|
3
|
1 local Luan = require "luan:Luan.luan"
|
|
|
2 local error = Luan.error
|
|
|
3 local String = require "luan:String.luan"
|
|
|
4 local trim = String.trim or error()
|
|
29
|
5 local regex = String.regex or error()
|
|
3
|
6 local Html = require "luan:Html.luan"
|
|
|
7 local url_encode = Html.url_encode or error()
|
|
|
8 local Io = require "luan:Io.luan"
|
|
4
|
9 local output_of = Io.output_of or error()
|
|
3
|
10 local Http = require "luan:http/Http.luan"
|
|
|
11 local Shared = require "site:/lib/Shared.luan"
|
|
|
12 local head = Shared.head or error()
|
|
|
13 local header = Shared.header or error()
|
|
|
14 local footer = Shared.footer or error()
|
|
|
15 local base_url = Shared.base_url or error()
|
|
6
|
16 local call_mail_api = Shared.call_mail_api or error()
|
|
3
|
17 local Forum = require "site:/lib/Forum.luan"
|
|
|
18 local forum_title = Forum.title or error()
|
|
|
19 local User = require "site:/lib/User.luan"
|
|
|
20 local Db = require "site:/lib/Db.luan"
|
|
|
21 local run_in_transaction = Db.run_in_transaction or error()
|
|
|
22
|
|
|
23
|
|
29
|
24 local name_regex = regex "^[a-zA-Z0-9_-]+$"
|
|
|
25
|
|
3
|
26 local function get_user(email,password)
|
|
|
27 local user = User.get_by_email(email)
|
|
|
28 user or error "email not found"
|
|
|
29 user.password == password or error "wrong password"
|
|
|
30 return user
|
|
|
31 end
|
|
|
32
|
|
|
33 local function login(user)
|
|
|
34 Http.response.set_persistent_cookie("user",user.name)
|
|
|
35 Http.response.set_persistent_cookie("password",user.password)
|
|
|
36 Http.request.cookies.user = user.name
|
|
|
37 Http.request.cookies.password = user.password
|
|
|
38 end
|
|
|
39
|
|
|
40 local function register_form(user,name,error_message)
|
|
|
41 if error_message ~= nil then %>
|
|
|
42 <p error>Error: <%= error_message %></p>
|
|
|
43 <% end %>
|
|
|
44 <form>
|
|
|
45 <input type="hidden" name="email" value="<%= user.email %>" >
|
|
|
46 <input type="hidden" name="password" value="<%= user.password %>" >
|
|
|
47 <label>User name for <%= user.email %></label>
|
|
14
|
48 <input type="text" name="name" value="<%= name or "" %>" autofocus required pattern="[a-zA-Z0-9_-]+">
|
|
3
|
49 <input type="submit" value="Register">
|
|
|
50 </form>
|
|
|
51 <%
|
|
|
52 end
|
|
|
53
|
|
|
54 local function page(contents)
|
|
|
55 Io.stdout = Http.response.text_writer()
|
|
|
56 %>
|
|
|
57 <!doctype html>
|
|
|
58 <html>
|
|
|
59 <head>
|
|
|
60 <% head() %>
|
|
|
61 <title><%=forum_title%> - Login or Register</title>
|
|
|
62 </head>
|
|
|
63 <body>
|
|
|
64 <% header() %>
|
|
|
65 <div content>
|
|
|
66 <h1>Login or Register</h1>
|
|
|
67 <%
|
|
|
68 contents()
|
|
|
69 %>
|
|
|
70 </div>
|
|
|
71 <% footer() %>
|
|
|
72 </body>
|
|
|
73 </html>
|
|
|
74 <%
|
|
|
75 end
|
|
|
76
|
|
|
77 return function()
|
|
|
78 local email = Http.request.parameters.email
|
|
|
79 local password = Http.request.parameters.password
|
|
|
80 local name = Http.request.parameters.name
|
|
|
81 if email == nil then
|
|
|
82 page(function()
|
|
|
83 %>
|
|
|
84 <form>
|
|
|
85 <label>Email address</label>
|
|
|
86 <input type="email" name="email" autofocus required>
|
|
|
87 <input type="submit" value="Login or Register">
|
|
|
88 </form>
|
|
|
89 <%
|
|
|
90 end)
|
|
|
91 elseif password == nil then
|
|
|
92 local user = User.get_or_create_by_email(email)
|
|
6
|
93 local result = call_mail_api( "login_email", {
|
|
|
94 base_url = base_url()
|
|
|
95 from = forum_title.." <support@freedit.org>"
|
|
|
96 email = user.email
|
|
|
97 password = user.password
|
|
|
98 } )
|
|
|
99 result.okay or error(result.error)
|
|
3
|
100 page(function()
|
|
|
101 %>
|
|
|
102 <p>We have sent you an email. Please check your email to login or register.</p>
|
|
|
103 <%
|
|
|
104 end)
|
|
|
105 elseif name == nil then
|
|
|
106 local user = get_user(email,password)
|
|
|
107 if user.name == nil then
|
|
|
108 page(function()
|
|
|
109 register_form(user)
|
|
|
110 end)
|
|
|
111 else
|
|
|
112 login(user)
|
|
|
113 page(function()
|
|
|
114 %>
|
|
|
115 <p>You are now logged in.</p>
|
|
|
116 <%
|
|
|
117 end)
|
|
|
118 end
|
|
|
119 else
|
|
|
120 name = trim(name)
|
|
29
|
121 name_regex.matches(name) or error "invalid name"
|
|
3
|
122 local error_message = nil
|
|
|
123 local user
|
|
|
124 run_in_transaction( function()
|
|
|
125 user = get_user(email,password)
|
|
|
126 if user.name ~= name and User.get_by_name(name) ~= nil then
|
|
|
127 error_message = "Name already in use"
|
|
|
128 else
|
|
|
129 user.name = name
|
|
|
130 user.save()
|
|
|
131 end
|
|
|
132 end )
|
|
|
133 if error_message ~= nil then
|
|
|
134 page(function()
|
|
|
135 register_form(user,name,error_message)
|
|
|
136 end)
|
|
|
137 else
|
|
|
138 login(user)
|
|
|
139 page(function()
|
|
|
140 %>
|
|
|
141 <p>You are now registered.</p>
|
|
|
142 <%
|
|
|
143 end)
|
|
|
144 end
|
|
|
145 end
|
|
|
146 end
|
