diff options
Diffstat (limited to 'internal')
-rw-r--r-- | internal/handlers/auth.go | 81 | ||||
-rw-r--r-- | internal/models/auth.go | 25 | ||||
-rw-r--r-- | internal/server/router.go | 4 |
3 files changed, 109 insertions, 1 deletions
diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go new file mode 100644 index 0000000..435f8ff --- /dev/null +++ b/internal/handlers/auth.go @@ -0,0 +1,81 @@ +package handlers + +import ( + "apjournal/internal/models" + "apjournal/pkg/utils" + "fmt" + "html/template" + "net/http" + "strings" + "time" +) + +func abortWithError(w http.ResponseWriter, msg string) { + tmpl := template.Must(template.ParseGlob("components/*.html")) + tmpl.ExecuteTemplate(w, "error", msg) +} + +func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + username := r.PostFormValue("username") + if username == "" { + msg := "username not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + password := r.PostFormValue("password") + if password == "" { + msg := "password not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + cleanName := utils.RemoveSpacesFromStr(username) + // allNames := h.s.CacheGetAllNames() + allNames := []string{} + if utils.StrInSlice(cleanName, allNames) { + err := fmt.Errorf("name: %s already taken", cleanName) + h.log.Error("already taken", "error", err) + abortWithError(w, err.Error()) + return + } + cookie, err := h.makeCookie(cleanName, r.RemoteAddr) + if err != nil { + h.log.Error("failed to login", "error", err) + abortWithError(w, err.Error()) + } + http.SetCookie(w, cookie) + http.Redirect(w, r, "/", 302) +} + +func (h *Handlers) makeCookie(username string, remote string) (*http.Cookie, error) { + // Create a new random session token + // sessionToken := xid.New().String() + sessionToken := "token" + expiresAt := time.Now().Add(time.Duration(h.cfg.SessionLifetime) * time.Second) + // Set the token in the session map, along with the session information + session := &models.Session{ + Username: username, + Expiry: expiresAt, + } + // TODO: write session to db + cookie := &http.Cookie{ + Name: "session_token", + Value: sessionToken, + Secure: true, + HttpOnly: true, + SameSite: http.SameSiteNoneMode, + Domain: h.cfg.ServerConfig.Host, + } + h.log.Info("check remote addr for cookie set", + "remote", remote, "session", session) + if strings.Contains(remote, "192.168.0") { + // no idea what is going on + // domainName = "192.168.0.101" + cookie.Domain = "192.168.0.101" + } + // set ctx? + // c.Set("username", username) + return cookie, nil +} diff --git a/internal/models/auth.go b/internal/models/auth.go new file mode 100644 index 0000000..5dadf8a --- /dev/null +++ b/internal/models/auth.go @@ -0,0 +1,25 @@ +package models + +import ( + "time" +) + +// each session contains the username of the user and the time at which it expires +type Session struct { + Username string + CurrentRoom string + Expiry time.Time +} + +// we'll use this method later to determine if the session has expired +func (s Session) IsExpired() bool { + return s.Expiry.Before(time.Now()) +} + +func ListUsernames(ss map[string]*Session) []string { + resp := make([]string, 0, len(ss)) + for _, s := range ss { + resp = append(resp, s.Username) + } + return resp +} diff --git a/internal/server/router.go b/internal/server/router.go index 75cf4f9..36c2083 100644 --- a/internal/server/router.go +++ b/internal/server/router.go @@ -10,7 +10,7 @@ func (srv *server) ListenToRequests() { h := srv.actions mux := http.NewServeMux() server := &http.Server{ - Addr: "localhost:9000", + Addr: fmt.Sprintf("localhost:%d", srv.config.ServerConfig), Handler: mux, ReadTimeout: time.Second * 5, WriteTimeout: time.Second * 5, @@ -23,6 +23,8 @@ func (srv *server) ListenToRequests() { mux.HandleFunc("GET /", h.MainPage) mux.HandleFunc("POST /", h.HandleForm) mux.HandleFunc("POST /done", h.HandleDoneAction) + mux.HandleFunc("POST /login", h.HandleLogin) + // mux.HandleFunc("POST /signup", h.HandleLogin) // ====== elements ====== mux.HandleFunc("GET /showform", h.ServeShowForm) |