Move logout to POST route and controller with CSRF middleware. Add CsrfToken to home for logout
This commit is contained in:
parent
de4a217c5f
commit
dc450e26dd
@ -2,7 +2,6 @@ package controllers
|
||||
|
||||
import (
|
||||
"GoWeb/app"
|
||||
"GoWeb/models"
|
||||
"GoWeb/security"
|
||||
"GoWeb/templating"
|
||||
"net/http"
|
||||
@ -15,6 +14,7 @@ type Get struct {
|
||||
|
||||
func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
|
||||
type dataStruct struct {
|
||||
CsrfToken string
|
||||
Test string
|
||||
}
|
||||
|
||||
@ -58,8 +58,3 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
templating.RenderTemplate(w, "templates/pages/login.html", data)
|
||||
}
|
||||
|
||||
func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {
|
||||
models.LogoutUser(g.App, w, r)
|
||||
http.Redirect(w, r, "/", http.StatusFound)
|
||||
}
|
||||
|
@ -50,3 +50,8 @@ func (p *Post) Register(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
http.Redirect(w, r, "/login", http.StatusFound)
|
||||
}
|
||||
|
||||
func (p *Post) Logout(w http.ResponseWriter, r *http.Request) {
|
||||
models.LogoutUser(p.App, w, r)
|
||||
http.Redirect(w, r, "/", http.StatusFound)
|
||||
}
|
||||
|
@ -26,8 +26,7 @@ func Get(app *app.App) {
|
||||
slog.Info("serving static files from embedded file system /static")
|
||||
|
||||
// Pages
|
||||
http.HandleFunc("/", getController.ShowHome)
|
||||
http.HandleFunc("/login", getController.ShowLogin)
|
||||
http.HandleFunc("/register", getController.ShowRegister)
|
||||
http.HandleFunc("/logout", getController.Logout)
|
||||
http.HandleFunc("GET /", getController.ShowHome)
|
||||
http.HandleFunc("GET /login", getController.ShowLogin)
|
||||
http.HandleFunc("GET /register", getController.ShowRegister)
|
||||
}
|
||||
|
@ -15,6 +15,7 @@ func Post(app *app.App) {
|
||||
}
|
||||
|
||||
// User authentication
|
||||
http.HandleFunc("/register-handle", middleware.Csrf(postController.Register))
|
||||
http.HandleFunc("/login-handle", middleware.Csrf(postController.Login))
|
||||
http.HandleFunc("POST /register-handle", middleware.Csrf(postController.Register))
|
||||
http.HandleFunc("POST /login-handle", middleware.Csrf(postController.Login))
|
||||
http.HandleFunc("POST /logout", middleware.Csrf(postController.Logout))
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user