aboutsummaryrefslogtreecommitdiff
path: root/pkg/handler/auth/login.go
blob: 7014548c0965def2eba242a03ae269b8c27f7a00 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package auth

import (
	"encoding/base64"
	"net/http"
	"time"

	"git.gabrielgio.me/cerrado/pkg/ext"
	"git.gabrielgio.me/cerrado/templates"
)

type (
	LoginHandler struct {
		auth authService
	}

	authService interface {
		CheckAuth(username, password string) bool
		IssueToken() ([]byte, error)
	}
)

func NewLoginHandler(auth authService) *LoginHandler {
	return &LoginHandler{
		auth: auth,
	}
}

func (g *LoginHandler) Logout(w http.ResponseWriter, r *http.Request) error {
	cookie := &http.Cookie{
		Name:    "auth",
		Value:   "",
		Path:    "/",
		Expires: time.Unix(0, 0),
	}

	referer := r.Header.Get("Referer")
	if referer == "" {
		referer = "/"
	}

	http.SetCookie(w, cookie)
	ext.Redirect(w, referer)
	return nil
}

func (g *LoginHandler) Login(w http.ResponseWriter, r *http.Request) error {
	if r.Method == "GET" {
		ext.SetHTML(w)

		login := &templates.LoginPage{}
		templates.WritePageTemplate(w, login, r.Context())
	} else if r.Method == "POST" {

		username := r.FormValue("username")
		password := r.FormValue("password")

		if !g.auth.CheckAuth(username, password) {
			login := &templates.LoginPage{
				ErrorMessage: "Invalid login",
			}
			templates.WritePageTemplate(w, login, r.Context())
		} else {

			bytes, err := g.auth.IssueToken()
			if err != nil {
				return err
			}

			cookie := &http.Cookie{
				Name:     "auth",
				Value:    base64.StdEncoding.EncodeToString(bytes),
				Path:     "/",
				MaxAge:   3600,
				HttpOnly: true,
				Secure:   true,
				SameSite: http.SameSiteStrictMode,
			}

			http.SetCookie(w, cookie)
			ext.Redirect(w, "/")
		}

	}

	return nil
}