sprechstunden-go/controllers/confirmRequestHandler.go
Gonne 8603087ed5 Füge Security-Header hinzu
Das 'unsafe-inline' in der Content-Security-Policy wäre lieber nicht da,
aber dazu müsste man erst die Templates umbauen.
2023-01-04 12:35:24 +01:00

34 lines
997 B
Go

package controllers
import (
"database/sql"
"errors"
"net/http"
"officeHours/templating"
)
// Check the secret token for requests and execute the request for correct tokens
func (b *BaseHandler) ConfirmRequestHandler(w http.ResponseWriter, req *http.Request) {
SendSecurityHeaders(w, req)
secret := req.FormValue("code")
request, err := b.requestRepo.FindBySecret(secret)
if errors.Is(err, sql.ErrNoRows) { // There was no request with this secret
w.WriteHeader(http.StatusNotFound)
templating.ServeTemplate(w, "requestNotFound", nil)
return
}
if err != nil { // Some other error happened finding the request with this secret
w.WriteHeader(http.StatusInternalServerError)
templating.ServeTemplate(w, "executeFailure", err.Error())
return
}
err = b.requestRepo.Execute(request)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
templating.ServeTemplate(w, "executeFailure", err.Error())
return
}
templating.ServeTemplate(w, "executeSuccess", nil)
}