max/GoWeb
1
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases 7 Wiki Activity

Compare commits

base: max:master
Branches Tags
max:master
max:structure_refactor
max:enhanced_routing_and_logout_fixes
max:toml_config
max:file_uploads
max:v1.5.1
max:v1.5.0
max:v1.4.1
max:v1.4.0
max:v1.3.0
max:v1.0.1
max:v1.0.0
..
compare: max:enhanced_routing_and_logout_fixes
Branches Tags
max:structure_refactor
max:master
max:enhanced_routing_and_logout_fixes
max:toml_config
max:file_uploads
max:v1.5.1
max:v1.5.0
max:v1.4.1
max:v1.4.0
max:v1.3.0
max:v1.0.1
max:v1.0.0

8 Commits
master ... enhanced_r

Author SHA1 Message Date
max
783ddaf553 Merge branch 'master' into enhanced_routing_and_logout_fixes 2024-02-28 10:06:56 -06:00
max
b8b64968bb Merge remote-tracking branch 'origin/enhanced_routing_and_logout_fixes' into enhanced_routing_and_logout_fixes 2024-02-28 09:52:47 -06:00
max
65be302aa4 Update x/crypto 2024-02-28 09:51:26 -06:00
Maximilian
8ab50cb37c Merge branch 'master' into enhanced_routing_and_logout_fixes 2024-02-18 17:23:46 -06:00
max
6d6aff50b3 Only show logout (now CSRF protected) if user is authenticated, include relevant authentication logic in GET controllers (this should be moved to middleware) 2024-02-14 13:20:35 -06:00
max
a6be73765a Add GET verb to static handler 2024-02-14 13:16:52 -06:00
max
ddc9e51831 Fix boolean column migration example 2024-02-14 13:16:15 -06:00
max
dc450e26dd Move logout to POST route and controller with CSRF middleware. Add CsrfToken to home for logout 2024-02-12 14:46:26 -06:00
8 changed files with 71 additions and 32 deletions
Show Stats Expand all files Collapse all files

61
controllers/get.go
View File

@ -13,21 +13,11 @@ type Get struct {
App *app.App App *app.App
} }
func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) { func (g *Get) ShowHome(w http.ResponseWriter, r *http.Request) {
type dataStruct struct { type dataStruct struct {
Test string CsrfToken string
} IsAuthenticated bool
Test string
data := dataStruct{
Test: "Hello World!",
}
templating.RenderTemplate(w, "templates/pages/home.html", data)
}
func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
type dataStruct struct {
CsrfToken string
} }
CsrfToken, err := security.GenerateCsrfToken(w, r) CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -35,8 +25,41 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
return return
} }
isAuthenticated := true
user, err := models.CurrentUser(g.App, r)
if err != nil || user.Id == 0 {
isAuthenticated = false
}
data := dataStruct{ data := dataStruct{
CsrfToken: CsrfToken, CsrfToken: CsrfToken,
Test: "Hello World!",
IsAuthenticated: isAuthenticated,
}
templating.RenderTemplate(w, "templates/pages/home.html", data)
}
func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
type dataStruct struct {
CsrfToken string
IsAuthenticated bool
}
CsrfToken, err := security.GenerateCsrfToken(w, r)
if err != nil {
return
}
isAuthenticated := true
user, err := models.CurrentUser(g.App, r)
if err != nil || user.Id == 0 {
isAuthenticated = false
}
data := dataStruct{
CsrfToken: CsrfToken,
IsAuthenticated: isAuthenticated,
} }
templating.RenderTemplate(w, "templates/pages/register.html", data) templating.RenderTemplate(w, "templates/pages/register.html", data)
@ -44,7 +67,8 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) { func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
type dataStruct struct { type dataStruct struct {
CsrfToken string CsrfToken string
IsAuthenticated bool
} }
CsrfToken, err := security.GenerateCsrfToken(w, r) CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -58,8 +82,3 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
templating.RenderTemplate(w, "templates/pages/login.html", data) templating.RenderTemplate(w, "templates/pages/login.html", data)
} }
func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {
models.LogoutUser(g.App, w, r)
http.Redirect(w, r, "/", http.StatusFound)
}

5
controllers/post.go
View File

@ -50,3 +50,8 @@ func (p *Post) Register(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/login", http.StatusFound) http.Redirect(w, r, "/login", http.StatusFound)
} }
func (p *Post) Logout(w http.ResponseWriter, r *http.Request) {
models.LogoutUser(p.App, w, r)
http.Redirect(w, r, "/", http.StatusFound)
}

2
go.mod
View File

@ -4,5 +4,5 @@ go 1.22
require ( require (
github.com/lib/pq v1.10.9 github.com/lib/pq v1.10.9
golang.org/x/crypto v0.24.0 golang.org/x/crypto v0.20.0
) )

4
go.sum
View File

@ -1,4 +1,4 @@
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg=
golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=

2
models/migrations.go
View File

@ -25,7 +25,7 @@ func RunAllMigrations(app *app.App) error {
Id: 1, Id: 1,
UserId: 1, UserId: 1,
AuthToken: "migrate", AuthToken: "migrate",
RememberMe: false, RememberMe: true, // Booleans must be true to migrate properly
CreatedAt: time.Now(), CreatedAt: time.Now(),
} }
err = database.Migrate(app, session) err = database.Migrate(app, session)

9
routes/get.go
View File

@ -22,12 +22,11 @@ func Get(app *app.App) {
return return
} }
staticHandler := http.FileServer(http.FS(staticFS)) staticHandler := http.FileServer(http.FS(staticFS))
http.Handle("/static/", http.StripPrefix("/static/", staticHandler)) http.Handle("GET /static/", http.StripPrefix("/static/", staticHandler))
slog.Info("serving static files from embedded file system /static") slog.Info("serving static files from embedded file system /static")
// Pages // Pages
http.HandleFunc("/", getController.ShowHome) http.HandleFunc("GET /", getController.ShowHome)
http.HandleFunc("/login", getController.ShowLogin) http.HandleFunc("GET /login", getController.ShowLogin)
http.HandleFunc("/register", getController.ShowRegister) http.HandleFunc("GET /register", getController.ShowRegister)
http.HandleFunc("/logout", getController.Logout)
} }

5
routes/post.go
View File

@ -15,6 +15,7 @@ func Post(app *app.App) {
} }
// User authentication // User authentication
http.HandleFunc("/register-handle", middleware.Csrf(postController.Register)) http.HandleFunc("POST /register-handle", middleware.Csrf(postController.Register))
http.HandleFunc("/login-handle", middleware.Csrf(postController.Login)) http.HandleFunc("POST /login-handle", middleware.Csrf(postController.Login))
http.HandleFunc("POST /logout", middleware.Csrf(postController.Logout))
} }

15
templates/base.html
View File

@ -6,6 +6,21 @@
<link href="/static/css/style.css" rel="stylesheet"> <link href="/static/css/style.css" rel="stylesheet">
</head> </head>
<body> <body>
<div class="navbar">
{{ if .IsAuthenticated }}
<form action="/logout" method="post">
<input name="csrf_token" type="hidden" value="{{ .CsrfToken }}">
<input type="submit" value="Logout">
</form>
{{ else }}
<form action="/login" method="get">
<input type="submit" value="Login">
</form>
<form action="/register" method="get">
<input type="submit" value="Register">
</form>
{{ end }}
</div>
{{ template "content" . }} {{ template "content" . }}
<div class="footer-container"> <div class="footer-container">
<footer> <footer>