refactor(handlers): break out signin funcs
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
e122e26596
commit
0490786f11
SSH Key Fingerprint:
SHA256:Dp8+iwKHSlrMEHzE3bJnPng70I7LEsa3IJXRH/U+idQ
@ -7,11 +7,9 @@ import (
|
|||||||
"io/fs"
|
"io/fs"
|
||||||
"net/http"
|
"net/http"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strconv"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"git.dotya.ml/mirre-mt/pcmt/ent"
|
"git.dotya.ml/mirre-mt/pcmt/ent"
|
||||||
passwd "git.dotya.ml/mirre-mt/pcmt/modules/password"
|
|
||||||
moduser "git.dotya.ml/mirre-mt/pcmt/modules/user"
|
moduser "git.dotya.ml/mirre-mt/pcmt/modules/user"
|
||||||
"github.com/gorilla/sessions"
|
"github.com/gorilla/sessions"
|
||||||
"github.com/labstack/echo-contrib/session"
|
"github.com/labstack/echo-contrib/session"
|
||||||
@ -148,112 +146,6 @@ func Index() echo.HandlerFunc {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func Signin() echo.HandlerFunc {
|
|
||||||
return func(c echo.Context) error {
|
|
||||||
sess, _ := session.Get(setting.SessionCookieName(), c)
|
|
||||||
|
|
||||||
username := sess.Values["username"]
|
|
||||||
if username != nil {
|
|
||||||
return c.Redirect(http.StatusFound, "/home")
|
|
||||||
}
|
|
||||||
|
|
||||||
return c.Render(
|
|
||||||
http.StatusOK,
|
|
||||||
"signin.tmpl",
|
|
||||||
page{
|
|
||||||
AppName: setting.AppName(),
|
|
||||||
AppVer: appver,
|
|
||||||
Title: "Sign in",
|
|
||||||
DevelMode: setting.IsDevel(),
|
|
||||||
Current: "signin",
|
|
||||||
},
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func SigninPost(client *ent.Client) echo.HandlerFunc {
|
|
||||||
return func(c echo.Context) error {
|
|
||||||
err := c.Request().ParseForm()
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
var username string
|
|
||||||
|
|
||||||
var password string
|
|
||||||
|
|
||||||
if uname := c.Request().FormValue("username"); uname != "" {
|
|
||||||
username = uname
|
|
||||||
log.Infof("authenticating user '%s' at /signin", username)
|
|
||||||
} else {
|
|
||||||
log.Info("username was not set, returning to /signin")
|
|
||||||
|
|
||||||
return c.Redirect(http.StatusFound, "/signin")
|
|
||||||
}
|
|
||||||
|
|
||||||
if passwd := c.Request().FormValue("password"); passwd != "" {
|
|
||||||
password = passwd
|
|
||||||
} else {
|
|
||||||
log.Info("password was not set, returning to /signin")
|
|
||||||
|
|
||||||
return c.Redirect(http.StatusFound, "/signin")
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx := context.WithValue(context.Background(), moduser.CtxKey{}, log)
|
|
||||||
if usr, err := moduser.QueryUser(ctx, client, username); err == nil {
|
|
||||||
log.Info("queried user:", &usr.ID)
|
|
||||||
|
|
||||||
if !passwd.Compare(usr.Password, password) {
|
|
||||||
log.Warn("wrong user credentials, redirecting to /signin")
|
|
||||||
|
|
||||||
return c.Redirect(http.StatusFound, "/signin")
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if ent.IsNotFound(err) {
|
|
||||||
c.Logger().Error("user not found")
|
|
||||||
return c.Redirect(http.StatusFound, "/signin")
|
|
||||||
}
|
|
||||||
// just log the error instead of returning it to the user and
|
|
||||||
// redirect back to /signin.
|
|
||||||
c.Logger().Error(
|
|
||||||
http.StatusText(http.StatusUnauthorized)+" "+err.Error(),
|
|
||||||
strconv.Itoa(http.StatusUnauthorized)+" "+http.StatusText(http.StatusUnauthorized)+" "+err.Error(),
|
|
||||||
)
|
|
||||||
|
|
||||||
return c.Redirect(http.StatusFound, "/signin")
|
|
||||||
}
|
|
||||||
|
|
||||||
secure := c.Request().URL.Scheme == "https" //nolint:goconst
|
|
||||||
|
|
||||||
sess, _ := session.Get(setting.SessionCookieName(), c)
|
|
||||||
if sess != nil {
|
|
||||||
sess.Options = &sessions.Options{
|
|
||||||
Path: "/",
|
|
||||||
MaxAge: 3600,
|
|
||||||
HttpOnly: true,
|
|
||||||
Secure: secure,
|
|
||||||
SameSite: http.SameSiteStrictMode,
|
|
||||||
}
|
|
||||||
sess.Values["foo"] = "bar"
|
|
||||||
sess.Values["username"] = username
|
|
||||||
|
|
||||||
err := sess.Save(c.Request(), c.Response())
|
|
||||||
if err != nil {
|
|
||||||
c.Logger().Error("failed to save session")
|
|
||||||
|
|
||||||
return renderErrorPage(
|
|
||||||
c,
|
|
||||||
http.StatusInternalServerError,
|
|
||||||
http.StatusText(http.StatusInternalServerError)+" (make sure you've got cookies enabled)",
|
|
||||||
err.Error(),
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return c.Redirect(http.StatusMovedPermanently, "/home")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func Signup() echo.HandlerFunc {
|
func Signup() echo.HandlerFunc {
|
||||||
return func(c echo.Context) error {
|
return func(c echo.Context) error {
|
||||||
sess, _ := session.Get(setting.SessionCookieName(), c)
|
sess, _ := session.Get(setting.SessionCookieName(), c)
|
||||||
|
|||||||
120
handlers/signin.go
Normal file
120
handlers/signin.go
Normal file
@ -0,0 +1,120 @@
|
|||||||
|
package handlers
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"net/http"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
|
"git.dotya.ml/mirre-mt/pcmt/ent"
|
||||||
|
passwd "git.dotya.ml/mirre-mt/pcmt/modules/password"
|
||||||
|
moduser "git.dotya.ml/mirre-mt/pcmt/modules/user"
|
||||||
|
"github.com/gorilla/sessions"
|
||||||
|
"github.com/labstack/echo-contrib/session"
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Signin() echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
sess, _ := session.Get(setting.SessionCookieName(), c)
|
||||||
|
|
||||||
|
username := sess.Values["username"]
|
||||||
|
if username != nil {
|
||||||
|
return c.Redirect(http.StatusFound, "/home")
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.Render(
|
||||||
|
http.StatusOK,
|
||||||
|
"signin.tmpl",
|
||||||
|
page{
|
||||||
|
AppName: setting.AppName(),
|
||||||
|
AppVer: appver,
|
||||||
|
Title: "Sign in",
|
||||||
|
DevelMode: setting.IsDevel(),
|
||||||
|
Current: "signin",
|
||||||
|
},
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func SigninPost(client *ent.Client) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
err := c.Request().ParseForm()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var username string
|
||||||
|
|
||||||
|
var password string
|
||||||
|
|
||||||
|
if uname := c.Request().FormValue("username"); uname != "" {
|
||||||
|
username = uname
|
||||||
|
log.Infof("authenticating user '%s' at /signin", username)
|
||||||
|
} else {
|
||||||
|
log.Info("username was not set, returning to /signin")
|
||||||
|
|
||||||
|
return c.Redirect(http.StatusFound, "/signin")
|
||||||
|
}
|
||||||
|
|
||||||
|
if passwd := c.Request().FormValue("password"); passwd != "" {
|
||||||
|
password = passwd
|
||||||
|
} else {
|
||||||
|
log.Info("password was not set, returning to /signin")
|
||||||
|
|
||||||
|
return c.Redirect(http.StatusFound, "/signin")
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx := context.WithValue(context.Background(), moduser.CtxKey{}, log)
|
||||||
|
if usr, err := moduser.QueryUser(ctx, client, username); err == nil {
|
||||||
|
log.Info("queried user:", &usr.ID)
|
||||||
|
|
||||||
|
if !passwd.Compare(usr.Password, password) {
|
||||||
|
log.Warn("wrong user credentials, redirecting to /signin")
|
||||||
|
|
||||||
|
return c.Redirect(http.StatusFound, "/signin")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if ent.IsNotFound(err) {
|
||||||
|
c.Logger().Error("user not found")
|
||||||
|
return c.Redirect(http.StatusFound, "/signin")
|
||||||
|
}
|
||||||
|
// just log the error instead of returning it to the user and
|
||||||
|
// redirect back to /signin.
|
||||||
|
c.Logger().Error(
|
||||||
|
http.StatusText(http.StatusUnauthorized)+" "+err.Error(),
|
||||||
|
strconv.Itoa(http.StatusUnauthorized)+" "+http.StatusText(http.StatusUnauthorized)+" "+err.Error(),
|
||||||
|
)
|
||||||
|
|
||||||
|
return c.Redirect(http.StatusFound, "/signin")
|
||||||
|
}
|
||||||
|
|
||||||
|
secure := c.Request().URL.Scheme == "https" //nolint:goconst
|
||||||
|
|
||||||
|
sess, _ := session.Get(setting.SessionCookieName(), c)
|
||||||
|
if sess != nil {
|
||||||
|
sess.Options = &sessions.Options{
|
||||||
|
Path: "/",
|
||||||
|
MaxAge: 3600,
|
||||||
|
HttpOnly: true,
|
||||||
|
Secure: secure,
|
||||||
|
SameSite: http.SameSiteStrictMode,
|
||||||
|
}
|
||||||
|
sess.Values["foo"] = "bar"
|
||||||
|
sess.Values["username"] = username
|
||||||
|
|
||||||
|
err := sess.Save(c.Request(), c.Response())
|
||||||
|
if err != nil {
|
||||||
|
c.Logger().Error("failed to save session")
|
||||||
|
|
||||||
|
return renderErrorPage(
|
||||||
|
c,
|
||||||
|
http.StatusInternalServerError,
|
||||||
|
http.StatusText(http.StatusInternalServerError)+" (make sure you've got cookies enabled)",
|
||||||
|
err.Error(),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.Redirect(http.StatusMovedPermanently, "/home")
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user