From 1e45ae2ea3497958b2ea6a20137955cfc3bbc964 Mon Sep 17 00:00:00 2001 From: "Gabriel A. Giovanini" Date: Wed, 11 Dec 2024 17:05:12 +0100 Subject: feat: Add UI/Handler login process It adds the whole workflow to store and handle login on both UI and handler level. With that the login information should be available at any point given the context. --- pkg/handler/auth/login.go | 75 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 71 insertions(+), 4 deletions(-) (limited to 'pkg/handler/auth/login.go') diff --git a/pkg/handler/auth/login.go b/pkg/handler/auth/login.go index 7e77a67..7014548 100644 --- a/pkg/handler/auth/login.go +++ b/pkg/handler/auth/login.go @@ -1,20 +1,87 @@ package auth import ( + "encoding/base64" "net/http" + "time" "git.gabrielgio.me/cerrado/pkg/ext" "git.gabrielgio.me/cerrado/templates" ) type ( - LoginHandler struct{} + LoginHandler struct { + auth authService + } + + authService interface { + CheckAuth(username, password string) bool + IssueToken() ([]byte, error) + } ) +func NewLoginHandler(auth authService) *LoginHandler { + return &LoginHandler{ + auth: auth, + } +} + +func (g *LoginHandler) Logout(w http.ResponseWriter, r *http.Request) error { + cookie := &http.Cookie{ + Name: "auth", + Value: "", + Path: "/", + Expires: time.Unix(0, 0), + } + + referer := r.Header.Get("Referer") + if referer == "" { + referer = "/" + } + + http.SetCookie(w, cookie) + ext.Redirect(w, referer) + return nil +} + func (g *LoginHandler) Login(w http.ResponseWriter, r *http.Request) error { - ext.SetHTML(w) + if r.Method == "GET" { + ext.SetHTML(w) + + login := &templates.LoginPage{} + templates.WritePageTemplate(w, login, r.Context()) + } else if r.Method == "POST" { + + username := r.FormValue("username") + password := r.FormValue("password") + + if !g.auth.CheckAuth(username, password) { + login := &templates.LoginPage{ + ErrorMessage: "Invalid login", + } + templates.WritePageTemplate(w, login, r.Context()) + } else { + + bytes, err := g.auth.IssueToken() + if err != nil { + return err + } + + cookie := &http.Cookie{ + Name: "auth", + Value: base64.StdEncoding.EncodeToString(bytes), + Path: "/", + MaxAge: 3600, + HttpOnly: true, + Secure: true, + SameSite: http.SameSiteStrictMode, + } + + http.SetCookie(w, cookie) + ext.Redirect(w, "/") + } + + } - login := &templates.LoginPage{} - templates.WritePageTemplate(w, login) return nil } -- cgit v1.2.3