From f819320f5aafd7463b62ef53da6018083399bbb1 Mon Sep 17 00:00:00 2001 From: Pierre-Olivier Mercier Date: Mon, 31 Dec 2018 01:00:11 +0100 Subject: [PATCH] Continue reset form on bad entry --- reset.go | 31 ++++++++++++++++++++----------- static/reset.html | 2 +- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/reset.go b/reset.go index 567ad56..e266bcd 100644 --- a/reset.go +++ b/reset.go @@ -12,20 +12,24 @@ func resetPassword(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, "lost", http.StatusFound) } + base := map[string]interface{}{ + "login": r.URL.Query().Get("l"), + "token": strings.Replace(r.URL.Query().Get("t"), " ", "+", -1), + } + if r.Method != "POST" { - displayTmpl(w, "reset.html", map[string]interface{}{ - "login": r.URL.Query().Get("l"), - "token": strings.Replace(r.URL.Query().Get("t"), " ", "+", -1), - }) + displayTmpl(w, "reset.html", base) return } // Check the two new passwords are identical if r.PostFormValue("newpassword") != r.PostFormValue("new2password") { - displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "New passwords are not identical. Please retry."}) + base["error"] = "New passwords are not identical. Please retry." + displayTmplError(w, http.StatusNotAcceptable, "reset.html", base) return } else if err := checkPasswdConstraint(r.PostFormValue("newpassword")); err != nil { - displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "The password you chose doesn't respect all constraints: " + err.Error()}) + base["error"] = "The password you chose doesn't respect all constraints: " + err.Error() + displayTmplError(w, http.StatusNotAcceptable, "reset.html", base) return } @@ -33,7 +37,8 @@ func resetPassword(w http.ResponseWriter, r *http.Request) { conn, err := myLDAP.Connect() if err != nil || conn == nil { log.Println(err) - displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()}) + base["error"] = err.Error() + displayTmplError(w, http.StatusInternalServerError, "reset.html", base) return } @@ -41,7 +46,8 @@ func resetPassword(w http.ResponseWriter, r *http.Request) { err = conn.ServiceBind() if err != nil { log.Println(err) - displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()}) + base["error"] = err.Error() + displayTmplError(w, http.StatusInternalServerError, "reset.html", base) return } @@ -49,20 +55,23 @@ func resetPassword(w http.ResponseWriter, r *http.Request) { dn, err := conn.SearchDN(r.PostFormValue("login")) if err != nil { log.Println(err) - displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()}) + base["error"] = err.Error() + displayTmplError(w, http.StatusInternalServerError, "reset.html", base) return } // Check token validity (allow current token + last one) if conn.genToken(dn, false) != r.PostFormValue("token") && conn.genToken(dn, true) != r.PostFormValue("token") { - displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "Token invalid, please retry the lost password procedure. Please note that our token expires after 1 hour."}) + base["error"] = "Token invalid, please retry the lost password procedure. Please note that our token expires after 1 hour." + displayTmplError(w, http.StatusNotAcceptable, "reset.html", base) return } // Replace the password by the new given if err := conn.ChangePassword(dn, r.PostFormValue("newpassword")); err != nil { log.Println(err) - displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()}) + base["error"] = err.Error() + displayTmplError(w, http.StatusInternalServerError, "reset.html", base) return } diff --git a/static/reset.html b/static/reset.html index 27d1f91..dac37d7 100644 --- a/static/reset.html +++ b/static/reset.html @@ -1,7 +1,7 @@ {{template "header"}}

Forgot your password? Define a new one!

-
+ {{if .error}}{{end}}