From 2ca1097b77e989e1e55db2329cabfdba2dd9ba22 Mon Sep 17 00:00:00 2001
From: Lucas BEE <pouulet@gmail.com>
Date: Fri, 21 Jun 2019 10:48:20 +0000
Subject: [PATCH] Better users handlers

Catch empty usernames or password on register
---
 backend/admins/users.go   |  2 +-
 backend/users/handlers.go | 11 ++++++++---
 backend/web/render.go     |  7 +++++++
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/backend/admins/users.go b/backend/admins/users.go
index dd54487..5fef8b7 100644
--- a/backend/admins/users.go
+++ b/backend/admins/users.go
@@ -60,7 +60,7 @@ func GenerateUserToken(env *web.Env, w http.ResponseWriter, r *http.Request) err
 // UpdateUserHandler updates the user data
 func UpdateUserHandler(env *web.Env, w http.ResponseWriter, r *http.Request) error {
 	log := env.Log.WithFields(logrus.Fields{
-		"function": "admin.PostActivateUserHandler",
+		"function": "admin.UpdateUserHandler",
 	})
 
 	var data struct {
diff --git a/backend/users/handlers.go b/backend/users/handlers.go
index 4671e43..9c77489 100644
--- a/backend/users/handlers.go
+++ b/backend/users/handlers.go
@@ -25,7 +25,11 @@ func SignupPOSTHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error
 	}
 	e.Log.Debugf("creating new user ...")
 
-	if data.Password == "" && data.PasswordConfirm != "" {
+	if data.Username == "" {
+		return e.RenderError(w, fmt.Errorf("Empty username"))
+	}
+
+	if data.Password == "" || data.PasswordConfirm == "" {
 		return e.RenderError(w, fmt.Errorf("Empty password"))
 	}
 
@@ -127,12 +131,13 @@ func EditHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
 		return err
 	}
 
+	// If passwords are not empty, update
 	if data.Password != "" && data.PasswordConfirm != "" {
 		if data.Password != data.PasswordConfirm {
 			return e.RenderError(w, fmt.Errorf("Passwords empty or missmatch"))
 		}
 
-		// Update the user config
+		// Update the user password
 		var err error
 		user.Hash, err = e.Auth.GenHash(data.Password)
 		if err != nil {
@@ -156,7 +161,7 @@ func EditHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
 
 	// Save the user with the new configurations
 	if err := user.Update(e.Database); err != nil {
-		return err
+		return e.RenderInternalError(w, "Error while updating user", err)
 	}
 
 	return e.RenderOK(w, "user updated")
diff --git a/backend/web/render.go b/backend/web/render.go
index e81b5ac..c34e065 100644
--- a/backend/web/render.go
+++ b/backend/web/render.go
@@ -8,6 +8,13 @@ func (e *Env) RenderError(w http.ResponseWriter, err error) error {
 	return e.render(w, "error", err.Error())
 }
 
+// RenderInternalError renders an error with a user message, and internally
+// logs the real error
+func (e *Env) RenderInternalError(w http.ResponseWriter, msg string, err error) error {
+	e.Log.Warn(err)
+	return e.render(w, "error", msg)
+}
+
 // RenderOK renders a message
 func (e *Env) RenderOK(w http.ResponseWriter, message string) error {
 	return e.render(w, "ok", message)