536b5909c8
go,tmpl: use CSRF token in relevant places
continuous-integration/drone/push Build is passing
2023-08-05 21:43:45 +02:00
eb555cfcad
go: add + use sessionMaxAge
continuous-integration/drone/push Build is failing
2023-08-04 18:28:56 +02:00
31e86833aa
MiddlewareSession: simplify logic
continuous-integration/drone/push Build is passing
2023-06-04 12:07:07 +02:00
3cacea8c1f
signin.go: change login failed msg
continuous-integration/drone/push Build is passing
2023-06-04 11:57:47 +02:00
ce383b5818
refactor: mv ctx to a later point
continuous-integration/drone/push Build is passing
2023-06-04 11:36:07 +02:00
afc97407f6
healthz: use proper JSON
continuous-integration/drone/push Build is passing
2023-06-04 11:32:57 +02:00
5f8548958f
go: add usr updating [wip]
continuous-integration/drone/push Build is passing
2023-06-02 20:00:14 +02:00
32aa8d8852
go: add+enable compression middleware
continuous-integration/drone/push Build is passing
2023-05-31 22:42:50 +02:00
ffc9b74c75
go: add a simple caching middleware for assets
continuous-integration/drone/push Build is passing
2023-05-31 22:29:52 +02:00
dbd0e9d01d
go: implement session auth middleware
...
continuous-integration/drone/push Build is passing
* simplify protection of endpoints
* role discernment still occures in respective handlers
* db client needs to be passed into handlers as a global var now
2023-05-30 23:50:37 +02:00
1f11b71341
user-mgmt: clear err messages + page rendering
continuous-integration/drone/push Build is passing
2023-05-30 21:08:34 +02:00
ae5c4f1dd4
go,tmpl: add usr details listing
...
continuous-integration/drone/push Build is passing
* add tmpl
* add handler for route /manage/user/:id
* add convenience helper func
* handle not found/invalid uuid errors
2023-05-29 22:42:18 +02:00
e2a29fa692
handlers,tmpl: render+log signin better errors
continuous-integration/drone/push Build is passing
2023-05-28 22:47:10 +02:00
e0a7656b2b
handlers(types): add validation
continuous-integration/drone/push Build is passing
2023-05-28 18:57:37 +02:00
547f6e7b3c
add user creation
continuous-integration/drone/push Build is passing
2023-05-22 06:47:33 +02:00
97ea29d043
add user listing
continuous-integration/drone/push Build is passing
2023-05-22 03:22:58 +02:00
3a2f85f683
feat: add license headers (+spdx id)
continuous-integration/drone/push Build is passing
2023-05-20 20:15:57 +02:00
be1709794a
fix(session panic): check if nil before use
continuous-integration/drone/push Build is passing
2023-05-16 13:49:02 +02:00
695039e882
handlers(echo): use c.Bind in sign{in,up}
continuous-integration/drone/push Build is passing
2023-05-15 23:57:38 +02:00
31ab083f8a
handlers: add health-check endpoints
continuous-integration/drone/push Build is passing
2023-05-13 22:33:38 +02:00
b77c2fe941
handlers: add func addHeaders
continuous-integration/drone/push Build is passing
2023-05-11 23:50:40 +02:00
1fb7479d8e
slogger: rename Logger to Slogger
continuous-integration/drone/push Build is passing
2023-05-11 17:06:20 +02:00
a385b194b9
handlers/home: render success with StatusOK
continuous-integration/drone/push Build is passing
2023-05-11 05:07:53 +02:00
468e20da0a
handlers/index: refactor to use c.Render
continuous-integration/drone/push Build is passing
2023-05-11 05:01:19 +02:00
f80e06078a
handlers/home: redirect w/ 303 instead of 301
continuous-integration/drone/push Build is passing
2023-05-11 04:55:56 +02:00
847d4aab22
handlers: rename helper.go -> error.go
continuous-integration/drone/push Build is passing
2023-05-11 04:54:31 +02:00
122ea638c9
go: refactor template rendering
...
continuous-integration/drone/push Build is passing
* create pkg 'modules/template'
* move template rendering code from 'handlers' to 'modules/template'
* update call sites
* walk the 'templates' dir to discover nested hierarchies
* solidify LiveMode handling (vs embedded assets)
* break out funcMap to it's own file
* general clean-up
2023-05-11 04:32:39 +02:00
46cc1d663f
go(handlers): split get,set funcMap funcs
continuous-integration/drone/push Build is passing
2023-05-10 19:17:17 +02:00
2215383c5d
go: refactor handlers
continuous-integration/drone/push Build is passing
2023-05-10 19:09:41 +02:00
a879704535
go: partially rework how slogging works
continuous-integration/drone/push Build is passing
2023-05-09 17:35:00 +02:00
0490786f11
refactor(handlers): break out signin funcs
continuous-integration/drone/push Build is passing
2023-05-07 00:19:10 +02:00
9dbc475145
go: implement the Echo renderer for templates
continuous-integration/drone/push Build is passing
2023-05-06 21:50:35 +02:00
c4f8cf87f5
go: redirect signed users from / to /home
continuous-integration/drone/push Build is passing
2023-05-06 00:09:13 +02:00
eafc9c1e92
go,tmpl: conditionally show content to users
continuous-integration/drone/push Build is passing
2023-05-06 00:03:41 +02:00
4dad751716
handlers: rm pages.go [skip ci]
2023-05-05 19:58:35 +02:00
a2c17693c6
go: save,verify a bcrypt hash of the passwd
continuous-integration/drone/push Build is passing
2023-05-03 06:30:12 +02:00
864e2ec815
handlers.go: change msg log level
continuous-integration/drone/push Build is passing
2023-05-03 06:03:38 +02:00
c4d0cb209b
go: add settings struct
...
continuous-integration/drone/push Build is passing
* let the settings struct be the single source of truth
* rm app fields that are covered by settings
* pass around a pointer to settings instead of config
* consolidate config+flags into settings on start-up
* update tests
* rm empty settings.go file
fixes #4
2023-05-03 02:18:29 +02:00
593454d616
go: add user email handling + improve sessions
...
continuous-integration/drone/push Build is passing
* add Email field to User entity (+codegen)
* switch to Echo contrib sessions backed by Gorilla sessions
* use SessionCookieSecret value from the config
* stage mod,sum changes
* add clearer signup/signin redirect logic
* render error pages on 500/404s and only fall back to returning raw
errors when the error is some unexpected kind
* add username/email "exists" funcs+tests - handle "not found" and "not
unique" errors, return errors otherwise
2023-05-01 22:48:11 +02:00
1d421465f5
go: have a dynamic {asset,tmpl}Path
...
continuous-integration/drone/push Build is passing
* handle errors more specifically when loading assets/tmpls
2023-04-28 23:16:58 +02:00
555bc65502
handlers: update error handling
...
continuous-integration/drone/push Build is passing
* have a common error page tmpl
2023-04-21 12:33:14 +02:00
edf720bcb9
go: create proper (non-string) ctx key in user pkg
continuous-integration/drone/push Build is passing
2023-04-19 23:44:49 +02:00
f00b5bdaf8
handlers: add a TODO [skip ci]
2023-04-19 23:23:22 +02:00
aa63dafad4
go(handlers): add bluemonday HTML sanitiser
...
continuous-integration/drone/push Build is passing
should aid at thwarting XSS.
2023-04-19 22:46:20 +02:00
25335293eb
chore: clean up handlers pkg
continuous-integration/drone/push Build is passing
2023-04-19 22:08:17 +02:00
c6378d7dd3
pass logger ctx under key 'l'
continuous-integration/drone/push Build is passing
2023-04-19 05:18:01 +02:00
608b0952b2
handlers: clean up
continuous-integration/drone/push Build is passing
2023-04-19 04:45:49 +02:00
773b10e60b
handlers: handle err on redirects
continuous-integration/drone/push Build is passing
2023-04-19 04:09:24 +02:00
ff252df692
handlers: streamline SignupPost
continuous-integration/drone/push Build is passing
2023-04-19 04:01:03 +02:00
62e038fa3e
simplify: funcMap member func
continuous-integration/drone/push Build is passing
2023-04-19 03:57:07 +02:00
