") - http.Redirect(w, r, "/", http.StatusFound) - } - } else { - log.Println("CSRF mismatch") - message = "Server Error" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } - + if r.Method == "POST" { // Will work only for POST requests, will redirect to home + var filelink string // will store the html when we have files to be uploaded, appened to the note content + r.ParseForm() + file, handler, err := r.FormFile("uploadfile") + if err != nil && handler != nil { + //Case executed when file is uploaded and yet an error occurs + log.Println(err) + message = "Error uploading file" + http.Redirect(w, r, "/", http.StatusInternalServerError) } - } else { - http.Redirect(w, r, "/login/", 302) + + taskPriority, priorityErr := strconv.Atoi(r.FormValue("priority")) + + if priorityErr != nil { + log.Print(priorityErr) + message = "Bad task priority" + http.Redirect(w, r, "/", http.StatusInternalServerError) + } + priorityList := []int{1, 2, 3} + found := false + for _, priority := range priorityList { + if taskPriority == priority { + found = true + } + } + //If someone gives us incorrect priority number, we give the priority + //to that task as 1 i.e. Low + if !found { + taskPriority = 1 + } + + category := r.FormValue("category") + title := template.HTMLEscapeString(r.Form.Get("title")) + content := template.HTMLEscapeString(r.Form.Get("content")) + formToken := template.HTMLEscapeString(r.Form.Get("CSRFToken")) + + cookie, _ := r.Cookie("csrftoken") + if formToken == cookie.Value { + if handler != nil { + // this will be executed whenever a file is uploaded + r.ParseMultipartForm(32 << 20) //defined maximum size of file + defer file.Close() + randomFileName := md5.New() + io.WriteString(randomFileName, strconv.FormatInt(time.Now().Unix(), 10)) + io.WriteString(randomFileName, handler.Filename) + token := fmt.Sprintf("%x", randomFileName.Sum(nil)) + f, err := os.OpenFile("./files/"+token, os.O_WRONLY|os.O_CREATE, 0666) + if err != nil { + log.Println(err) + return + } + defer f.Close() + io.Copy(f, file) + + if strings.HasSuffix(handler.Filename, ".png") || strings.HasSuffix(handler.Filename, ".jpg") { + filelink = "
" + } else { + filelink = "
" + handler.Filename + "" + } + content = content + filelink + + fileTruth := db.AddFile(handler.Filename, token) + if fileTruth != nil { + message = "Error adding filename in db" + log.Println("error adding task to db") + } + } + + taskTruth := db.AddTask(title, content, category, taskPriority) + + if taskTruth != nil { + message = "Error adding task" + log.Println("error adding task to db") + http.Redirect(w, r, "/", http.StatusInternalServerError) + } else { + message = "Task added" + log.Println("added task to db") + http.Redirect(w, r, "/", http.StatusFound) + } + } else { + log.Println("CSRF mismatch") + message = "Server Error" + http.Redirect(w, r, "/", http.StatusInternalServerError) + } + } + } //AddCategoryFunc used to add new categories to the database func AddCategoryFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - r.ParseForm() - category := r.Form.Get("category") - if strings.Trim(category, " ") != "" { - err := db.AddCategory(category) - if err != nil { - message = "Error adding category" - http.Redirect(w, r, "/", http.StatusBadRequest) - } else { - message = "Added category" - http.Redirect(w, r, "/", http.StatusFound) - } + r.ParseForm() + category := r.Form.Get("category") + if strings.Trim(category, " ") != "" { + err := db.AddCategory(category) + if err != nil { + message = "Error adding category" + http.Redirect(w, r, "/", http.StatusBadRequest) + } else { + message = "Added category" + http.Redirect(w, r, "/", http.StatusFound) } - } else { - http.Redirect(w, r, "/login/", 302) } } //EditTaskFunc is used to edit tasks, handles "/edit/" URL func EditTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/edit/"):]) - if err != nil { - log.Println(err) - http.Redirect(w, r, "/", http.StatusBadRequest) - } else { - redirectURL := utils.GetRedirectUrl(r.Referer()) - task, err := db.GetTaskByID(id) - categories := db.GetCategories() - task.Categories = categories - task.Referer = redirectURL + if r.Method == "GET" { + id, err := strconv.Atoi(r.URL.Path[len("/edit/"):]) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/", http.StatusBadRequest) + } else { + redirectURL := utils.GetRedirectUrl(r.Referer()) + task, err := db.GetTaskByID(id) + categories := db.GetCategories() + task.Categories = categories + task.Referer = redirectURL - if err != nil { - task.Message = "Error fetching Tasks" - } - editTemplate.Execute(w, task) + if err != nil { + task.Message = "Error fetching Tasks" } + editTemplate.Execute(w, task) } - } else { - http.Redirect(w, r, "/login/", http.StatusFound) } } //AddCommentFunc will be used func AddCommentFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "POST" { - r.ParseForm() - text := r.Form.Get("commentText") - id := r.Form.Get("taskID") + if r.Method == "POST" { + r.ParseForm() + text := r.Form.Get("commentText") + id := r.Form.Get("taskID") - idInt, err := strconv.Atoi(id) + idInt, err := strconv.Atoi(id) - if (err != nil) || (text == "") { - log.Println("unable to convert into integer") - message = "Error adding comment" + if (err != nil) || (text == "") { + log.Println("unable to convert into integer") + message = "Error adding comment" + } else { + err = db.AddComments(idInt, text) + + if err != nil { + log.Println("unable to insert into db") + message = "Comment not added" } else { - err = db.AddComments(idInt, text) - - if err != nil { - log.Println("unable to insert into db") - message = "Comment not added" - } else { - message = "Comment added" - } + message = "Comment added" } - - http.Redirect(w, r, "/", http.StatusFound) - } - } else { - http.Redirect(w, r, "/login", 302) + + http.Redirect(w, r, "/", http.StatusFound) + } } diff --git a/views/deleteViews.go b/views/deleteViews.go index 3304ce7..31b8824 100644 --- a/views/deleteViews.go +++ b/views/deleteViews.go @@ -10,7 +10,6 @@ import ( "strconv" "github.com/thewhitetulip/Tasks/db" - "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) @@ -19,149 +18,124 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) { //for best UX we want the user to be returned to the page making //the delete transaction, we use the r.Referer() function to get the link redirectURL := utils.GetRedirectUrl(r.Referer()) - - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/trash/"):]) + if r.Method == "GET" { + id, err := strconv.Atoi(r.URL.Path[len("/trash/"):]) + if err != nil { + log.Println("TrashTaskFunc", err) + message = "Incorrect command" + http.Redirect(w, r, redirectURL, http.StatusFound) + } else { + err = db.TrashTask(id) if err != nil { - log.Println("TrashTaskFunc", err) - message = "Incorrect command" - http.Redirect(w, r, redirectURL, http.StatusFound) + message = "Error trashing task" } else { - err = db.TrashTask(id) - if err != nil { - message = "Error trashing task" - } else { - message = "Task trashed" - } - http.Redirect(w, r, redirectURL, http.StatusFound) + message = "Task trashed" } + http.Redirect(w, r, redirectURL, http.StatusFound) } - } else { - http.Redirect(w, r, "/login/", 302) } } //RestoreTaskFunc is used to restore task from trash, handles "/restore/" URL func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/restore/"):]) + if r.Method == "GET" { + id, err := strconv.Atoi(r.URL.Path[len("/restore/"):]) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/deleted", http.StatusBadRequest) + } else { + err = db.RestoreTask(id) if err != nil { - log.Println(err) - http.Redirect(w, r, "/deleted", http.StatusBadRequest) + message = "Restore failed" } else { - err = db.RestoreTask(id) - if err != nil { - message = "Restore failed" - } else { - message = "Task restored" - } - http.Redirect(w, r, "/deleted/", http.StatusFound) + message = "Task restored" } + http.Redirect(w, r, "/deleted/", http.StatusFound) } - } else { - http.Redirect(w, r, "/login/", 302) } } //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id := r.URL.Path[len("/delete/"):] - if id == "all" { - err := db.DeleteAll() - if err != nil { - message = "Error deleting tasks" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } - http.Redirect(w, r, "/", http.StatusFound) + if r.Method == "GET" { + id := r.URL.Path[len("/delete/"):] + if id == "all" { + err := db.DeleteAll() + if err != nil { + message = "Error deleting tasks" + http.Redirect(w, r, "/", http.StatusInternalServerError) + } + http.Redirect(w, r, "/", http.StatusFound) + } else { + id, err := strconv.Atoi(id) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/", http.StatusBadRequest) } else { - id, err := strconv.Atoi(id) + err = db.DeleteTask(id) if err != nil { - log.Println(err) - http.Redirect(w, r, "/", http.StatusBadRequest) + message = "Error deleting task" } else { - err = db.DeleteTask(id) - if err != nil { - message = "Error deleting task" - } else { - message = "Task deleted" - } - http.Redirect(w, r, "/deleted", http.StatusFound) + message = "Task deleted" } + http.Redirect(w, r, "/deleted", http.StatusFound) } } - } else { - http.Redirect(w, r, "/login/", 302) } } //RestoreFromCompleteFunc restores the task from complete to pending func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):]) + if r.Method == "GET" { + id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):]) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/completed", http.StatusBadRequest) + } else { + err = db.RestoreTaskFromComplete(id) if err != nil { - log.Println(err) - http.Redirect(w, r, "/completed", http.StatusBadRequest) + message = "Restore failed" } else { - err = db.RestoreTaskFromComplete(id) - if err != nil { - message = "Restore failed" - } else { - message = "Task restored" - } - http.Redirect(w, r, "/completed", http.StatusFound) + message = "Task restored" } + http.Redirect(w, r, "/completed", http.StatusFound) } - } else { - http.Redirect(w, r, "/login/", 302) } } //DeleteCategoryFunc will delete any category func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - categoryName := r.URL.Path[len("/del-category/"):] - err := db.DeleteCategoryByName(categoryName) - if err != nil { - message = "error deleting category" - } else { - message = "Category " + categoryName + " deleted" - } - - http.Redirect(w, r, "/", http.StatusFound) + if r.Method == "GET" { + categoryName := r.URL.Path[len("/del-category/"):] + err := db.DeleteCategoryByName(categoryName) + if err != nil { + message = "error deleting category" + } else { + message = "Category " + categoryName + " deleted" } - } else { - http.Redirect(w, r, "/login/", 302) + + http.Redirect(w, r, "/", http.StatusFound) } } //DeleteCommentFunc will delete any category func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - id := r.URL.Path[len("/del-comment/"):] - commentID, err := strconv.Atoi(id) - if err != nil { - http.Redirect(w, r, "/", http.StatusBadRequest) - return - } - - err = db.DeleteCommentByID(commentID) - - if err != nil { - message = "comment not deleted" - } else { - message = "comment deleted" - } - - http.Redirect(w, r, "/", http.StatusFound) + if r.Method == "GET" { + id := r.URL.Path[len("/del-comment/"):] + commentID, err := strconv.Atoi(id) + if err != nil { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } - } else { - http.Redirect(w, r, "/login/", 302) + + err = db.DeleteCommentByID(commentID) + + if err != nil { + message = "comment not deleted" + } else { + message = "comment deleted" + } + + http.Redirect(w, r, "/", http.StatusFound) } } diff --git a/views/otherViews.go b/views/otherViews.go index 53285c5..58c4cc0 100644 --- a/views/otherViews.go +++ b/views/otherViews.go @@ -14,7 +14,6 @@ import ( "text/template" "github.com/thewhitetulip/Tasks/db" - "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) @@ -56,98 +55,82 @@ func PopulateTemplates() { //CompleteTaskFunc is used to show the complete tasks, handles "/completed/" url func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - redirectURL := utils.GetRedirectUrl(r.Referer()) - id, err := strconv.Atoi(r.URL.Path[len("/complete/"):]) + if r.Method == "GET" { + redirectURL := utils.GetRedirectUrl(r.Referer()) + id, err := strconv.Atoi(r.URL.Path[len("/complete/"):]) + if err != nil { + log.Println(err) + } else { + err = db.CompleteTask(id) if err != nil { - log.Println(err) + message = "Complete task failed" } else { - err = db.CompleteTask(id) - if err != nil { - message = "Complete task failed" - } else { - message = "Task marked complete" - } - http.Redirect(w, r, redirectURL, http.StatusFound) + message = "Task marked complete" } + http.Redirect(w, r, redirectURL, http.StatusFound) } - } else { - http.Redirect(w, r, "/login/", 302) } } //SearchTaskFunc is used to handle the /search/ url, handles the search function func SearchTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "POST" { - r.ParseForm() - query := r.Form.Get("query") + if r.Method == "POST" { + r.ParseForm() + query := r.Form.Get("query") - context := db.SearchTask(query) + context := db.SearchTask(query) - categories := db.GetCategories() - context.Categories = categories + categories := db.GetCategories() + context.Categories = categories - searchTemplate.Execute(w, context) - } - } else { - http.Redirect(w, r, "/login/", 302) + searchTemplate.Execute(w, context) } } //UpdateTaskFunc is used to update a task, handes "/update/" URL func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "POST" { - r.ParseForm() - id, err := strconv.Atoi(r.Form.Get("id")) - if err != nil { - log.Println(err) - } - category := r.Form.Get("category") - title := r.Form.Get("title") - content := r.Form.Get("content") - priority, err := strconv.Atoi(r.Form.Get("priority")) - if err != nil { - log.Println(err) - } - err = db.UpdateTask(id, title, content, category, priority) - if err != nil { - message = "Error updating task" - } else { - message = "Task updated" - log.Println(message) - } - http.Redirect(w, r, "/", http.StatusFound) + if r.Method == "POST" { + r.ParseForm() + id, err := strconv.Atoi(r.Form.Get("id")) + if err != nil { + log.Println(err) } - } else { - http.Redirect(w, r, "/login/", 302) + category := r.Form.Get("category") + title := r.Form.Get("title") + content := r.Form.Get("content") + priority, err := strconv.Atoi(r.Form.Get("priority")) + if err != nil { + log.Println(err) + } + err = db.UpdateTask(id, title, content, category, priority) + if err != nil { + message = "Error updating task" + } else { + message = "Task updated" + log.Println(message) + } + http.Redirect(w, r, "/", http.StatusFound) } } //UpdateCategoryFunc is used to update a task, handes "/upd-category/" URL func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "POST" { - var redirectURL string - r.ParseForm() - oldName := r.URL.Path[len("/upd-category/"):] - newName := r.Form.Get("catname") + if r.Method == "POST" { + var redirectURL string + r.ParseForm() + oldName := r.URL.Path[len("/upd-category/"):] + newName := r.Form.Get("catname") - err := db.UpdateCategoryByName(oldName, newName) - if err != nil { - message = "error updating category" - log.Println("not updated category " + oldName) - redirectURL = "/category/" + oldName - } else { - message = "cat " + oldName + " -> " + newName - redirectURL = "/category/" + newName - } - log.Println("redirecting to " + redirectURL) - http.Redirect(w, r, redirectURL, http.StatusFound) + err := db.UpdateCategoryByName(oldName, newName) + if err != nil { + message = "error updating category" + log.Println("not updated category " + oldName) + redirectURL = "/category/" + oldName + } else { + message = "cat " + oldName + " -> " + newName + redirectURL = "/category/" + newName } - } else { - http.Redirect(w, r, "/login/", 302) + log.Println("redirecting to " + redirectURL) + http.Redirect(w, r, redirectURL, http.StatusFound) } } diff --git a/views/sessionViews.go b/views/sessionViews.go index 5ecb723..5533a41 100644 --- a/views/sessionViews.go +++ b/views/sessionViews.go @@ -6,6 +6,17 @@ import ( "github.com/thewhitetulip/Tasks/sessions" ) +//RequiresLogin is a middleware which will be used for each httpHandler to check if there is any active session +func RequiresLogin(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) { + return func(w http.ResponseWriter, r *http.Request) { + if !sessions.IsLoggedIn(r) { + http.Redirect(w, r, "/login/", 302) + return + } + handler(w, r) + } +} + //LogoutFunc Implements the logout functionality. WIll delete the session information from the cookie store func LogoutFunc(w http.ResponseWriter, r *http.Request) { session, err := sessions.Store.Get(r, "session") diff --git a/views/views.go b/views/views.go index 1139fc9..2619e5f 100644 --- a/views/views.go +++ b/views/views.go @@ -25,80 +25,12 @@ var err error //ShowAllTasksFunc is used to handle the "/" URL which is the default ons //TODO add http404 error func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) == true { - if r.Method == "GET" { - context, err := db.GetTasks("pending", "") - categories := db.GetCategories() - if err != nil { - http.Redirect(w, r, "/", http.StatusInternalServerError) - } else { - if message != "" { - context.Message = message - } - context.CSRFToken = "abcd" - context.Categories = categories - message = "" - expiration := time.Now().Add(365 * 24 * time.Hour) - cookie := http.Cookie{Name: "csrftoken", Value: "abcd", Expires: expiration} - http.SetCookie(w, &cookie) - homeTemplate.Execute(w, context) - } - } - } else { - http.Redirect(w, r, "/login/", 302) - } -} - -//ShowTrashTaskFunc is used to handle the "/trash" URL which is used to show the deleted tasks -func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - context, err := db.GetTasks("deleted", "") - categories := db.GetCategories() - context.Categories = categories - if err != nil { - http.Redirect(w, r, "/trash", http.StatusInternalServerError) - } - if message != "" { - context.Message = message - message = "" - } - deletedTemplate.Execute(w, context) - } - } else { - http.Redirect(w, r, "/login/", 302) - } -} - -//ShowCompleteTasksFunc is used to populate the "/completed/" URL -func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" { - context, err := db.GetTasks("completed", "") - categories := db.GetCategories() - context.Categories = categories - if err != nil { - http.Redirect(w, r, "/completed", http.StatusInternalServerError) - } - completedTemplate.Execute(w, context) - } - } else { - http.Redirect(w, r, "/login/", 302) - } -} - -//ShowCategoryFunc will populate the /category/ URL which shows all the tasks related -// to that particular category -func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) { - if sessions.IsLoggedIn(r) { - if r.Method == "GET" && sessions.IsLoggedIn(r) { - category := r.URL.Path[len("/category/"):] - context, err := db.GetTasks("", category) - categories := db.GetCategories() - - if err != nil { - http.Redirect(w, r, "/", http.StatusInternalServerError) - } + if r.Method == "GET" { + context, err := db.GetTasks("pending", "") + categories := db.GetCategories() + if err != nil { + http.Redirect(w, r, "/", http.StatusInternalServerError) + } else { if message != "" { context.Message = message } @@ -110,7 +42,59 @@ func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) { http.SetCookie(w, &cookie) homeTemplate.Execute(w, context) } - } else { - http.Redirect(w, r, "/login/", 302) + } +} + +//ShowTrashTaskFunc is used to handle the "/trash" URL which is used to show the deleted tasks +func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) { + if r.Method == "GET" { + context, err := db.GetTasks("deleted", "") + categories := db.GetCategories() + context.Categories = categories + if err != nil { + http.Redirect(w, r, "/trash", http.StatusInternalServerError) + } + if message != "" { + context.Message = message + message = "" + } + deletedTemplate.Execute(w, context) + } +} + +//ShowCompleteTasksFunc is used to populate the "/completed/" URL +func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) { + if r.Method == "GET" { + context, err := db.GetTasks("completed", "") + categories := db.GetCategories() + context.Categories = categories + if err != nil { + http.Redirect(w, r, "/completed", http.StatusInternalServerError) + } + completedTemplate.Execute(w, context) + } +} + +//ShowCategoryFunc will populate the /category/ URL which shows all the tasks related +// to that particular category +func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) { + if r.Method == "GET" && sessions.IsLoggedIn(r) { + category := r.URL.Path[len("/category/"):] + context, err := db.GetTasks("", category) + categories := db.GetCategories() + + if err != nil { + http.Redirect(w, r, "/", http.StatusInternalServerError) + } + if message != "" { + context.Message = message + } + context.CSRFToken = "abcd" + context.Categories = categories + message = "" + expiration := time.Now().Add(365 * 24 * time.Hour) + cookie := http.Cookie{Name: "csrftoken", Value: "abcd", Expires: expiration} + http.SetCookie(w, &cookie) + homeTemplate.Execute(w, context) } }