diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-04-25 10:12:03 +0200 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-04-25 10:12:03 +0200 |
| commit | 718740398fd8c3cf81d8412756b1db5ce7cef6aa (patch) | |
| tree | 88eec48258f55653e612867880aa5ff6fb10d3e6 | |
| parent | 3f299b3899d25c9bad5fdb34464a2bd853455b8f (diff) | |
| download | shopping-list-718740398fd8c3cf81d8412756b1db5ce7cef6aa.tar.gz shopping-list-718740398fd8c3cf81d8412756b1db5ce7cef6aa.zip | |
add a password confirm field
| -rw-r--r-- | authenticate/authenticate.go | 26 | ||||
| -rw-r--r-- | templates/register.html | 4 |
2 files changed, 21 insertions, 9 deletions
diff --git a/authenticate/authenticate.go b/authenticate/authenticate.go index 7ca1472..e0f2ddd 100644 --- a/authenticate/authenticate.go +++ b/authenticate/authenticate.go @@ -20,13 +20,13 @@ func CheckAuth(c *gin.Context) { token_session := session.Get("token") if token_session == nil { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") return } token_string, ok := token_session.(string) if !ok { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") return } @@ -38,19 +38,19 @@ func CheckAuth(c *gin.Context) { }) if err != nil || !token.Valid { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") c.Error(err) return } claims, ok := token.Claims.(jwt.MapClaims) if !ok { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") return } if float64(time.Now().Unix()) > claims["exp"].(float64) { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") return } @@ -61,7 +61,7 @@ func CheckAuth(c *gin.Context) { First(&list). Error if err != nil { - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") return } @@ -136,7 +136,7 @@ func LoginPOST(c *gin.Context) { session.Set("token", token) session.Save() - c.Redirect(http.StatusFound, models.BasePath() + "/") + c.Redirect(http.StatusFound, models.BasePath()+"/") } func RegisterGET(c *gin.Context) { @@ -152,6 +152,7 @@ func RegisterGET(c *gin.Context) { func RegisterPOST(c *gin.Context) { username := strings.TrimSpace(c.PostForm("username")) password := c.PostForm("password") + password_confirm := c.PostForm("password_confirm") global_password := strings.TrimSpace(c.PostForm("global_password")) if username == "" { @@ -168,6 +169,13 @@ func RegisterPOST(c *gin.Context) { return } + if password != password_confirm { + c.HTML(http.StatusBadRequest, "register.html", gin.H{ + "error": "The passwords do not match!", + }) + return + } + if global_password != os.Getenv("GLOBAL_PASSWORD") { c.HTML(http.StatusBadRequest, "register.html", gin.H{ "error": "Global Password is wrong", @@ -222,12 +230,12 @@ func RegisterPOST(c *gin.Context) { return } - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") } func Logout(c *gin.Context) { session := sessions.Default(c) session.Delete("token") session.Save() - c.Redirect(http.StatusFound, models.BasePath() + "/login") + c.Redirect(http.StatusFound, models.BasePath()+"/login") } diff --git a/templates/register.html b/templates/register.html index f4b582c..4f9b950 100644 --- a/templates/register.html +++ b/templates/register.html @@ -156,6 +156,10 @@ <input type="password" id="newItem" name="password" tabindex="0"/> </div> <div class="input-container"> + Confirm Password: + <input type="password" id="newItem" name="password_confirm" tabindex="0"/> + </div> + <div class="input-container"> Global Password: <input type="password" id="newItem" name="global_password" tabindex="0"/> </div> |