142 lines
2.9 KiB
Go
142 lines
2.9 KiB
Go
package routes
|
|
|
|
import (
|
|
"errors"
|
|
"html/template"
|
|
"net/http"
|
|
"net/url"
|
|
"shelves/backend/auth"
|
|
"shelves/backend/errorsx"
|
|
"shelves/backend/forms"
|
|
"shelves/backend/httpx"
|
|
"shelves/backend/templates"
|
|
)
|
|
|
|
type loginForm struct {
|
|
password string
|
|
redirectTo string
|
|
}
|
|
|
|
type loginFormErrors struct {
|
|
password error
|
|
}
|
|
|
|
func loginRenderView(f loginForm, e loginFormErrors) template.HTML {
|
|
body := templates.Form{
|
|
Action: "/login",
|
|
Fields: []templates.Field{
|
|
templates.Field{
|
|
Label: "Password",
|
|
Type: "password",
|
|
Placeholder: "Password",
|
|
Name: "password",
|
|
Error: errorsx.String(e.password),
|
|
},
|
|
templates.Field{
|
|
Type: "hidden",
|
|
Name: "redirectTo",
|
|
Value: f.redirectTo,
|
|
},
|
|
},
|
|
}
|
|
|
|
return templates.PageBase{Title: "Login", Body: body.HTML()}.HTML()
|
|
}
|
|
|
|
func getRedirectTo(r *http.Request) string {
|
|
redirectTo := r.URL.Query().Get("redirectTo")
|
|
if redirectTo == "" {
|
|
redirectTo = "/"
|
|
}
|
|
|
|
redirectTo, err := url.QueryUnescape(redirectTo)
|
|
if err != nil {
|
|
redirectTo = ""
|
|
}
|
|
|
|
return redirectTo
|
|
}
|
|
|
|
func LoginGet(w http.ResponseWriter, r *http.Request) {
|
|
ctx := httpx.GetCtx(r)
|
|
redirectTo := getRedirectTo(r)
|
|
|
|
if ctx.Auth.IsAdmin {
|
|
httpx.SeeOther(w, redirectTo)
|
|
return
|
|
}
|
|
|
|
html(w, loginRenderView(loginForm{redirectTo: redirectTo}, loginFormErrors{}))
|
|
}
|
|
|
|
func loginParseForm(f *loginForm, e *loginFormErrors, vs url.Values, v *forms.Validator) {
|
|
f.password = vs.Get("password")
|
|
f.redirectTo = vs.Get("redirectTo")
|
|
}
|
|
|
|
func LoginPost(w http.ResponseWriter, r *http.Request) {
|
|
ctx := httpx.GetCtx(r)
|
|
|
|
form := loginForm{}
|
|
errs := loginFormErrors{}
|
|
failed := forms.ParseFormData(r, func(vs url.Values, v *forms.Validator) {
|
|
loginParseForm(&form, &errs, vs, v)
|
|
})
|
|
if failed {
|
|
httpx.BadRequest(w)
|
|
html(w, loginRenderView(form, errs))
|
|
return
|
|
}
|
|
|
|
if ctx.Auth.IsAdmin {
|
|
httpx.SeeOther(w, form.redirectTo)
|
|
return
|
|
}
|
|
|
|
success, sessionId, err := auth.Login(ctx.DB, form.password)
|
|
if err != nil {
|
|
httpx.InternalServerError(w, err)
|
|
return
|
|
}
|
|
if !success {
|
|
httpx.BadRequest(w)
|
|
|
|
errs.password = errors.New("Incorrect password")
|
|
html(w, loginRenderView(form, errs))
|
|
return
|
|
}
|
|
|
|
cookie := http.Cookie{Name: "SHELVES_OWNER_SESSION_ID", Value: sessionId}
|
|
cookie.Secure = true
|
|
cookie.HttpOnly = true
|
|
cookie.SameSite = http.SameSiteStrictMode
|
|
cookie.MaxAge = 60 * 60 * 24 * 7 // 7 days
|
|
|
|
http.SetCookie(w, &cookie)
|
|
httpx.SeeOther(w, form.redirectTo)
|
|
}
|
|
|
|
func LoginDelete(w http.ResponseWriter, r *http.Request) {
|
|
ctx := httpx.GetCtx(r)
|
|
if !ctx.Auth.IsAdmin {
|
|
httpx.SeeOther(w, "/")
|
|
return
|
|
}
|
|
|
|
sessionId := ctx.Auth.SessionId
|
|
err := auth.SessionDelete(ctx.DB, sessionId)
|
|
if err != nil {
|
|
httpx.InternalServerError(w, err)
|
|
return
|
|
}
|
|
|
|
cookie := http.Cookie{Name: "SHELVES_OWNER_SESSION_ID", Value: ""}
|
|
cookie.Secure = true
|
|
cookie.HttpOnly = true
|
|
cookie.SameSite = http.SameSiteStrictMode
|
|
cookie.MaxAge = -1
|
|
|
|
http.SetCookie(w, &cookie)
|
|
httpx.SeeOther(w, "/")
|
|
}
|