app redirects to login page is user isn't authenticated

2016-05-09 23:06:35 +05:30 · 2016-05-09 23:06:35 +05:30 · dacbef54e4
parent eb1bf99924
commit dacbef54e4
4 changed files with 370 additions and 338 deletions
--- a/views/addViews.go
+++ b/views/addViews.go
@ -22,7 +22,8 @@ import (

 // UploadedFileHandler is used to handle the uploaded file related requests
 func UploadedFileHandler(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			token := r.URL.Path[len("/files/"):]

 			//file, err := db.GetFileName(token)
@ -31,11 +32,13 @@ func UploadedFileHandler(w http.ResponseWriter, r *http.Request) {
 			http.ServeFile(w, r, "./files/"+token)
 			//}
 		}
+	}
 }

 //AddTaskFunc is used to handle the addition of new task, "/add" URL
 func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" && sessions.IsLoggedIn(r) { // Will work only for POST requests, will redirect to home
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "POST" { // Will work only for POST requests, will redirect to home
 			var filelink string // will store the html when we have files to be uploaded, appened to the note content
 			r.ParseForm()
 			file, handler, err := r.FormFile("uploadfile")
@ -120,14 +123,15 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
 				http.Redirect(w, r, "/", http.StatusInternalServerError)
 			}

+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //AddCategoryFunc used to add new categories to the database
 func AddCategoryFunc(w http.ResponseWriter, r *http.Request) {
+	if sessions.IsLoggedIn(r) {
 		r.ParseForm()
 		category := r.Form.Get("category")
 		if strings.Trim(category, " ") != "" {
@ -139,40 +143,42 @@ func AddCategoryFunc(w http.ResponseWriter, r *http.Request) {
 				message = "Added category"
 				http.Redirect(w, r, "/", http.StatusFound)
 			}
+		}
 	} else {
-		message = "Invalid Category Name"
-		http.Redirect(w, r, "/", http.StatusBadRequest)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //EditTaskFunc is used to edit tasks, handles "/edit/" URL
 func EditTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id, err := strconv.Atoi(r.URL.Path[len("/edit/"):])
 			if err != nil {
 				log.Println(err)
 				http.Redirect(w, r, "/", http.StatusBadRequest)
 			} else {
-			redirectUrl := utils.GetRedirectUrl(r.Referer())
+				redirectURL := utils.GetRedirectUrl(r.Referer())
 				task, err := db.GetTaskByID(id)
 				categories := db.GetCategories()
 				task.Categories = categories
-			task.Referer = redirectUrl
+				task.Referer = redirectURL

 				if err != nil {
 					task.Message = "Error fetching Tasks"
 				}
 				editTemplate.Execute(w, task)
 			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", http.StatusFound)
 	}
 }

 //AddCommentFunc will be used
 func AddCommentFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "POST" {
 			r.ParseForm()
 			text := r.Form.Get("commentText")
 			id := r.Form.Get("taskID")
@ -196,4 +202,7 @@ func AddCommentFunc(w http.ResponseWriter, r *http.Request) {
 			http.Redirect(w, r, "/", http.StatusFound)

 		}
+	} else {
+		http.Redirect(w, r, "/login", 302)
+	}
 }
--- a/views/deleteViews.go
+++ b/views/deleteViews.go
@ -18,14 +18,15 @@ import (
 func TrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 	//for best UX we want the user to be returned to the page making
 	//the delete transaction, we use the r.Referer() function to get the link
-	redirectUrl := utils.GetRedirectUrl(r.Referer())
+	redirectURL := utils.GetRedirectUrl(r.Referer())

-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id, err := strconv.Atoi(r.URL.Path[len("/trash/"):])
 			if err != nil {
 				log.Println("TrashTaskFunc", err)
 				message = "Incorrect command"
-			http.Redirect(w, r, redirectUrl, http.StatusFound)
+				http.Redirect(w, r, redirectURL, http.StatusFound)
 			} else {
 				err = db.TrashTask(id)
 				if err != nil {
@ -33,17 +34,18 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 				} else {
 					message = "Task trashed"
 				}
-			http.Redirect(w, r, redirectUrl, http.StatusFound)
+				http.Redirect(w, r, redirectURL, http.StatusFound)
+			}
 		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, redirectUrl, http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //RestoreTaskFunc is used to restore task from trash, handles "/restore/" URL
 func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id, err := strconv.Atoi(r.URL.Path[len("/restore/"):])
 			if err != nil {
 				log.Println(err)
@ -57,15 +59,16 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
 				}
 				http.Redirect(w, r, "/deleted/", http.StatusFound)
 			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete
 func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id := r.URL.Path[len("/delete/"):]
 			if id == "all" {
 				err := db.DeleteAll()
@ -89,15 +92,16 @@ func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 					http.Redirect(w, r, "/deleted", http.StatusFound)
 				}
 			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //RestoreFromCompleteFunc restores the task from complete to pending
 func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):])
 			if err != nil {
 				log.Println(err)
@ -111,15 +115,16 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
 				}
 				http.Redirect(w, r, "/completed", http.StatusFound)
 			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/completed", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //DeleteCategoryFunc will delete any category
 func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			categoryName := r.URL.Path[len("/del-category/"):]
 			err := db.DeleteCategoryByName(categoryName)
 			if err != nil {
@ -130,11 +135,15 @@ func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) {

 			http.Redirect(w, r, "/", http.StatusFound)
 		}
+	} else {
+		http.Redirect(w, r, "/login/", 302)
+	}
 }

 //DeleteCommentFunc will delete any category
 func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			id := r.URL.Path[len("/del-comment/"):]
 			commentID, err := strconv.Atoi(id)
 			if err != nil {
@ -152,4 +161,7 @@ func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) {

 			http.Redirect(w, r, "/", http.StatusFound)
 		}
+	} else {
+		http.Redirect(w, r, "/login/", 302)
+	}
 }
--- a/views/otherViews.go
+++ b/views/otherViews.go
@ -56,7 +56,8 @@ func PopulateTemplates() {

 //CompleteTaskFunc is used to show the complete tasks, handles "/completed/" url
 func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			redirectURL := utils.GetRedirectUrl(r.Referer())
 			id, err := strconv.Atoi(r.URL.Path[len("/complete/"):])
 			if err != nil {
@ -70,15 +71,16 @@ func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 				}
 				http.Redirect(w, r, redirectURL, http.StatusFound)
 			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //SearchTaskFunc is used to handle the /search/ url, handles the search function
 func SearchTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "POST" {
 			r.ParseForm()
 			query := r.Form.Get("query")

@ -88,15 +90,16 @@ func SearchTaskFunc(w http.ResponseWriter, r *http.Request) {
 			context.Categories = categories

 			searchTemplate.Execute(w, context)
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //UpdateTaskFunc is used to update a task, handes "/update/" URL
 func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "POST" {
 			r.ParseForm()
 			id, err := strconv.Atoi(r.Form.Get("id"))
 			if err != nil {
@ -117,16 +120,16 @@ func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) {
 				log.Println(message)
 			}
 			http.Redirect(w, r, "/", http.StatusFound)
-
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //UpdateCategoryFunc is used to update a task, handes "/upd-category/" URL
 func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "POST" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "POST" {
 			var redirectURL string
 			r.ParseForm()
 			oldName := r.URL.Path[len("/upd-category/"):]
@ -144,4 +147,7 @@ func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) {
 			log.Println("redirecting to " + redirectURL)
 			http.Redirect(w, r, redirectURL, http.StatusFound)
 		}
+	} else {
+		http.Redirect(w, r, "/login/", 302)
+	}
 }
--- a/views/views.go
+++ b/views/views.go
@ -25,12 +25,13 @@ var err error
 //ShowAllTasksFunc is used to handle the "/" URL which is the default ons
 //TODO add http404 error
 func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) == true {
+		if r.Method == "GET" {
 			context, err := db.GetTasks("pending", "")
 			categories := db.GetCategories()
 			if err != nil {
 				http.Redirect(w, r, "/", http.StatusInternalServerError)
-		}
+			} else {
 				if message != "" {
 					context.Message = message
 				}
@ -41,15 +42,17 @@ func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) {
 				cookie := http.Cookie{Name: "csrftoken", Value: "abcd", Expires: expiration}
 				http.SetCookie(w, &cookie)
 				homeTemplate.Execute(w, context)
+			}
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //ShowTrashTaskFunc is used to handle the "/trash" URL which is used to show the deleted tasks
 func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			context, err := db.GetTasks("deleted", "")
 			categories := db.GetCategories()
 			context.Categories = categories
@ -61,15 +64,16 @@ func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 				message = ""
 			}
 			deletedTemplate.Execute(w, context)
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //ShowCompleteTasksFunc is used to populate the "/completed/" URL
 func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) {
-	if r.Method == "GET" && sessions.IsLoggedIn(r) {
+	if sessions.IsLoggedIn(r) {
+		if r.Method == "GET" {
 			context, err := db.GetTasks("completed", "")
 			categories := db.GetCategories()
 			context.Categories = categories
@ -77,15 +81,16 @@ func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) {
 				http.Redirect(w, r, "/completed", http.StatusInternalServerError)
 			}
 			completedTemplate.Execute(w, context)
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }

 //ShowCategoryFunc will populate the /category/<id> URL which shows all the tasks related
 // to that particular category
 func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) {
+	if sessions.IsLoggedIn(r) {
 		if r.Method == "GET" && sessions.IsLoggedIn(r) {
 			category := r.URL.Path[len("/category/"):]
 			context, err := db.GetTasks("", category)
@ -104,8 +109,8 @@ func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) {
 			cookie := http.Cookie{Name: "csrftoken", Value: "abcd", Expires: expiration}
 			http.SetCookie(w, &cookie)
 			homeTemplate.Execute(w, context)
+		}
 	} else {
-		message = "Method not allowed"
-		http.Redirect(w, r, "/", http.StatusFound)
+		http.Redirect(w, r, "/login/", 302)
 	}
 }