2016-12-02 07:38:54 +00:00
package main
2017-05-11 13:04:43 +00:00
2017-06-05 11:57:27 +00:00
import (
2017-08-27 09:33:45 +00:00
//"log"
2017-06-05 11:57:27 +00:00
//"fmt"
2017-09-03 04:50:31 +00:00
"strconv"
"time"
2017-06-28 12:05:26 +00:00
2017-06-05 11:57:27 +00:00
"golang.org/x/crypto/bcrypt"
)
2016-12-02 07:38:54 +00:00
2017-09-03 04:50:31 +00:00
var guestUser = User { ID : 0 , Link : "#" , Group : 6 , Perms : GuestPerms }
2017-07-12 11:05:18 +00:00
2017-09-03 04:50:31 +00:00
//func(real_password string, password string, salt string) (err error)
var CheckPassword = BcryptCheckPassword
//func(password string) (hashed_password string, salt string, err error)
var GeneratePassword = BcryptGeneratePassword
type User struct {
ID int
Link string
Name string
Email string
Group int
Active bool
IsMod bool
IsSuperMod bool
IsAdmin bool
IsSuperAdmin bool
IsBanned bool
Perms Perms
PluginPerms map [ string ] bool
Session string
Loggedin bool
Avatar string
Message string
URLPrefix string // Move this to another table? Create a user lite?
URLName string
Tag string
Level int
Score int
LastIP string
TempGroup int
2016-12-02 07:38:54 +00:00
}
2017-09-03 04:50:31 +00:00
type Email struct {
UserID int
Email string
2017-01-03 07:47:31 +00:00
Validated bool
2017-09-03 04:50:31 +00:00
Primary bool
Token string
2017-01-03 07:47:31 +00:00
}
2017-08-27 09:33:45 +00:00
func ( user * User ) Ban ( duration time . Duration , issuedBy int ) error {
2017-09-03 04:50:31 +00:00
return user . ScheduleGroupUpdate ( 4 , issuedBy , duration )
2017-08-27 09:33:45 +00:00
}
func ( user * User ) Unban ( ) error {
err := user . RevertGroupUpdate ( )
if err != nil {
return err
}
return users . Load ( user . ID )
}
2017-09-10 16:57:22 +00:00
// TODO: Use a transaction to avoid race conditions
2017-08-27 09:33:45 +00:00
// Make this more stateless?
func ( user * User ) ScheduleGroupUpdate ( gid int , issuedBy int , duration time . Duration ) error {
var temporary bool
if duration . Nanoseconds ( ) != 0 {
temporary = true
}
revertAt := time . Now ( ) . Add ( duration )
_ , err := replace_schedule_group_stmt . Exec ( user . ID , gid , issuedBy , revertAt , temporary )
if err != nil {
return err
}
2017-09-03 04:50:31 +00:00
_ , err = set_temp_group_stmt . Exec ( gid , user . ID )
2017-08-27 09:33:45 +00:00
if err != nil {
return err
}
return users . Load ( user . ID )
}
2017-09-10 16:57:22 +00:00
// TODO: Use a transaction to avoid race conditions
2017-08-27 09:33:45 +00:00
func ( user * User ) RevertGroupUpdate ( ) error {
_ , err := replace_schedule_group_stmt . Exec ( user . ID , 0 , 0 , time . Now ( ) , false )
if err != nil {
return err
}
2017-09-03 04:50:31 +00:00
_ , err = set_temp_group_stmt . Exec ( 0 , user . ID )
2017-08-27 09:33:45 +00:00
if err != nil {
return err
}
return users . Load ( user . ID )
}
2017-09-03 04:50:31 +00:00
func BcryptCheckPassword ( realPassword string , password string , salt string ) ( err error ) {
return bcrypt . CompareHashAndPassword ( [ ] byte ( realPassword ) , [ ] byte ( password + salt ) )
2017-06-25 09:56:39 +00:00
}
2017-07-12 11:05:18 +00:00
// Investigate. Do we need the extra salt?
2017-09-10 16:57:22 +00:00
func BcryptGeneratePassword ( password string ) ( hashedPassword string , salt string , err error ) {
2017-07-12 11:05:18 +00:00
salt , err = GenerateSafeString ( saltLength )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-07-12 11:05:18 +00:00
return "" , "" , err
2016-12-02 07:38:54 +00:00
}
2017-06-06 14:41:06 +00:00
2016-12-02 07:38:54 +00:00
password = password + salt
2017-09-10 16:57:22 +00:00
hashedPassword , err = BcryptGeneratePasswordNoSalt ( password )
2017-07-12 11:05:18 +00:00
if err != nil {
return "" , "" , err
}
2017-09-10 16:57:22 +00:00
return hashedPassword , salt , nil
2017-07-12 11:05:18 +00:00
}
func BcryptGeneratePasswordNoSalt ( password string ) ( hash string , err error ) {
2017-09-03 04:50:31 +00:00
hashedPassword , err := bcrypt . GenerateFromPassword ( [ ] byte ( password ) , bcrypt . DefaultCost )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-07-12 11:05:18 +00:00
return "" , err
2016-12-02 07:38:54 +00:00
}
2017-09-03 04:50:31 +00:00
return string ( hashedPassword ) , nil
2017-07-12 11:05:18 +00:00
}
2017-06-06 14:41:06 +00:00
2017-07-12 11:05:18 +00:00
func SetPassword ( uid int , password string ) error {
2017-09-03 04:50:31 +00:00
hashedPassword , salt , err := GeneratePassword ( password )
2016-12-02 07:38:54 +00:00
if err != nil {
return err
}
2017-09-03 04:50:31 +00:00
_ , err = set_password_stmt . Exec ( hashedPassword , salt , uid )
return err
2016-12-02 07:38:54 +00:00
}
2017-01-03 07:47:31 +00:00
func SendValidationEmail ( username string , email string , token string ) bool {
2017-09-10 16:57:22 +00:00
var schema = "http"
2017-07-17 10:23:42 +00:00
if site . EnableSsl {
2017-06-25 09:56:39 +00:00
schema += "s"
2017-01-03 07:47:31 +00:00
}
2017-06-25 09:56:39 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Move these to the phrase system
2017-07-17 10:23:42 +00:00
subject := "Validate Your Email @ " + site . Name
msg := "Dear " + username + ", following your registration on our forums, we ask you to validate your email, so that we can confirm that this email actually belongs to you.\n\nClick on the following link to do so. " + schema + "://" + site . Url + "/user/edit/token/" + token + "\n\nIf you haven't created an account here, then please feel free to ignore this email.\nWe're sorry for the inconvenience this may have caused."
2017-01-03 07:47:31 +00:00
return SendEmail ( email , subject , msg )
}
2017-09-10 16:57:22 +00:00
func wordsToScore ( wcount int , topic bool ) ( score int ) {
2017-02-10 13:39:13 +00:00
if topic {
score = 2
} else {
score = 1
}
2017-06-06 14:41:06 +00:00
2017-08-20 10:11:49 +00:00
settings := settingBox . Load ( ) . ( SettingBox )
2017-06-10 07:58:15 +00:00
if wcount >= settings [ "megapost_min_words" ] . ( int ) {
2017-02-10 13:39:13 +00:00
score += 4
2017-06-10 07:58:15 +00:00
} else if wcount >= settings [ "bigpost_min_words" ] . ( int ) {
2017-09-03 04:50:31 +00:00
score ++
2017-02-10 13:39:13 +00:00
}
return score
}
2017-09-10 16:57:22 +00:00
// TODO: Move this to where the other User methods are
func ( user * User ) increasePostStats ( wcount int , topic bool ) error {
2017-01-12 02:55:08 +00:00
var mod int
2017-09-03 04:50:31 +00:00
baseScore := 1
2017-01-12 02:55:08 +00:00
if topic {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_topics_stmt . Exec ( 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
2017-09-03 04:50:31 +00:00
baseScore = 2
2017-01-12 02:55:08 +00:00
}
2017-06-06 14:41:06 +00:00
2017-08-20 10:11:49 +00:00
settings := settingBox . Load ( ) . ( SettingBox )
2017-06-10 07:58:15 +00:00
if wcount >= settings [ "megapost_min_words" ] . ( int ) {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_megaposts_stmt . Exec ( 1 , 1 , 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
mod = 4
2017-06-10 07:58:15 +00:00
} else if wcount >= settings [ "bigpost_min_words" ] . ( int ) {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_bigposts_stmt . Exec ( 1 , 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
mod = 1
} else {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_posts_stmt . Exec ( 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
}
2017-09-10 16:57:22 +00:00
_ , err := increment_user_score_stmt . Exec ( baseScore + mod , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
2017-08-13 11:22:34 +00:00
//log.Print(user.Score + base_score + mod)
//log.Print(getLevel(user.Score + base_score + mod))
2017-09-10 16:57:22 +00:00
// TODO: Use a transaction to prevent level desyncs?
_ , err = update_user_level_stmt . Exec ( getLevel ( user . Score + baseScore + mod ) , user . ID )
2017-01-12 02:55:08 +00:00
return err
}
2017-09-10 16:57:22 +00:00
// TODO: Move this to where the other User methods are
func ( user * User ) decreasePostStats ( wcount int , topic bool ) error {
2017-01-12 02:55:08 +00:00
var mod int
2017-09-03 04:50:31 +00:00
baseScore := - 1
2017-01-12 02:55:08 +00:00
if topic {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_topics_stmt . Exec ( - 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
2017-09-03 04:50:31 +00:00
baseScore = - 2
2017-01-12 02:55:08 +00:00
}
2017-06-06 14:41:06 +00:00
2017-08-20 10:11:49 +00:00
settings := settingBox . Load ( ) . ( SettingBox )
2017-06-12 09:03:14 +00:00
if wcount >= settings [ "megapost_min_words" ] . ( int ) {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_megaposts_stmt . Exec ( - 1 , - 1 , - 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
mod = 4
2017-06-12 09:03:14 +00:00
} else if wcount >= settings [ "bigpost_min_words" ] . ( int ) {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_bigposts_stmt . Exec ( - 1 , - 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
mod = 1
} else {
2017-09-10 16:57:22 +00:00
_ , err := increment_user_posts_stmt . Exec ( - 1 , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
}
2017-09-10 16:57:22 +00:00
_ , err := increment_user_score_stmt . Exec ( baseScore - mod , user . ID )
2017-01-12 02:55:08 +00:00
if err != nil {
return err
}
2017-09-10 16:57:22 +00:00
// TODO: Use a transaction to prevent level desyncs?
_ , err = update_user_level_stmt . Exec ( getLevel ( user . Score - baseScore - mod ) , user . ID )
2017-01-12 02:55:08 +00:00
return err
}
2017-02-15 10:49:30 +00:00
2017-09-03 04:50:31 +00:00
func initUserPerms ( user * User ) {
if user . IsSuperAdmin {
2017-08-06 15:22:18 +00:00
user . Perms = AllPerms
user . PluginPerms = AllPluginPerms
} else {
user . Perms = groups [ user . Group ] . Perms
user . PluginPerms = groups [ user . Group ] . PluginPerms
}
2017-08-27 09:33:45 +00:00
if user . TempGroup != 0 {
user . Group = user . TempGroup
}
2017-09-03 04:50:31 +00:00
user . IsAdmin = user . IsSuperAdmin || groups [ user . Group ] . IsAdmin
user . IsSuperMod = user . IsAdmin || groups [ user . Group ] . IsMod
user . IsMod = user . IsSuperMod
user . IsBanned = groups [ user . Group ] . IsBanned
if user . IsBanned && user . IsSuperMod {
user . IsBanned = false
2017-02-15 10:49:30 +00:00
}
2017-02-28 09:27:28 +00:00
}
2017-09-03 04:50:31 +00:00
func buildProfileURL ( slug string , uid int ) string {
2017-06-28 12:05:26 +00:00
if slug == "" {
return "/user/" + strconv . Itoa ( uid )
}
return "/user/" + slug + "." + strconv . Itoa ( uid )
2017-02-28 09:27:28 +00:00
}