Move logout to POST route and controller with CSRF middleware. Add CsrfToken to home for logout

This commit is contained in:
max 2024-02-12 14:46:26 -06:00
parent de4a217c5f
commit dc450e26dd
4 changed files with 13 additions and 13 deletions

View File

@ -2,7 +2,6 @@ package controllers
import (
"GoWeb/app"
"GoWeb/models"
"GoWeb/security"
"GoWeb/templating"
"net/http"
@ -15,7 +14,8 @@ type Get struct {
func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
type dataStruct struct {
Test string
CsrfToken string
Test string
}
data := dataStruct{
@ -58,8 +58,3 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
templating.RenderTemplate(w, "templates/pages/login.html", data)
}
func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {
models.LogoutUser(g.App, w, r)
http.Redirect(w, r, "/", http.StatusFound)
}

View File

@ -50,3 +50,8 @@ func (p *Post) Register(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/login", http.StatusFound)
}
func (p *Post) Logout(w http.ResponseWriter, r *http.Request) {
models.LogoutUser(p.App, w, r)
http.Redirect(w, r, "/", http.StatusFound)
}

View File

@ -26,8 +26,7 @@ func Get(app *app.App) {
slog.Info("serving static files from embedded file system /static")
// Pages
http.HandleFunc("/", getController.ShowHome)
http.HandleFunc("/login", getController.ShowLogin)
http.HandleFunc("/register", getController.ShowRegister)
http.HandleFunc("/logout", getController.Logout)
http.HandleFunc("GET /", getController.ShowHome)
http.HandleFunc("GET /login", getController.ShowLogin)
http.HandleFunc("GET /register", getController.ShowRegister)
}

View File

@ -15,6 +15,7 @@ func Post(app *app.App) {
}
// User authentication
http.HandleFunc("/register-handle", middleware.Csrf(postController.Register))
http.HandleFunc("/login-handle", middleware.Csrf(postController.Login))
http.HandleFunc("POST /register-handle", middleware.Csrf(postController.Register))
http.HandleFunc("POST /login-handle", middleware.Csrf(postController.Login))
http.HandleFunc("POST /logout", middleware.Csrf(postController.Logout))
}