From b33be53ea9c0be523988a9412fd8e3f6a24782b3 Mon Sep 17 00:00:00 2001 From: GrailFinder Date: Sat, 20 Apr 2024 07:45:00 +0300 Subject: Feat: add auth [wip] --- internal/handlers/auth.go | 81 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 internal/handlers/auth.go (limited to 'internal/handlers') diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go new file mode 100644 index 0000000..435f8ff --- /dev/null +++ b/internal/handlers/auth.go @@ -0,0 +1,81 @@ +package handlers + +import ( + "apjournal/internal/models" + "apjournal/pkg/utils" + "fmt" + "html/template" + "net/http" + "strings" + "time" +) + +func abortWithError(w http.ResponseWriter, msg string) { + tmpl := template.Must(template.ParseGlob("components/*.html")) + tmpl.ExecuteTemplate(w, "error", msg) +} + +func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) { + r.ParseForm() + username := r.PostFormValue("username") + if username == "" { + msg := "username not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + password := r.PostFormValue("password") + if password == "" { + msg := "password not provided" + h.log.Error(msg) + abortWithError(w, msg) + return + } + cleanName := utils.RemoveSpacesFromStr(username) + // allNames := h.s.CacheGetAllNames() + allNames := []string{} + if utils.StrInSlice(cleanName, allNames) { + err := fmt.Errorf("name: %s already taken", cleanName) + h.log.Error("already taken", "error", err) + abortWithError(w, err.Error()) + return + } + cookie, err := h.makeCookie(cleanName, r.RemoteAddr) + if err != nil { + h.log.Error("failed to login", "error", err) + abortWithError(w, err.Error()) + } + http.SetCookie(w, cookie) + http.Redirect(w, r, "/", 302) +} + +func (h *Handlers) makeCookie(username string, remote string) (*http.Cookie, error) { + // Create a new random session token + // sessionToken := xid.New().String() + sessionToken := "token" + expiresAt := time.Now().Add(time.Duration(h.cfg.SessionLifetime) * time.Second) + // Set the token in the session map, along with the session information + session := &models.Session{ + Username: username, + Expiry: expiresAt, + } + // TODO: write session to db + cookie := &http.Cookie{ + Name: "session_token", + Value: sessionToken, + Secure: true, + HttpOnly: true, + SameSite: http.SameSiteNoneMode, + Domain: h.cfg.ServerConfig.Host, + } + h.log.Info("check remote addr for cookie set", + "remote", remote, "session", session) + if strings.Contains(remote, "192.168.0") { + // no idea what is going on + // domainName = "192.168.0.101" + cookie.Domain = "192.168.0.101" + } + // set ctx? + // c.Set("username", username) + return cookie, nil +} -- cgit v1.2.3