Fix: code cleaning

3 files changed, 215 insertions, 222 deletions

diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go
index d0ccdff..cdd55d3 100644
--- a/internal/handlers/auth.go
+++ b/internal/handlers/auth.go
@@ -1,162 +1,167 @@
 package handlers
 
 import (
-	"crypto/hmac"
-	"crypto/sha256"
-	"demoon/internal/models"
-	"demoon/pkg/utils"
-	"encoding/base64"
-	"encoding/json"
 	"html/template"
 	"net/http"
-	"strings"
-	"time"
-
-	"golang.org/x/crypto/bcrypt"
 )
 
+// import (
+// 	"crypto/hmac"
+// 	"crypto/sha256"
+// 	"demoon/internal/models"
+// 	"demoon/pkg/utils"
+// 	"encoding/base64"
+// 	"encoding/json"
+// 	"html/template"
+// 	"net/http"
+// 	"strings"
+// 	"time"
+
+// 	"golang.org/x/crypto/bcrypt"
+// )
+
 func abortWithError(w http.ResponseWriter, msg string) {
 	tmpl := template.Must(template.ParseGlob("components/*.html"))
 	tmpl.ExecuteTemplate(w, "error", msg)
 }
 
-func (h *Handlers) HandleSignup(w http.ResponseWriter, r *http.Request) {
-	r.ParseForm()
-	username := r.PostFormValue("username")
-	if username == "" {
-		msg := "username not provided"
-		h.log.Error(msg)
-		abortWithError(w, msg)
-		return
-	}
-	password := r.PostFormValue("password")
-	if password == "" {
-		msg := "password not provided"
-		h.log.Error(msg)
-		abortWithError(w, msg)
-		return
-	}
-	// make sure username does not exists
-	cleanName := utils.RemoveSpacesFromStr(username)
-	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 8)
-	// create user in db
-	now := time.Now()
-	nextMidnight := time.Date(now.Year(), now.Month(), now.Day(),
-		0, 0, 0, 0, time.UTC).Add(time.Hour * 24)
-	newUser := &models.UserScore{
-		Username: cleanName, Password: string(hashedPassword),
-		BurnTime: nextMidnight, CreatedAt: now,
-	}
-	// login user
-	cookie, err := h.makeCookie(cleanName, r.RemoteAddr)
-	if err != nil {
-		h.log.Error("failed to login", "error", err)
-		abortWithError(w, err.Error())
-		return
-	}
-	http.SetCookie(w, cookie)
-	// http.Redirect(w, r, "/", 302)
-	tmpl, err := template.ParseGlob("components/*.html")
-	if err != nil {
-		abortWithError(w, err.Error())
-		return
-	}
-	tmpl.ExecuteTemplate(w, "main", newUser)
-}
+// func (h *Handlers) HandleSignup(w http.ResponseWriter, r *http.Request) {
+// 	r.ParseForm()
+// 	username := r.PostFormValue("username")
+// 	if username == "" {
+// 		msg := "username not provided"
+// 		h.log.Error(msg)
+// 		abortWithError(w, msg)
+// 		return
+// 	}
+// 	password := r.PostFormValue("password")
+// 	if password == "" {
+// 		msg := "password not provided"
+// 		h.log.Error(msg)
+// 		abortWithError(w, msg)
+// 		return
+// 	}
+// 	// make sure username does not exists
+// 	cleanName := utils.RemoveSpacesFromStr(username)
+// 	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 8)
+// 	// create user in db
+// 	now := time.Now()
+// 	nextMidnight := time.Date(now.Year(), now.Month(), now.Day(),
+// 		0, 0, 0, 0, time.UTC).Add(time.Hour * 24)
+// 	newUser := &models.UserScore{
+// 		Username: cleanName, Password: string(hashedPassword),
+// 		BurnTime: nextMidnight, CreatedAt: now,
+// 	}
+// 	// login user
+// 	cookie, err := h.makeCookie(cleanName, r.RemoteAddr)
+// 	if err != nil {
+// 		h.log.Error("failed to login", "error", err)
+// 		abortWithError(w, err.Error())
+// 		return
+// 	}
+// 	http.SetCookie(w, cookie)
+// 	// http.Redirect(w, r, "/", 302)
+// 	tmpl, err := template.ParseGlob("components/*.html")
+// 	if err != nil {
+// 		abortWithError(w, err.Error())
+// 		return
+// 	}
+// 	tmpl.ExecuteTemplate(w, "main", newUser)
+// }
 
-func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) {
-	r.ParseForm()
-	username := r.PostFormValue("username")
-	if username == "" {
-		msg := "username not provided"
-		h.log.Error(msg)
-		abortWithError(w, msg)
-		return
-	}
-	password := r.PostFormValue("password")
-	if password == "" {
-		msg := "password not provided"
-		h.log.Error(msg)
-		abortWithError(w, msg)
-		return
-	}
-	cleanName := utils.RemoveSpacesFromStr(username)
-	tmpl, err := template.ParseGlob("components/*.html")
-	if err != nil {
-		abortWithError(w, err.Error())
-		return
-	}
-	cookie, err := h.makeCookie(cleanName, r.RemoteAddr)
-	if err != nil {
-		h.log.Error("failed to login", "error", err)
-		abortWithError(w, err.Error())
-		return
-	}
-	http.SetCookie(w, cookie)
-	tmpl.ExecuteTemplate(w, "main", nil)
-}
+// func (h *Handlers) HandleLogin(w http.ResponseWriter, r *http.Request) {
+// 	r.ParseForm()
+// 	username := r.PostFormValue("username")
+// 	if username == "" {
+// 		msg := "username not provided"
+// 		h.log.Error(msg)
+// 		abortWithError(w, msg)
+// 		return
+// 	}
+// 	password := r.PostFormValue("password")
+// 	if password == "" {
+// 		msg := "password not provided"
+// 		h.log.Error(msg)
+// 		abortWithError(w, msg)
+// 		return
+// 	}
+// 	cleanName := utils.RemoveSpacesFromStr(username)
+// 	tmpl, err := template.ParseGlob("components/*.html")
+// 	if err != nil {
+// 		abortWithError(w, err.Error())
+// 		return
+// 	}
+// 	cookie, err := h.makeCookie(cleanName, r.RemoteAddr)
+// 	if err != nil {
+// 		h.log.Error("failed to login", "error", err)
+// 		abortWithError(w, err.Error())
+// 		return
+// 	}
+// 	http.SetCookie(w, cookie)
+// 	tmpl.ExecuteTemplate(w, "main", nil)
+// }
 
-func (h *Handlers) makeCookie(username string, remote string) (*http.Cookie, error) {
-	// secret
-	// Create a new random session token
-	// sessionToken := xid.New().String()
-	sessionToken := "token"
-	expiresAt := time.Now().Add(time.Duration(h.cfg.SessionLifetime) * time.Second)
-	// Set the token in the session map, along with the session information
-	session := &models.Session{
-		Username: username,
-		Expiry:   expiresAt,
-	}
-	cookieName := "session_token"
-	// hmac to protect cookies
-	hm := hmac.New(sha256.New, []byte(h.cfg.CookieSecret))
-	hm.Write([]byte(cookieName))
-	hm.Write([]byte(sessionToken))
-	signature := hm.Sum(nil)
-	// b64 enc to avoid non-ascii
-	cookieValue := base64.URLEncoding.EncodeToString([]byte(
-		string(signature) + sessionToken))
-	cookie := &http.Cookie{
-		Name:     cookieName,
-		Value:    cookieValue,
-		Secure:   true,
-		HttpOnly: true,
-		SameSite: http.SameSiteNoneMode,
-		Domain:   h.cfg.ServerConfig.Host,
-	}
-	h.log.Info("check remote addr for cookie set",
-		"remote", remote, "session", session)
-	if strings.Contains(remote, "192.168.0") {
-		// no idea what is going on
-		cookie.Domain = "192.168.0.101"
-	}
-	// set ctx?
-	// set user in session
-	if err := h.cacheSetSession(sessionToken, session); err != nil {
-		return nil, err
-	}
-	return cookie, nil
-}
+// func (h *Handlers) makeCookie(username string, remote string) (*http.Cookie, error) {
+// 	// secret
+// 	// Create a new random session token
+// 	// sessionToken := xid.New().String()
+// 	sessionToken := "token"
+// 	expiresAt := time.Now().Add(time.Duration(h.cfg.SessionLifetime) * time.Second)
+// 	// Set the token in the session map, along with the session information
+// 	session := &models.Session{
+// 		Username: username,
+// 		Expiry:   expiresAt,
+// 	}
+// 	cookieName := "session_token"
+// 	// hmac to protect cookies
+// 	hm := hmac.New(sha256.New, []byte(h.cfg.CookieSecret))
+// 	hm.Write([]byte(cookieName))
+// 	hm.Write([]byte(sessionToken))
+// 	signature := hm.Sum(nil)
+// 	// b64 enc to avoid non-ascii
+// 	cookieValue := base64.URLEncoding.EncodeToString([]byte(
+// 		string(signature) + sessionToken))
+// 	cookie := &http.Cookie{
+// 		Name:     cookieName,
+// 		Value:    cookieValue,
+// 		Secure:   true,
+// 		HttpOnly: true,
+// 		SameSite: http.SameSiteNoneMode,
+// 		Domain:   h.cfg.ServerConfig.Host,
+// 	}
+// 	h.log.Info("check remote addr for cookie set",
+// 		"remote", remote, "session", session)
+// 	if strings.Contains(remote, "192.168.0") {
+// 		// no idea what is going on
+// 		cookie.Domain = "192.168.0.101"
+// 	}
+// 	// set ctx?
+// 	// set user in session
+// 	if err := h.cacheSetSession(sessionToken, session); err != nil {
+// 		return nil, err
+// 	}
+// 	return cookie, nil
+// }
 
-func (h *Handlers) cacheGetSession(key string) (*models.Session, error) {
-	userSessionB, err := h.mc.Get(key)
-	if err != nil {
-		return nil, err
-	}
-	var us *models.Session
-	if err := json.Unmarshal(userSessionB, &us); err != nil {
-		return nil, err
-	}
-	return us, nil
-}
+// func (h *Handlers) cacheGetSession(key string) (*models.Session, error) {
+// 	userSessionB, err := h.mc.Get(key)
+// 	if err != nil {
+// 		return nil, err
+// 	}
+// 	var us *models.Session
+// 	if err := json.Unmarshal(userSessionB, &us); err != nil {
+// 		return nil, err
+// 	}
+// 	return us, nil
+// }
 
-func (h *Handlers) cacheSetSession(key string, session *models.Session) error {
-	sesb, err := json.Marshal(session)
-	if err != nil {
-		return err
-	}
-	h.mc.Set(key, sesb)
-	// expire in 10 min
-	h.mc.Expire(key, 10*60)
-	return nil
-}
+// func (h *Handlers) cacheSetSession(key string, session *models.Session) error {
+// 	sesb, err := json.Marshal(session)
+// 	if err != nil {
+// 		return err
+// 	}
+// 	h.mc.Set(key, sesb)
+// 	// expire in 10 min
+// 	h.mc.Expire(key, 10*60)
+// 	return nil
+// }
diff --git a/internal/handlers/main.go b/internal/handlers/main.go
index 960b26d..86f5b09 100644
--- a/internal/handlers/main.go
+++ b/internal/handlers/main.go
@@ -4,7 +4,6 @@ import (
 	"demoon/config"
 	"demoon/internal/database/repos"
 	"demoon/internal/models"
-	"demoon/pkg/cache"
 	"html/template"
 	"log/slog"
 	"net/http"
@@ -18,7 +17,6 @@ type Handlers struct {
 	cfg  config.Config
 	log  *slog.Logger
 	repo repos.FullRepo
-	mc   cache.Cache
 }
 
 // NewHandlers constructor
@@ -32,7 +30,6 @@ func NewHandlers(
 		cfg:  cfg,
 		log:  l,
 		repo: repo,
-		mc:   cache.MemCache,
 	}
 	return h
 }
diff --git a/internal/handlers/middleware.go b/internal/handlers/middleware.go
index 8b871a2..242dfb8 100644
--- a/internal/handlers/middleware.go
+++ b/internal/handlers/middleware.go
@@ -1,75 +1,66 @@
 package handlers
 
-import (
-	"context"
-	"crypto/hmac"
-	"crypto/sha256"
-	"encoding/base64"
-	"errors"
-	"net/http"
-)
-
-func (h *Handlers) GetSession(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		cookieName := "session_token"
-		sessionCookie, err := r.Cookie(cookieName)
-		if err != nil {
-			msg := "auth failed; failed to get session token from cookies"
-			h.log.Debug(msg, "error", err)
-			next.ServeHTTP(w, r)
-			return
-		}
-		cookieValueB, err := base64.URLEncoding.
-			DecodeString(sessionCookie.Value)
-		if err != nil {
-			msg := "auth failed; failed to decode b64 cookie"
-			h.log.Debug(msg, "error", err)
-			next.ServeHTTP(w, r)
-			return
-		}
-		cookieValue := string(cookieValueB)
-		if len(cookieValue) < sha256.Size {
-			h.log.Warn("small cookie", "size", len(cookieValue))
-			next.ServeHTTP(w, r)
-			return
-		}
-		// Split apart the signature and original cookie value.
-		signature := cookieValue[:sha256.Size]
-		sessionToken := cookieValue[sha256.Size:]
-		//verify signature
-		mac := hmac.New(sha256.New, []byte(h.cfg.CookieSecret))
-		mac.Write([]byte(cookieName))
-		mac.Write([]byte(sessionToken))
-		expectedSignature := mac.Sum(nil)
-		if !hmac.Equal([]byte(signature), expectedSignature) {
-			h.log.Debug("cookie with an invalid sign")
-			next.ServeHTTP(w, r)
-			return
-		}
-		userSession, err := h.cacheGetSession(sessionToken)
-		if err != nil {
-			msg := "auth failed; session does not exists"
-			err = errors.New(msg)
-			h.log.Debug(msg, "error", err)
-			next.ServeHTTP(w, r)
-			return
-		}
-		if userSession.IsExpired() {
-			h.mc.RemoveKey(sessionToken)
-			msg := "session is expired"
-			h.log.Debug(msg, "error", err, "token", sessionToken)
-			next.ServeHTTP(w, r)
-			return
-		}
-		ctx := context.WithValue(r.Context(),
-			"username", userSession.Username)
-		if err := h.cacheSetSession(sessionToken,
-			userSession); err != nil {
-			msg := "failed to marshal user session"
-			h.log.Warn(msg, "error", err)
-			next.ServeHTTP(w, r)
-			return
-		}
-		next.ServeHTTP(w, r.WithContext(ctx))
-	})
-}
+//func (h *Handlers) GetSession(next http.Handler) http.Handler {
+//	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+//		cookieName := "session_token"
+//		sessionCookie, err := r.Cookie(cookieName)
+//		if err != nil {
+//			msg := "auth failed; failed to get session token from cookies"
+//			h.log.Debug(msg, "error", err)
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		cookieValueB, err := base64.URLEncoding.
+//			DecodeString(sessionCookie.Value)
+//		if err != nil {
+//			msg := "auth failed; failed to decode b64 cookie"
+//			h.log.Debug(msg, "error", err)
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		cookieValue := string(cookieValueB)
+//		if len(cookieValue) < sha256.Size {
+//			h.log.Warn("small cookie", "size", len(cookieValue))
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		// Split apart the signature and original cookie value.
+//		signature := cookieValue[:sha256.Size]
+//		sessionToken := cookieValue[sha256.Size:]
+//		//verify signature
+//		mac := hmac.New(sha256.New, []byte(h.cfg.CookieSecret))
+//		mac.Write([]byte(cookieName))
+//		mac.Write([]byte(sessionToken))
+//		expectedSignature := mac.Sum(nil)
+//		if !hmac.Equal([]byte(signature), expectedSignature) {
+//			h.log.Debug("cookie with an invalid sign")
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		userSession, err := h.cacheGetSession(sessionToken)
+//		if err != nil {
+//			msg := "auth failed; session does not exists"
+//			err = errors.New(msg)
+//			h.log.Debug(msg, "error", err)
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		if userSession.IsExpired() {
+//			h.mc.RemoveKey(sessionToken)
+//			msg := "session is expired"
+//			h.log.Debug(msg, "error", err, "token", sessionToken)
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		ctx := context.WithValue(r.Context(),
+//			"username", userSession.Username)
+//		if err := h.cacheSetSession(sessionToken,
+//			userSession); err != nil {
+//			msg := "failed to marshal user session"
+//			h.log.Warn(msg, "error", err)
+//			next.ServeHTTP(w, r)
+//			return
+//		}
+//		next.ServeHTTP(w, r.WithContext(ctx))
+//	})
+//}