diff options
Diffstat (limited to 'pkg/handler/auth')
-rw-r--r-- | pkg/handler/auth/login.go | 75 |
1 files changed, 71 insertions, 4 deletions
diff --git a/pkg/handler/auth/login.go b/pkg/handler/auth/login.go index 7e77a67..7014548 100644 --- a/pkg/handler/auth/login.go +++ b/pkg/handler/auth/login.go @@ -1,20 +1,87 @@ package auth import ( + "encoding/base64" "net/http" + "time" "git.gabrielgio.me/cerrado/pkg/ext" "git.gabrielgio.me/cerrado/templates" ) type ( - LoginHandler struct{} + LoginHandler struct { + auth authService + } + + authService interface { + CheckAuth(username, password string) bool + IssueToken() ([]byte, error) + } ) +func NewLoginHandler(auth authService) *LoginHandler { + return &LoginHandler{ + auth: auth, + } +} + +func (g *LoginHandler) Logout(w http.ResponseWriter, r *http.Request) error { + cookie := &http.Cookie{ + Name: "auth", + Value: "", + Path: "/", + Expires: time.Unix(0, 0), + } + + referer := r.Header.Get("Referer") + if referer == "" { + referer = "/" + } + + http.SetCookie(w, cookie) + ext.Redirect(w, referer) + return nil +} + func (g *LoginHandler) Login(w http.ResponseWriter, r *http.Request) error { - ext.SetHTML(w) + if r.Method == "GET" { + ext.SetHTML(w) + + login := &templates.LoginPage{} + templates.WritePageTemplate(w, login, r.Context()) + } else if r.Method == "POST" { + + username := r.FormValue("username") + password := r.FormValue("password") + + if !g.auth.CheckAuth(username, password) { + login := &templates.LoginPage{ + ErrorMessage: "Invalid login", + } + templates.WritePageTemplate(w, login, r.Context()) + } else { + + bytes, err := g.auth.IssueToken() + if err != nil { + return err + } + + cookie := &http.Cookie{ + Name: "auth", + Value: base64.StdEncoding.EncodeToString(bytes), + Path: "/", + MaxAge: 3600, + HttpOnly: true, + Secure: true, + SameSite: http.SameSiteStrictMode, + } + + http.SetCookie(w, cookie) + ext.Redirect(w, "/") + } + + } - login := &templates.LoginPage{} - templates.WritePageTemplate(w, login) return nil } |