Merge branch 'master' into enhanced_routing_and_logout_fixes

Merge remote-tracking branch 'origin/enhanced_routing_and_logout_fixes' into enhanced_routing_and_logout_fixes
Update x/crypto
2024-02-28 10:06:56 -06:00 · 2024-02-28 09:52:47 -06:00 · 2024-02-28 09:51:26 -06:00 · 2024-02-18 17:23:46 -06:00 · 2024-02-14 13:20:35 -06:00 · 2024-02-14 13:16:52 -06:00
6 changed files with 68 additions and 29 deletions
--- a/controllers/get.go
+++ b/controllers/get.go
@ -13,21 +13,11 @@ type Get struct {
 	App *app.App
 }

-func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
+func (g *Get) ShowHome(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		Test string
-	}
-
-	data := dataStruct{
-		Test: "Hello World!",
-	}
-
-	templating.RenderTemplate(w, "templates/pages/home.html", data)
-}
-
-func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
-	type dataStruct struct {
-		CsrfToken string
+		CsrfToken       string
+		IsAuthenticated bool
+		Test            string
 	}

 	CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -35,8 +25,41 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	isAuthenticated := true
+	user, err := models.CurrentUser(g.App, r)
+	if err != nil || user.Id == 0 {
+		isAuthenticated = false
+	}
+
 	data := dataStruct{
-		CsrfToken: CsrfToken,
+		CsrfToken:       CsrfToken,
+		Test:            "Hello World!",
+		IsAuthenticated: isAuthenticated,
+	}
+
+	templating.RenderTemplate(w, "templates/pages/home.html", data)
+}
+
+func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
+	type dataStruct struct {
+		CsrfToken       string
+		IsAuthenticated bool
+	}
+
+	CsrfToken, err := security.GenerateCsrfToken(w, r)
+	if err != nil {
+		return
+	}
+
+	isAuthenticated := true
+	user, err := models.CurrentUser(g.App, r)
+	if err != nil || user.Id == 0 {
+		isAuthenticated = false
+	}
+
+	data := dataStruct{
+		CsrfToken:       CsrfToken,
+		IsAuthenticated: isAuthenticated,
 	}

 	templating.RenderTemplate(w, "templates/pages/register.html", data)
@ -44,7 +67,8 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {

 func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		CsrfToken string
+		CsrfToken       string
+		IsAuthenticated bool
 	}

 	CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -58,8 +82,3 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {

 	templating.RenderTemplate(w, "templates/pages/login.html", data)
 }
-
-func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {
-	models.LogoutUser(g.App, w, r)
-	http.Redirect(w, r, "/", http.StatusFound)
-}
--- a/controllers/post.go
+++ b/controllers/post.go
@ -50,3 +50,8 @@ func (p *Post) Register(w http.ResponseWriter, r *http.Request) {

 	http.Redirect(w, r, "/login", http.StatusFound)
 }
+
+func (p *Post) Logout(w http.ResponseWriter, r *http.Request) {
+	models.LogoutUser(p.App, w, r)
+	http.Redirect(w, r, "/", http.StatusFound)
+}
--- a/models/migrations.go
+++ b/models/migrations.go
@ -25,7 +25,7 @@ func RunAllMigrations(app *app.App) error {
 		Id:         1,
 		UserId:     1,
 		AuthToken:  "migrate",
-		RememberMe: false,
+		RememberMe: true, // Booleans must be true to migrate properly
 		CreatedAt:  time.Now(),
 	}
 	err = database.Migrate(app, session)
--- a/routes/get.go
+++ b/routes/get.go
@ -22,12 +22,11 @@ func Get(app *app.App) {
 		return
 	}
 	staticHandler := http.FileServer(http.FS(staticFS))
-	http.Handle("/static/", http.StripPrefix("/static/", staticHandler))
+	http.Handle("GET /static/", http.StripPrefix("/static/", staticHandler))
 	slog.Info("serving static files from embedded file system /static")

 	// Pages
-	http.HandleFunc("/", getController.ShowHome)
-	http.HandleFunc("/login", getController.ShowLogin)
-	http.HandleFunc("/register", getController.ShowRegister)
-	http.HandleFunc("/logout", getController.Logout)
+	http.HandleFunc("GET /", getController.ShowHome)
+	http.HandleFunc("GET /login", getController.ShowLogin)
+	http.HandleFunc("GET /register", getController.ShowRegister)
 }
--- a/routes/post.go
+++ b/routes/post.go
@ -15,6 +15,7 @@ func Post(app *app.App) {
 	}

 	// User authentication
-	http.HandleFunc("/register-handle", middleware.Csrf(postController.Register))
-	http.HandleFunc("/login-handle", middleware.Csrf(postController.Login))
+	http.HandleFunc("POST /register-handle", middleware.Csrf(postController.Register))
+	http.HandleFunc("POST /login-handle", middleware.Csrf(postController.Login))
+	http.HandleFunc("POST /logout", middleware.Csrf(postController.Logout))
 }
--- a/templates/base.html
+++ b/templates/base.html
@ -6,6 +6,21 @@
    <link href="/static/css/style.css" rel="stylesheet">
 </head>
 <body>
+<div class="navbar">
+    {{ if .IsAuthenticated }}
+    <form action="/logout" method="post">
+        <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}">
+        <input type="submit" value="Logout">
+    </form>
+    {{ else }}
+    <form action="/login" method="get">
+        <input type="submit" value="Login">
+    </form>
+    <form action="/register" method="get">
+        <input type="submit" value="Register">
+    </form>
+    {{ end }}
+</div>
 {{ template "content" . }}
 <div class="footer-container">
    <footer>
Author	SHA1	Message	Date
max	783ddaf553	Merge branch 'master' into enhanced_routing_and_logout_fixes	2024-02-28 10:06:56 -06:00
max	b8b64968bb	Merge remote-tracking branch 'origin/enhanced_routing_and_logout_fixes' into enhanced_routing_and_logout_fixes	2024-02-28 09:52:47 -06:00
max	65be302aa4	Update x/crypto	2024-02-28 09:51:26 -06:00
Maximilian	8ab50cb37c	Merge branch 'master' into enhanced_routing_and_logout_fixes	2024-02-18 17:23:46 -06:00
max	6d6aff50b3	Only show logout (now CSRF protected) if user is authenticated, include relevant authentication logic in GET controllers (this should be moved to middleware)	2024-02-14 13:20:35 -06:00
max	a6be73765a	Add GET verb to static handler	2024-02-14 13:16:52 -06:00
max	ddc9e51831	Fix boolean column migration example	2024-02-14 13:16:15 -06:00
max	dc450e26dd	Move logout to POST route and controller with CSRF middleware. Add CsrfToken to home for logout	2024-02-12 14:46:26 -06:00