Compare commits

..

16 Commits

Author SHA1 Message Date
max
86ff949eae Update x/crypto 2024-06-25 18:17:21 -05:00
max
8476e37499 Update x/crypto 2024-04-19 11:40:15 -05:00
max
aad9cdfaf5 Merge remote-tracking branch 'origin/master' 2024-02-28 09:52:10 -06:00
max
3738ba689e Update x/crypto 2024-02-28 09:51:56 -06:00
Maximilian
a833823ad6 Fix wording 2024-02-18 17:23:23 -06:00
max
de4a217c5f Update extended crypto library 2024-02-09 14:47:29 -06:00
max
c4e83d06b9 Bump go version to 1.22 2024-02-09 14:21:45 -06:00
max
51da24be9b Small formatting fix 2024-02-09 13:44:21 -06:00
Maximilian
e497f4d2f0 Ignore fields that are zero value 2024-01-20 16:32:07 -06:00
Maximilian
b30af86e58 Prebuild templates (base.html + content) at startup to avoid a file parse every page load 2023-12-22 21:03:15 -06:00
Maximilian
3ffd548623 Fix ordering for html attributes 2023-12-21 00:14:28 -06:00
Maximilian
cb4f10e0b4 Better alignment for memory 2023-12-19 16:41:31 -06:00
Maximilian
878ce01b29 Get the sha256 hash of password before passing to bcrypt to avoid character limit 2023-12-19 16:06:00 -06:00
Maximilian
c82cdb4f13 Use best naming practices 2023-12-18 23:04:31 -06:00
Maximilian
ce81c36e9f Update x/crypto 2023-12-18 23:01:19 -06:00
Maximilian
ab1b82c680 Update x/crypto 2023-10-10 21:37:54 -05:00
16 changed files with 176 additions and 103 deletions

View File

@ -18,8 +18,8 @@ fine with getting your hands dirty, but I plan on having it ready to go for more
- Minimal user login/registration + sessions
- Config file handling
- Scheduled tasks
- Entire website compiles into a single binary (~10mb) (excluding env.toml)
- Minimal dependencies (just standard library, postgres driver, and experimental package for bcrypt)
- Entire website compiles into a single binary (~10mb) (excluding env.json)
- Minimal dependencies (just standard library, postgres driver, and x/crypto for bcrypt)
<hr>
@ -41,7 +41,7 @@ fine with getting your hands dirty, but I plan on having it ready to go for more
1. Clone
2. Delete the git folder, so you can start tracking in your own repo
3. Run `go get` to install dependencies
4. Copy env_example.toml to env.toml and fill in the values
4. Copy env_example.json to env.json and fill in the values
5. Run `go run main.go` to start the server
6. Rename the occurences of "GoWeb" to your app name
7. Start building your app!
@ -59,7 +59,7 @@ fine with getting your hands dirty, but I plan on having it ready to go for more
### License and disclaimer 😤
- You are free to use this project under the terms of the MIT license. See LICENSE for more details.
- You and you alone are responsible for the security and everything else regarding your application.
- You are responsible for the security and everything else regarding your application.
- It is not required, but I ask that when you use this project you give me credit by linking to this repository.
- I also ask that when releasing self-hosted or other end-user applications that you release it under
the [GPLv3](https://www.gnu.org/licenses/gpl-3.0.html) license. This too is not required, but I would appreciate it.

View File

@ -17,8 +17,8 @@ type Scheduled struct {
}
type Task struct {
Interval time.Duration
Funcs []func(app *App)
Interval time.Duration
}
func RunScheduledTasks(app *App, poolSize int, stop <-chan struct{}) {
@ -27,13 +27,13 @@ func RunScheduledTasks(app *App, poolSize int, stop <-chan struct{}) {
}
tasks := []Task{
{Interval: time.Second, Funcs: app.ScheduledTasks.EverySecond},
{Interval: time.Minute, Funcs: app.ScheduledTasks.EveryMinute},
{Interval: time.Hour, Funcs: app.ScheduledTasks.EveryHour},
{Interval: 24 * time.Hour, Funcs: app.ScheduledTasks.EveryDay},
{Interval: 7 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryWeek},
{Interval: 30 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryMonth},
{Interval: 365 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryYear},
{Funcs: app.ScheduledTasks.EverySecond, Interval: time.Second},
{Funcs: app.ScheduledTasks.EveryMinute, Interval: time.Minute},
{Funcs: app.ScheduledTasks.EveryHour, Interval: time.Hour},
{Funcs: app.ScheduledTasks.EveryDay, Interval: 24 * time.Hour},
{Funcs: app.ScheduledTasks.EveryWeek, Interval: 7 * 24 * time.Hour},
{Funcs: app.ScheduledTasks.EveryMonth, Interval: 30 * 24 * time.Hour},
{Funcs: app.ScheduledTasks.EveryYear, Interval: 365 * 24 * time.Hour},
}
var wg sync.WaitGroup

View File

@ -1,44 +1,54 @@
package config
import (
"encoding/json"
"flag"
"github.com/BurntSushi/toml"
"log/slog"
"os"
)
type Configuration struct {
Db struct {
Ip string `toml:"DbIp"`
Port string `toml:"DbPort"`
Name string `toml:"DbName"`
User string `toml:"DbUser"`
Password string `toml:"DbPassword"`
AutoMigrate bool `toml:"DbAutoMigrate"`
Ip string `json:"DbIp"`
Port string `json:"DbPort"`
Name string `json:"DbName"`
User string `json:"DbUser"`
Password string `json:"DbPassword"`
AutoMigrate bool `json:"DbAutoMigrate"`
}
Listen struct {
Ip string `toml:"HttpIp"`
Port string `toml:"HttpPort"`
Ip string `json:"HttpIp"`
Port string `json:"HttpPort"`
}
Template struct {
BaseName string `toml:"BaseTemplateName"`
BaseName string `json:"BaseTemplateName"`
ContentPath string `json:"ContentPath"`
}
}
// LoadConfig loads and returns a configuration struct
func LoadConfig() Configuration {
c := flag.String("c", "env.toml", "Path to the toml configuration file")
c := flag.String("c", "env.json", "Path to the json configuration file")
flag.Parse()
file, err := os.ReadFile(*c)
file, err := os.Open(*c)
if err != nil {
panic("Unable to read TOML config file: " + err.Error())
panic("unable to open JSON config file: " + err.Error())
}
var Config Configuration
_, err = toml.Decode(string(file), &Config)
defer func(file *os.File) {
err := file.Close()
if err != nil {
panic("Unable to decode TOML config file: " + err.Error())
slog.Error("unable to close JSON config file: ", err)
}
}(file)
decoder := json.NewDecoder(file)
Config := Configuration{}
err = decoder.Decode(&Config)
if err != nil {
panic("unable to decode JSON config file: " + err.Error())
}
return Config

View File

@ -22,7 +22,7 @@ func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
Test: "Hello World!",
}
templating.RenderTemplate(g.App, w, "templates/pages/home.html", data)
templating.RenderTemplate(w, "templates/pages/home.html", data)
}
func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
@ -39,7 +39,7 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
CsrfToken: CsrfToken,
}
templating.RenderTemplate(g.App, w, "templates/pages/register.html", data)
templating.RenderTemplate(w, "templates/pages/register.html", data)
}
func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
@ -56,7 +56,7 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
CsrfToken: CsrfToken,
}
templating.RenderTemplate(g.App, w, "templates/pages/login.html", data)
templating.RenderTemplate(w, "templates/pages/login.html", data)
}
func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {

View File

@ -9,7 +9,8 @@ import (
"reflect"
)
// Migrate given a dummy object of any type, it will create a table with the same name as the type and create columns with the same name as the fields of the object
// Migrate given a dummy object of any type, it will create a table with the same name
// as the type and create columns with the same name as the fields of the object
func Migrate(app *app.App, anyStruct interface{}) error {
valueOfStruct := reflect.ValueOf(anyStruct)
typeOfStruct := valueOfStruct.Type()
@ -23,6 +24,10 @@ func Migrate(app *app.App, anyStruct interface{}) error {
for i := 0; i < valueOfStruct.NumField(); i++ {
fieldType := typeOfStruct.Field(i)
fieldName := fieldType.Name
// Create column if dummy for migration is NOT zero value
fieldValue := valueOfStruct.Field(i).Interface()
if !reflect.ValueOf(fieldValue).IsZero() {
if fieldName != "Id" && fieldName != "id" {
err := createColumn(app, tableName, fieldName, fieldType.Type.Name())
if err != nil {
@ -30,6 +35,7 @@ func Migrate(app *app.App, anyStruct interface{}) error {
}
}
}
}
return nil
}

18
env_example.json Normal file
View File

@ -0,0 +1,18 @@
{
"Db": {
"DbIp": "127.0.0.1",
"DbPort": "5432",
"DbName": "database",
"DbUser": "user",
"DbPassword": "password",
"DbAutoMigrate": true
},
"Listen": {
"HttpIp": "127.0.0.1",
"HttpPort": "8090"
},
"Template": {
"BaseTemplateName": "templates/base.html",
"ContentPath": "templates"
}
}

View File

@ -1,14 +0,0 @@
[Db]
DbIp = "127.0.0.1"
DbPort = "5432"
DbName = "test"
DbUser = "postgres"
DbPassword = "postgres"
DbAutoMigrate = true
[Listen]
HttpIp = "127.0.0.1"
HttpPort = "8090"
[Template]
BaseTemplateName = "templates/base.html"

6
go.mod
View File

@ -1,10 +1,8 @@
module GoWeb
go 1.21
go 1.22
require (
github.com/lib/pq v1.10.9
golang.org/x/crypto v0.13.0
golang.org/x/crypto v0.24.0
)
require github.com/BurntSushi/toml v1.3.2

6
go.sum
View File

@ -1,6 +1,4 @@
github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=

View File

@ -6,6 +6,7 @@ import (
"GoWeb/database"
"GoWeb/models"
"GoWeb/routes"
"GoWeb/templating"
"context"
"embed"
"errors"
@ -67,6 +68,13 @@ func main() {
routes.Get(&appLoaded)
routes.Post(&appLoaded)
// Prepare templates
err = templating.BuildPages(&appLoaded)
if err != nil {
slog.Error("error building templates: " + err.Error())
os.Exit(1)
}
// Start server
server := &http.Server{Addr: appLoaded.Config.Listen.Ip + ":" + appLoaded.Config.Listen.Port}
go func() {

View File

@ -62,7 +62,7 @@ func CreateSession(app *app.App, w http.ResponseWriter, userId int64, remember b
return session, nil
}
func GetSessionByAuthToken(app *app.App, authToken string) (Session, error) {
func SessionByAuthToken(app *app.App, authToken string) (Session, error) {
session := Session{}
err := app.Db.QueryRow(selectSessionByAuthToken, authToken).Scan(&session.Id, &session.UserId, &session.AuthToken, &session.RememberMe, &session.CreatedAt)

View File

@ -2,6 +2,8 @@ package models
import (
"GoWeb/app"
"crypto/sha256"
"encoding/hex"
"log/slog"
"net/http"
"time"
@ -27,23 +29,23 @@ const (
insertUser = "INSERT INTO " + userTable + " (" + userColumnsNoId + ") VALUES ($1, $2, $3, $4) RETURNING \"Id\""
)
// GetCurrentUser finds the currently logged-in user by session cookie
func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
// CurrentUser finds the currently logged-in user by session cookie
func CurrentUser(app *app.App, r *http.Request) (User, error) {
cookie, err := r.Cookie("session")
if err != nil {
return User{}, err
}
session, err := GetSessionByAuthToken(app, cookie.Value)
session, err := SessionByAuthToken(app, cookie.Value)
if err != nil {
return User{}, err
}
return GetUserById(app, session.UserId)
return UserById(app, session.UserId)
}
// GetUserById finds a User table row in the database by id and returns a struct representing this row
func GetUserById(app *app.App, id int64) (User, error) {
// UserById finds a User table row in the database by id and returns a struct representing this row
func UserById(app *app.App, id int64) (User, error) {
user := User{}
err := app.Db.QueryRow(selectUserById, id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
@ -54,8 +56,8 @@ func GetUserById(app *app.App, id int64) (User, error) {
return user, nil
}
// GetUserByUsername finds a User table row in the database by username and returns a struct representing this row
func GetUserByUsername(app *app.App, username string) (User, error) {
// UserByUsername finds a User table row in the database by username and returns a struct representing this row
func UserByUsername(app *app.App, username string) (User, error) {
user := User{}
err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt)
@ -68,7 +70,12 @@ func GetUserByUsername(app *app.App, username string) (User, error) {
// CreateUser creates a User table row in the database
func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
// Get sha256 hash of password then get bcrypt hash to store
hash256 := sha256.New()
hash256.Write([]byte(password))
hashSum := hash256.Sum(nil)
hashString := hex.EncodeToString(hashSum)
hash, err := bcrypt.GenerateFromPassword([]byte(hashString), bcrypt.DefaultCost)
if err != nil {
slog.Error("error hashing password: " + err.Error())
return User{}, err
@ -82,7 +89,7 @@ func CreateUser(app *app.App, username string, password string, createdAt time.T
return User{}, err
}
return GetUserById(app, lastInsertId)
return UserById(app, lastInsertId)
}
// AuthenticateUser validates the password for the specified user
@ -95,7 +102,12 @@ func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, pass
return Session{}, err
}
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
// Get sha256 hash of password then check bcrypt
hash256 := sha256.New()
hash256.Write([]byte(password))
hashSum := hash256.Sum(nil)
hashString := hex.EncodeToString(hashSum)
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(hashString))
if err != nil { // Failed to validate password, doesn't match
slog.Info("incorrect password:" + username)
return Session{}, err

View File

@ -3,7 +3,7 @@
<head>
<meta charset="UTF-8">
<title>SiteName - {{ template "pageTitle" }}</title>
<link rel="stylesheet" href="/static/css/style.css">
<link href="/static/css/style.css" rel="stylesheet">
</head>
<body>
{{ template "content" . }}

View File

@ -7,11 +7,11 @@
<input name="csrf_token" type="hidden" value="{{ .CsrfToken }}">
<label for="username">Username:</label><br>
<input id="username" name="username" type="text" placeholder="John"><br><br>
<input id="username" name="username" placeholder="John" type="text"><br><br>
<label for="password">Password:</label><br>
<input id="password" name="password" type="password"><br><br>
<label for="remember">Remember Me:</label>
<input id="remember" type="checkbox" name="remember"><br><br>
<input id="remember" name="remember" type="checkbox"><br><br>
<input type="submit" value="Submit">
</form>
</div>

View File

@ -7,7 +7,7 @@
<input name="csrf_token" type="hidden" value="{{ .CsrfToken }}">
<label for="username">Username:</label><br>
<input id="username" name="username" type="text" placeholder="John"><br><br>
<input id="username" name="username" placeholder="John" type="text"><br><br>
<label for="password">Password:</label><br>
<input id="password" name="password" type="password"><br><br>
<input type="submit" value="Submit">

View File

@ -2,45 +2,82 @@ package templating
import (
"GoWeb/app"
"fmt"
"html/template"
"io/fs"
"log/slog"
"net/http"
)
// RenderTemplate renders and serves a template from the embedded filesystem optionally with given data
func RenderTemplate(app *app.App, w http.ResponseWriter, contentPath string, data any) {
templatePath := app.Config.Template.BaseName
var templates = make(map[string]*template.Template) // This is only used here, does not need to be in app.App
templateContent, err := app.Res.ReadFile(templatePath)
func BuildPages(app *app.App) error {
basePath := app.Config.Template.BaseName
baseContent, err := app.Res.ReadFile(basePath)
if err != nil {
slog.Error(err.Error())
http.Error(w, err.Error(), 500)
return
return fmt.Errorf("error reading base file: %w", err)
}
t, err := template.New(templatePath).Parse(string(templateContent))
base, err := template.New(basePath).Parse(string(baseContent)) // Sets filepath as name and parses content
if err != nil {
slog.Error(err.Error())
http.Error(w, err.Error(), 500)
return
return fmt.Errorf("error parsing base file: %w", err)
}
readFilesRecursively := func(fsys fs.FS, root string) ([]string, error) {
var files []string
err := fs.WalkDir(fsys, root, func(path string, d fs.DirEntry, err error) error {
if err != nil {
return fmt.Errorf("error walking the path %q: %w", path, err)
}
if !d.IsDir() {
files = append(files, path)
}
return nil
})
return files, err
}
// Get all file paths in the directory tree
filePaths, err := readFilesRecursively(app.Res, app.Config.Template.ContentPath)
if err != nil {
return fmt.Errorf("error reading files recursively: %w", err)
}
for _, contentPath := range filePaths { // Create a new template base + content for each page
content, err := app.Res.ReadFile(contentPath)
if err != nil {
return fmt.Errorf("error reading content file %s: %w", contentPath, err)
}
t, err := base.Clone()
if err != nil {
return fmt.Errorf("error cloning base template: %w", err)
}
_, err = t.Parse(string(content))
if err != nil {
return fmt.Errorf("error parsing content: %w", err)
}
templates[contentPath] = t
}
return nil
}
func RenderTemplate(w http.ResponseWriter, contentPath string, data any) {
t, ok := templates[contentPath]
if !ok {
err := fmt.Errorf("template not found for path: %s", contentPath)
slog.Error(err.Error())
http.Error(w, err.Error(), 500)
http.Error(w, "Template not found", 404)
return
}
t, err = t.Parse(string(content))
if err != nil {
slog.Error(err.Error())
http.Error(w, err.Error(), 500)
return
}
err = t.Execute(w, data)
err := t.Execute(w, data) // Execute prebuilt template with dynamic data
if err != nil {
err = fmt.Errorf("error executing template: %w", err)
slog.Error(err.Error())
http.Error(w, err.Error(), 500)
return