login, logout
This commit is contained in:
parent
bd8d01d7df
commit
1ad0d0579d
55
server/src/handler/login.go
Normal file
55
server/src/handler/login.go
Normal file
@ -0,0 +1,55 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"sirlab.de/go/knyt/user"
|
||||
)
|
||||
|
||||
func (authMux *AuthMux) createCookie() *http.Cookie {
|
||||
return &http.Cookie{
|
||||
Name: "knyt-auth",
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
MaxAge: -1,
|
||||
}
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) Logout(w http.ResponseWriter, r *http.Request) {
|
||||
http.SetCookie(w, authMux.createCookie())
|
||||
w.Header().Add("Content-Type", "text/plain")
|
||||
fmt.Fprintf(w, "ok")
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
|
||||
usr, err := authMux.checkCode(r)
|
||||
if err != nil {
|
||||
http.SetCookie(w, authMux.createCookie())
|
||||
authMux.accessDenied(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
cookie := authMux.createCookie()
|
||||
cookie.Value = usr.Id
|
||||
cookie.MaxAge = 0
|
||||
http.SetCookie(w, cookie)
|
||||
w.Header().Add("Content-Type", "text/plain")
|
||||
fmt.Fprintf(w, "ok")
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
|
||||
r.ParseForm()
|
||||
form := r.Form
|
||||
code := form.Get("code")
|
||||
|
||||
if len(code) != 6 {
|
||||
return nil, fmt.Errorf("invalid code")
|
||||
}
|
||||
|
||||
usr, err := authMux.app.GetUsers().GetUserById(code)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid code")
|
||||
}
|
||||
|
||||
return usr, nil
|
||||
}
|
@ -3,6 +3,7 @@ package handler
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"sirlab.de/go/knyt/user"
|
||||
)
|
||||
|
||||
func (authMux *AuthMux) PrivateHandleFunc(pattern string, handlerFunc HandlerFunc) {
|
||||
@ -27,18 +28,26 @@ func (authMux *AuthMux) accessDenied(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) isAuthenticated(r *http.Request) bool {
|
||||
_, err := authMux.getUserFromSession(r)
|
||||
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error) {
|
||||
authCookie, err := r.Cookie("knyt-auth")
|
||||
if err != nil {
|
||||
fmt.Printf("%v\n", err)
|
||||
return false
|
||||
return nil, fmt.Errorf("invalid cookie")
|
||||
}
|
||||
fmt.Printf("isAuthenticated? %s\n", authCookie.Value)
|
||||
|
||||
usr, usrErr := authMux.app.GetUsers().GetUserById(authCookie.Value)
|
||||
if usrErr != nil {
|
||||
return false
|
||||
return nil, fmt.Errorf("invalid cookie")
|
||||
}
|
||||
|
||||
fmt.Printf("\"%s\" ?= \"%s\"\n", usr.Id, authCookie.Value)
|
||||
return usr.Id == authCookie.Value
|
||||
return usr, nil
|
||||
}
|
||||
|
@ -1,12 +1,29 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func GetUserInfo(w http.ResponseWriter, r *http.Request) {
|
||||
type userLight struct {
|
||||
Name string "json:`name`"
|
||||
Role string "json:`role`"
|
||||
}
|
||||
|
||||
func (authMux *AuthMux) GetUserInfo(w http.ResponseWriter, r *http.Request) {
|
||||
usr, err := authMux.getUserFromSession(r)
|
||||
if err != nil {
|
||||
authMux.accessDenied(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
usrLight := userLight{
|
||||
Name: usr.Name,
|
||||
Role: usr.Role,
|
||||
}
|
||||
|
||||
w.Header().Add("Content-Type", "application/json")
|
||||
jsonString := "{}"
|
||||
jsonString, _ := json.Marshal(usrLight)
|
||||
fmt.Fprintf(w, string(jsonString))
|
||||
}
|
||||
|
@ -19,7 +19,9 @@ func main() {
|
||||
mux := handler.NewAuthMux(app)
|
||||
|
||||
mux.PublicHandleFunc("/__intern__/exit", handler.Exit)
|
||||
mux.PrivateHandleFunc("/api/userinfo", handler.GetUserInfo)
|
||||
mux.PublicHandleFunc("/api/login", mux.Login)
|
||||
mux.PublicHandleFunc("/api/logout", mux.Logout)
|
||||
mux.PrivateHandleFunc("/api/userinfo", mux.GetUserInfo)
|
||||
|
||||
// default handler
|
||||
fsHandler := http.FileServer(http.Dir("../../client/dist/"))
|
||||
|
Loading…
x
Reference in New Issue
Block a user