|
|
|
@ -463,26 +463,52 @@
|
|
|
|
|
(progn (utils:set-alert "You are not logged in." "error") |
|
|
|
|
(redirect "/login")))) |
|
|
|
|
|
|
|
|
|
(defroute ("/user/edit" :method :POST) () |
|
|
|
|
(defroute ("/user/edit/display-name" :method :POST) () |
|
|
|
|
(destructuring-bind |
|
|
|
|
(&key display-name new-password password-check |
|
|
|
|
authenticity-token &allow-other-keys) |
|
|
|
|
(&key display-name authenticity-token &allow-other-keys) |
|
|
|
|
(utils:request-params |
|
|
|
|
(lack.request:request-body-parameters ningle:*request*)) |
|
|
|
|
(cond ((not (string= authenticity-token (auth:csrf-token))) |
|
|
|
|
`(,+forbidden+ (:content-type "text/plain") ("Denied"))) |
|
|
|
|
((not (string= new-password password-check)) |
|
|
|
|
(utils:set-alert "Passwords don't match." "invalid-data") |
|
|
|
|
(redirect "/user/edit")) |
|
|
|
|
(t (hermetic:auth |
|
|
|
|
(:logged-in) |
|
|
|
|
;; Authorised |
|
|
|
|
(progn |
|
|
|
|
(nera-db:update-user |
|
|
|
|
(user::username-of (auth:get-current-user)) |
|
|
|
|
display-name new-password) |
|
|
|
|
(utils:set-alert "User details updated." "success") |
|
|
|
|
(redirect "/dashboard")) |
|
|
|
|
(cond ((utils:string-is-nil-or-empty? display-name) |
|
|
|
|
(utils:set-alert "Display name not entered." "missing-data") |
|
|
|
|
(redirect "/user/edit")) |
|
|
|
|
(t (nera-db:update-user |
|
|
|
|
(user::username-of (auth:get-current-user)) |
|
|
|
|
:display-name display-name :new-password nil) |
|
|
|
|
(utils:set-alert "Display name updated." "success") |
|
|
|
|
(redirect "/dashboard"))) |
|
|
|
|
;; Not Authorised |
|
|
|
|
(progn (utils:set-alert "You are not logged in." "error") |
|
|
|
|
(redirect "/login"))))))) |
|
|
|
|
|
|
|
|
|
(defroute ("/user/edit/password" :method :POST) () |
|
|
|
|
(destructuring-bind |
|
|
|
|
(&key new-password password-check authenticity-token &allow-other-keys) |
|
|
|
|
(utils:request-params |
|
|
|
|
(lack.request:request-body-parameters ningle:*request*)) |
|
|
|
|
(cond ((not (string= authenticity-token (auth:csrf-token))) |
|
|
|
|
`(,+forbidden+ (:content-type "text/plain") ("Denied"))) |
|
|
|
|
(t (hermetic:auth |
|
|
|
|
(:logged-in) |
|
|
|
|
;; Authorised |
|
|
|
|
(cond ((find t (mapcar |
|
|
|
|
#'utils:string-is-nil-or-empty? |
|
|
|
|
`(,new-password ,password-check))) |
|
|
|
|
(utils:set-alert "Missing new password data. Make sure both password boxes are filled out." |
|
|
|
|
"missing-data") |
|
|
|
|
(redirect "/user/edit")) |
|
|
|
|
((not (string= new-password password-check)) |
|
|
|
|
(utils:set-alert "Passwords don't match." "invalid-data") |
|
|
|
|
(redirect "/user/edit")) |
|
|
|
|
(t (nera-db:update-user |
|
|
|
|
(user::username-of (auth:get-current-user)) |
|
|
|
|
:display-name nil :new-password new-password) |
|
|
|
|
(utils:set-alert "Password updated." "success") |
|
|
|
|
(redirect "/dashboard"))) |
|
|
|
|
;; Not Authorised |
|
|
|
|
(progn (utils:set-alert "You are not logged in." "error") |
|
|
|
|
(redirect "/login"))))))) |
|
|
|
|