tidying some things up

session message handling is pretty annoying; should look into a better method of doing this

admin/http.go

@@ -93,8 +93,8 @@ func AdminIndexHandler(app *model.AppState) http.Handler {
 func registerAccountHandler(app *model.AppState) http.Handler {
     return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
         session := r.Context().Value("session").(*model.Session)
-        session.Error = sql.NullString{}
-        session.Message = sql.NullString{}
+        controller.SetSessionError(app.DB, session, "")
+        controller.SetSessionMessage(app.DB, session, "")
 
         if session.Account != nil {
             // user is already logged in
@@ -102,8 +102,12 @@ func registerAccountHandler(app *model.AppState) http.Handler {
             return
         }
 
+        type registerData struct {
+            Session *model.Session
+        }
+
         render := func() {
-            err := pages["register"].Execute(w, session)
+            err := pages["register"].Execute(w, registerData{ Session: session })
             if err != nil {
                 fmt.Printf("WARN: Error rendering create account page: %s\n", err)
                 http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
@@ -122,7 +126,7 @@ func registerAccountHandler(app *model.AppState) http.Handler {
 
         err := r.ParseForm()
         if err != nil {
-            session.Error = sql.NullString{ String: "Malformed data.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Malformed data.")
             render()
             return
         }
@@ -144,7 +148,7 @@ func registerAccountHandler(app *model.AppState) http.Handler {
         invite, err := controller.GetInvite(app.DB, credentials.Invite)
         if err != nil {
             fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve invite: %v\n", err)
-            session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.")
             render()
             return
         }
@@ -153,7 +157,7 @@ func registerAccountHandler(app *model.AppState) http.Handler {
                 err := controller.DeleteInvite(app.DB, invite.Code)
                 if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) }
             }
-            session.Error = sql.NullString{ String: "Invalid invite code.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Invalid invite code.")
             render()
             return
         }
@@ -161,7 +165,7 @@ func registerAccountHandler(app *model.AppState) http.Handler {
         hashedPassword, err := bcrypt.GenerateFromPassword([]byte(credentials.Password), bcrypt.DefaultCost)
         if err != nil {
             fmt.Fprintf(os.Stderr, "WARN: Failed to generate password hash: %v\n", err)
-            session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.")
             render()
             return
         }
@@ -175,16 +179,23 @@ func registerAccountHandler(app *model.AppState) http.Handler {
         err = controller.CreateAccount(app.DB, &account)
         if err != nil {
             if strings.HasPrefix(err.Error(), "pq: duplicate key") {
-                session.Error = sql.NullString{ String: "An account with that username already exists.", Valid: true }
+                controller.SetSessionError(app.DB, session, "An account with that username already exists.")
                 render()
                 return
             }
             fmt.Fprintf(os.Stderr, "WARN: Failed to create account: %v\n", err)
-            session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.")
             render()
             return
         }
 
+        fmt.Printf(
+            "[%s]: Account registered: %s (%s)\n",
+            time.Now().Format(time.UnixDate),
+            account.Username,
+            account.ID,
+        )
+
         err = controller.DeleteInvite(app.DB, invite.Code)
         if err != nil { fmt.Fprintf(os.Stderr, "WARN: Failed to delete expired invite: %v\n", err) }
 
@@ -229,7 +240,7 @@ func loginHandler(app *model.AppState) http.Handler {
 
         err := r.ParseForm()
         if err != nil {
-            session.Error = sql.NullString{ String: "Malformed data.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Malformed data.")
             render()
             return
         }
@@ -253,12 +264,12 @@ func loginHandler(app *model.AppState) http.Handler {
         account, err := controller.GetAccountByUsername(app.DB, credentials.Username)
         if err != nil {
             fmt.Fprintf(os.Stderr, "WARN: Failed to fetch account for login: %v\n", err)
-            session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Invalid username or password.")
             render()
             return
         }
         if account == nil {
-            session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Invalid username or password.")
             render()
             return
         }
@@ -267,10 +278,10 @@ func loginHandler(app *model.AppState) http.Handler {
         if err != nil {
             fmt.Printf(
                 "[%s] INFO: Account \"%s\" attempted login with incorrect password.\n",
-                time.Now().Format("2006-02-01 15:04:05"),
+                time.Now().Format(time.UnixDate),
                 account.Username,
             )
-            session.Error = sql.NullString{ String: "Invalid username or password.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Invalid username or password.")
             render()
             return
         }
@@ -278,12 +289,12 @@ func loginHandler(app *model.AppState) http.Handler {
         totpMethod, err := controller.CheckTOTPForAccount(app.DB, account.ID, credentials.TOTP)
         if err != nil {
             fmt.Fprintf(os.Stderr, "WARN: Failed to fetch TOTPs: %v\n", err)
-            session.Error = sql.NullString{ String: "Something went wrong. Please try again.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Something went wrong. Please try again.")
             render()
             return
         }
         if totpMethod == nil {
-            session.Error = sql.NullString{ String: "Invalid TOTP.", Valid: true }
+            controller.SetSessionError(app.DB, session, "Invalid TOTP.")
             render()
             return
         }
@@ -291,7 +302,7 @@ func loginHandler(app *model.AppState) http.Handler {
         // TODO: log login activity to user
         fmt.Printf(
             "[%s] INFO: Account \"%s\" logged in with method \"%s\"\n",
-            time.Now().Format("2006-02-01 15:04:05"),
+            time.Now().Format(time.UnixDate),
             account.Username,
             totpMethod.Name,
         )
@@ -379,11 +390,7 @@ func enforceSession(app *model.AppState, next http.Handler) http.Handler {
             // fetch existing session
             session, err = controller.GetSession(app.DB, sessionCookie.Value)
 
-            if err != nil {
-                if strings.Contains(err.Error(), "no rows") {
-                    http.Error(w, "Invalid session. Please try clearing your cookies and refresh.", http.StatusBadRequest)
-                    return
-                }
+            if err != nil && !strings.Contains(err.Error(), "no rows") {
                 fmt.Fprintf(os.Stderr, "WARN: Failed to retrieve session: %v\n", err)
                 http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
                 return