Only show logout (now CSRF protected) if user is authenticated, include relevant authentication logic in GET controllers (this should be moved to middleware)

2024-02-14 13:20:35 -06:00
parent a6be73765a
commit 6d6aff50b3
2 changed files with 56 additions and 17 deletions
--- a/controllers/get.go
+++ b/controllers/get.go
@ -2,6 +2,7 @@ package controllers

 import (
 	"GoWeb/app"
+	"GoWeb/models"
 	"GoWeb/security"
 	"GoWeb/templating"
 	"net/http"
@ -12,22 +13,11 @@ type Get struct {
 	App *app.App
 }

-func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
+func (g *Get) ShowHome(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		CsrfToken string
-		Test      string
-	}
-
-	data := dataStruct{
-		Test: "Hello World!",
-	}
-
-	templating.RenderTemplate(w, "templates/pages/home.html", data)
-}
-
-func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
-	type dataStruct struct {
-		CsrfToken string
+		CsrfToken       string
+		IsAuthenticated bool
+		Test            string
 	}

 	CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -35,8 +25,41 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	isAuthenticated := true
+	user, err := models.CurrentUser(g.App, r)
+	if err != nil || user.Id == 0 {
+		isAuthenticated = false
+	}
+
 	data := dataStruct{
-		CsrfToken: CsrfToken,
+		CsrfToken:       CsrfToken,
+		Test:            "Hello World!",
+		IsAuthenticated: isAuthenticated,
+	}
+
+	templating.RenderTemplate(w, "templates/pages/home.html", data)
+}
+
+func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
+	type dataStruct struct {
+		CsrfToken       string
+		IsAuthenticated bool
+	}
+
+	CsrfToken, err := security.GenerateCsrfToken(w, r)
+	if err != nil {
+		return
+	}
+
+	isAuthenticated := true
+	user, err := models.CurrentUser(g.App, r)
+	if err != nil || user.Id == 0 {
+		isAuthenticated = false
+	}
+
+	data := dataStruct{
+		CsrfToken:       CsrfToken,
+		IsAuthenticated: isAuthenticated,
 	}

 	templating.RenderTemplate(w, "templates/pages/register.html", data)
@ -44,7 +67,8 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {

 func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		CsrfToken string
+		CsrfToken       string
+		IsAuthenticated bool
 	}

 	CsrfToken, err := security.GenerateCsrfToken(w, r)