commit e1762779dd795f8363ee876fd876f6bc4c78a34b
parent 4fb4bd1c22731dfe6c5ac1b927116d918bec5165
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Wed, 11 Jan 2023 10:20:57 -0800
cleanup
Diffstat:
2 files changed, 36 insertions(+), 32 deletions(-)
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -2339,47 +2339,50 @@ func chatHandler(c echo.Context, redRoom bool) error {
authUser.DoSave()
}
return c.Redirect(http.StatusFound, c.Request().Referer())
- }
- data.RoomPassword = c.Request().PostFormValue("password")
- if authUser == nil {
- data.GuestUsername = c.Request().PostFormValue("guest_username")
- captchaID := c.Request().PostFormValue("captcha_id")
- captchaInput := c.Request().PostFormValue("captcha")
- if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
- data.ErrCaptcha = err.Error()
- return c.Render(http.StatusOK, "chat-password", data)
- }
+ case "chat-password":
+ data.RoomPassword = c.Request().PostFormValue("password")
+ if authUser == nil {
+ data.GuestUsername = c.Request().PostFormValue("guest_username")
+ captchaID := c.Request().PostFormValue("captcha_id")
+ captchaInput := c.Request().PostFormValue("captcha")
+ if err := hutils.CaptchaVerifyString(c, captchaID, captchaInput); err != nil {
+ data.ErrCaptcha = err.Error()
+ return c.Render(http.StatusOK, "chat-password", data)
+ }
- if err := database.CanUseUsername(data.GuestUsername, false); err != nil {
- data.ErrGuestUsername = err.Error()
- return c.Render(http.StatusOK, "chat-password", data)
+ if err := database.CanUseUsername(data.GuestUsername, false); err != nil {
+ data.ErrGuestUsername = err.Error()
+ return c.Render(http.StatusOK, "chat-password", data)
+ }
}
- }
- key := utils.Sha256([]byte(config.RoomPasswordSalt + data.RoomPassword))[:32]
- hashedPassword := utils.Sha512([]byte(config.RoomPasswordSalt + data.RoomPassword))
- if hashedPassword != room.Password {
- data.Error = "Invalid room password"
- return c.Render(http.StatusOK, "chat-password", data)
- }
-
- if authUser == nil {
- password := utils.GenerateToken32()
- newUser, errs := database.CreateGuestUser(data.GuestUsername, password)
- if errs.HasError() {
- data.ErrGuestUsername = errs.Username
+ key := utils.Sha256([]byte(config.RoomPasswordSalt + data.RoomPassword))[:32]
+ hashedPassword := utils.Sha512([]byte(config.RoomPasswordSalt + data.RoomPassword))
+ if hashedPassword != room.Password {
+ data.Error = "Invalid room password"
return c.Render(http.StatusOK, "chat-password", data)
}
- session, err := database.CreateSession(newUser.ID, c.Request().UserAgent())
- if err != nil {
- logrus.Error("Failed to create session : ", err)
+ if authUser == nil {
+ password := utils.GenerateToken32()
+ newUser, errs := database.CreateGuestUser(data.GuestUsername, password)
+ if errs.HasError() {
+ data.ErrGuestUsername = errs.Username
+ return c.Render(http.StatusOK, "chat-password", data)
+ }
+
+ session, err := database.CreateSession(newUser.ID, c.Request().UserAgent())
+ if err != nil {
+ logrus.Error("Failed to create session : ", err)
+ }
+ c.SetCookie(createSessionCookie(session.Token))
}
- c.SetCookie(createSessionCookie(session.Token))
+
+ hutils.CreateRoomCookie(c, int64(room.ID), hashedPassword, key)
+ return c.Redirect(http.StatusFound, "/chat/"+room.Name)
}
- hutils.CreateRoomCookie(c, int64(room.ID), hashedPassword, key)
- return c.Redirect(http.StatusFound, "/chat/"+room.Name)
+ return c.Redirect(http.StatusFound, c.Request().Referer())
}
if !room.HasAccess(c) {
diff --git a/pkg/web/public/views/pages/chat-password.gohtml b/pkg/web/public/views/pages/chat-password.gohtml
@@ -67,6 +67,7 @@
{{ end }}
<form method="post">
+ <input type="hidden" name="formName" value="chat-password" />
<input type="hidden" name="csrf" value="{{ .CSRF }}" />
<div class="form-group">
<label for="password" class="bg-label">{{ t "Room password" . }}</label>
