package auth import ( "encoding/base64" "net/http" "time" "git.gabrielgio.me/cerrado/pkg/ext" "git.gabrielgio.me/cerrado/templates" ) type ( LoginHandler struct { auth authService } authService interface { CheckAuth(username, password string) bool IssueToken() ([]byte, error) } ) func NewLoginHandler(auth authService) *LoginHandler { return &LoginHandler{ auth: auth, } } func (g *LoginHandler) Logout(w http.ResponseWriter, r *http.Request) error { cookie := &http.Cookie{ Name: "auth", Value: "", Path: "/", Expires: time.Unix(0, 0), } referer := r.Header.Get("Referer") if referer == "" { referer = "/" } http.SetCookie(w, cookie) ext.Redirect(w, referer) return nil } func (g *LoginHandler) Login(w http.ResponseWriter, r *http.Request) error { if r.Method == "GET" { ext.SetHTML(w) login := &templates.LoginPage{} templates.WritePageTemplate(w, login, r.Context()) } else if r.Method == "POST" { username := r.FormValue("username") password := r.FormValue("password") if !g.auth.CheckAuth(username, password) { login := &templates.LoginPage{ ErrorMessage: "Invalid login", } templates.WritePageTemplate(w, login, r.Context()) } else { bytes, err := g.auth.IssueToken() if err != nil { return err } cookie := &http.Cookie{ Name: "auth", Value: base64.StdEncoding.EncodeToString(bytes), Path: "/", MaxAge: 3600, HttpOnly: true, Secure: true, SameSite: http.SameSiteStrictMode, } http.SetCookie(w, cookie) ext.Redirect(w, "/") } } return nil }