Compare commits
	
		
			62 Commits
		
	
	
		
			v1.0.1
			...
			9670b7d717
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|   | 9670b7d717 | ||
|   | a1438f4fe2 | ||
|   | 052fa689c7 | ||
|   | f1fad7e4e3 | ||
|   | b475da66da | ||
|   | d0085ab2c3 | ||
|   | 58514f4c5f | ||
|   | 606f5df45a | ||
|   | 2a32a1b3ce | ||
|   | eb36156c52 | ||
|   | bada24884a | ||
|   | 05397c2b61 | ||
|   | 3d80b95f55 | ||
|   | 6da7d408f9 | ||
|   | e993bcf317 | ||
|   | 9b231a73d6 | ||
|   | 34acd0fa8d | ||
|   | 71d3bd77d0 | ||
|   | 1451abcca4 | ||
|   | 53a780343f | ||
|   | 8e4c5e3268 | ||
|   | f18f512fea | ||
|   | 58328fe505 | ||
|   | 10e7830349 | ||
|   | 5f7e674d32 | ||
|   | ec9c1a8fb5 | ||
|   | 242029f2e5 | ||
|   | b1c65f2ab1 | ||
|   | 965139ea18 | ||
|   | cf8aea5115 | ||
|   | c510646c84 | ||
|   | a4366c7395 | ||
|   | 073dfafb28 | ||
|   | 3fa5cf46d2 | ||
|   | bd8b015f44 | ||
|   | 5a1cd77676 | ||
|   | 012906eee2 | ||
|   | 2a705483d9 | ||
|   | be2c3ae178 | ||
|   | f32223f12c | ||
|   | eff740072d | ||
|   | 75d8996cf9 | ||
|   | ac2b5262fd | ||
|   | b9ac6fbd5f | ||
|   | baa8eb2b93 | ||
|   | 402c514970 | ||
|   | 89d1b96400 | ||
|   | 2b46385126 | ||
|   | 0a77813360 | ||
|   | f7eb852c66 | ||
|   | 5ae84c1995 | ||
|   | 3336bd0b3f | ||
|   | f2a7336283 | ||
|   | 204971d40a | ||
|   | fcd6477ec3 | ||
|   | bbbf14bdc7 | ||
|   | eb1c2daa6a | ||
|   | cb786a6a56 | ||
|   | b962bbdd88 | ||
|   | a2077131a7 | ||
|   | edccb95be3 | ||
|   | 9e4216301d | 
							
								
								
									
										1
									
								
								.gitattributes
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								.gitattributes
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1 @@ | |||||||
|  | * text=auto eol=lf | ||||||
							
								
								
									
										22
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										22
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,4 +1,26 @@ | |||||||
|  | # GoWeb specific | ||||||
| env.json | env.json | ||||||
| logs/ | logs/ | ||||||
| *.log | *.log | ||||||
|  |  | ||||||
|  | # Binaries for programs and plugins | ||||||
|  | *.exe | ||||||
|  | *.exe~ | ||||||
|  | *.dll | ||||||
|  | *.so | ||||||
|  | *.dylib | ||||||
|  |  | ||||||
|  | # Test binary, built with `go test -c` | ||||||
|  | *.test | ||||||
|  |  | ||||||
|  | # Output of the go coverage tool, specifically when used with LiteIDE | ||||||
|  | *.out | ||||||
|  |  | ||||||
|  | # Dependency directories | ||||||
|  | vendor/ | ||||||
|  |  | ||||||
|  | # Go workspace file | ||||||
|  | go.work | ||||||
|  |  | ||||||
|  | # IDE files | ||||||
| /.idea | /.idea | ||||||
							
								
								
									
										62
									
								
								README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										62
									
								
								README.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,62 @@ | |||||||
|  | # GoWeb 🌐 | ||||||
|  |  | ||||||
|  | GoWeb is a simple Go web framework that aims to only use the standard library. The overall file structure and | ||||||
|  | development flow is inspired by larger frameworks like Laravel. It is partially ready for smaller projects if you are | ||||||
|  | fine with getting your hands dirty, but I plan on having it ready to go for more serious projects when it hits version | ||||||
|  | 2.0. | ||||||
|  |  | ||||||
|  | <hr> | ||||||
|  |  | ||||||
|  | ## Current features 🚀 | ||||||
|  |  | ||||||
|  | - Routing/controllers | ||||||
|  | - Templating | ||||||
|  | - Simple database migration system | ||||||
|  | - Built in REST client | ||||||
|  | - CSRF protection | ||||||
|  | - Middleware | ||||||
|  | - Minimal user login/registration + sessions | ||||||
|  | - Config file handling | ||||||
|  | - Scheduled tasks | ||||||
|  | - Entire website compiles into a single binary (~10mb) (excluding env.json) | ||||||
|  | - Minimal dependencies (just standard library, postgres driver, and experimental package for bcrypt) | ||||||
|  |  | ||||||
|  | <hr> | ||||||
|  |  | ||||||
|  | ## When to use 🙂 | ||||||
|  |  | ||||||
|  | - You need to build a dynamic web application with persistent data | ||||||
|  | - You need to build a dynamic website using Go and need a good starting point | ||||||
|  | - You need to build an API in Go and don't know where to start | ||||||
|  | - Pretty much any use-case where you would use Laravel, Django, or Flask | ||||||
|  |  | ||||||
|  | ## When not to use 🙃 | ||||||
|  |  | ||||||
|  | - You need a static website (see [Hugo](https://gohugo.io/)) | ||||||
|  | - You need a simple blog (see [Hugo](https://gohugo.io/)) | ||||||
|  | - You need a simple site for your projects' documentation (see [Hugo](https://gohugo.io/)) | ||||||
|  |  | ||||||
|  | ## How to use 🤔 | ||||||
|  |  | ||||||
|  | 1. Clone | ||||||
|  | 2. Run `go get` to install dependencies | ||||||
|  | 3. Copy env_example.json to env.json and fill in the values | ||||||
|  | 4. Run `go run main.go` to start the server | ||||||
|  | 5. Start building your app! | ||||||
|  |  | ||||||
|  | ## How to contribute 👨💻 | ||||||
|  |  | ||||||
|  | - Open an issue on GitHub if you find a bug or have a feature request. | ||||||
|  | - [Email](mailto:contact@mpatterson.xyz) me a patch if you want to contribute code. | ||||||
|  |     - Please include a good description of what the patch does and why it is needed, also include how you want to be | ||||||
|  |       credited in the commit message. | ||||||
|  |  | ||||||
|  | <hr> | ||||||
|  |  | ||||||
|  | ### License and disclaimer 😤 | ||||||
|  |  | ||||||
|  | - You are free to use this project under the terms of the MIT license. See LICENSE for more details. | ||||||
|  | - You and you alone are responsible for the security and everything else regarding your application. | ||||||
|  | - It is not required, but I ask that when you use this project you give me credit by linking to this repository. | ||||||
|  | - I also ask that when releasing self-hosted or other end-user applications that you release it under | ||||||
|  |   the [GPLv3](https://www.gnu.org/licenses/gpl-3.0.html) license. This too is not required, but I would appreciate it. | ||||||
| @@ -11,4 +11,5 @@ type App struct { | |||||||
| 	Config         config.Configuration // Configuration file | 	Config         config.Configuration // Configuration file | ||||||
| 	Db             *sql.DB              // Database connection | 	Db             *sql.DB              // Database connection | ||||||
| 	Res            *embed.FS            // Resources from the embedded filesystem | 	Res            *embed.FS            // Resources from the embedded filesystem | ||||||
|  | 	ScheduledTasks Scheduled            // Scheduled contains a struct of all scheduled functions | ||||||
| } | } | ||||||
|   | |||||||
							
								
								
									
										71
									
								
								app/schedule.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										71
									
								
								app/schedule.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,71 @@ | |||||||
|  | package app | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"sync" | ||||||
|  | 	"time" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | type Scheduled struct { | ||||||
|  | 	EveryReboot []func(app *App) | ||||||
|  | 	EverySecond []func(app *App) | ||||||
|  | 	EveryMinute []func(app *App) | ||||||
|  | 	EveryHour   []func(app *App) | ||||||
|  | 	EveryDay    []func(app *App) | ||||||
|  | 	EveryWeek   []func(app *App) | ||||||
|  | 	EveryMonth  []func(app *App) | ||||||
|  | 	EveryYear   []func(app *App) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | type Task struct { | ||||||
|  | 	Interval time.Duration | ||||||
|  | 	Funcs    []func(app *App) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func RunScheduledTasks(app *App, poolSize int, stop <-chan struct{}) { | ||||||
|  | 	for _, f := range app.ScheduledTasks.EveryReboot { | ||||||
|  | 		f(app) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	tasks := []Task{ | ||||||
|  | 		{Interval: time.Second, Funcs: app.ScheduledTasks.EverySecond}, | ||||||
|  | 		{Interval: time.Minute, Funcs: app.ScheduledTasks.EveryMinute}, | ||||||
|  | 		{Interval: time.Hour, Funcs: app.ScheduledTasks.EveryHour}, | ||||||
|  | 		{Interval: 24 * time.Hour, Funcs: app.ScheduledTasks.EveryDay}, | ||||||
|  | 		{Interval: 7 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryWeek}, | ||||||
|  | 		{Interval: 30 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryMonth}, | ||||||
|  | 		{Interval: 365 * 24 * time.Hour, Funcs: app.ScheduledTasks.EveryYear}, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	var wg sync.WaitGroup | ||||||
|  | 	runners := make([]chan bool, len(tasks)) | ||||||
|  | 	for i, task := range tasks { | ||||||
|  | 		runner := make(chan bool, poolSize) | ||||||
|  | 		runners[i] = runner | ||||||
|  | 		wg.Add(1) | ||||||
|  | 		go func(task Task, runner chan bool) { | ||||||
|  | 			defer wg.Done() | ||||||
|  | 			ticker := time.NewTicker(task.Interval) | ||||||
|  | 			defer ticker.Stop() | ||||||
|  | 			for { | ||||||
|  | 				select { | ||||||
|  | 				case <-ticker.C: | ||||||
|  | 					for _, f := range task.Funcs { | ||||||
|  | 						runner <- true | ||||||
|  | 						go func(f func(app *App)) { | ||||||
|  | 							defer func() { <-runner }() | ||||||
|  | 							f(app) | ||||||
|  | 						}(f) | ||||||
|  | 					} | ||||||
|  | 				case <-stop: | ||||||
|  | 					return | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		}(task, runner) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	wg.Wait() | ||||||
|  |  | ||||||
|  | 	for _, runner := range runners { | ||||||
|  | 		close(runner) | ||||||
|  | 	} | ||||||
|  | } | ||||||
| @@ -14,6 +14,7 @@ type Configuration struct { | |||||||
| 		Name        string `json:"DbName"` | 		Name        string `json:"DbName"` | ||||||
| 		User        string `json:"DbUser"` | 		User        string `json:"DbUser"` | ||||||
| 		Password    string `json:"DbPassword"` | 		Password    string `json:"DbPassword"` | ||||||
|  | 		AutoMigrate bool   `json:"DbAutoMigrate"` | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	Listen struct { | 	Listen struct { | ||||||
| @@ -42,7 +43,6 @@ func LoadConfig() Configuration { | |||||||
| 		} | 		} | ||||||
| 	}(file) | 	}(file) | ||||||
|  |  | ||||||
| 	// Decode json config file to Configuration struct named config |  | ||||||
| 	decoder := json.NewDecoder(file) | 	decoder := json.NewDecoder(file) | ||||||
| 	Config := Configuration{} | 	Config := Configuration{} | ||||||
| 	err = decoder.Decode(&Config) | 	err = decoder.Decode(&Config) | ||||||
|   | |||||||
							
								
								
									
										65
									
								
								controllers/get.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										65
									
								
								controllers/get.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,65 @@ | |||||||
|  | package controllers | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"GoWeb/models" | ||||||
|  | 	"GoWeb/security" | ||||||
|  | 	"GoWeb/templating" | ||||||
|  | 	"net/http" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // Get is a wrapper struct for the App struct | ||||||
|  | type Get struct { | ||||||
|  | 	App *app.App | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) { | ||||||
|  | 	type dataStruct struct { | ||||||
|  | 		Test string | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	data := dataStruct{ | ||||||
|  | 		Test: "Hello World!", | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	templating.RenderTemplate(g.App, w, "templates/pages/home.html", data) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	type dataStruct struct { | ||||||
|  | 		CsrfToken string | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	CsrfToken, err := security.GenerateCsrfToken(w, r) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	data := dataStruct{ | ||||||
|  | 		CsrfToken: CsrfToken, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	templating.RenderTemplate(g.App, w, "templates/pages/register.html", data) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	type dataStruct struct { | ||||||
|  | 		CsrfToken string | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	CsrfToken, err := security.GenerateCsrfToken(w, r) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	data := dataStruct{ | ||||||
|  | 		CsrfToken: CsrfToken, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	templating.RenderTemplate(g.App, w, "templates/pages/login.html", data) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func (g *Get) Logout(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	models.LogoutUser(g.App, w, r) | ||||||
|  | 	http.Redirect(w, r, "/", http.StatusFound) | ||||||
|  | } | ||||||
| @@ -1,67 +0,0 @@ | |||||||
| package controllers |  | ||||||
|  |  | ||||||
| import ( |  | ||||||
| 	"GoWeb/app" |  | ||||||
| 	"GoWeb/database/models" |  | ||||||
| 	"GoWeb/security" |  | ||||||
| 	"GoWeb/templating" |  | ||||||
| 	"net/http" |  | ||||||
| ) |  | ||||||
|  |  | ||||||
| // GetController is a wrapper struct for the App struct |  | ||||||
| type GetController struct { |  | ||||||
| 	App *app.App |  | ||||||
| } |  | ||||||
|  |  | ||||||
| func (getController *GetController) ShowHome(w http.ResponseWriter, _ *http.Request) { |  | ||||||
| 	type dataStruct struct { |  | ||||||
| 		Test string |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	data := dataStruct{ |  | ||||||
| 		Test: "Hello World!", |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	templating.RenderTemplate(getController.App, w, "templates/pages/home.html", data) |  | ||||||
| } |  | ||||||
|  |  | ||||||
| func (getController *GetController) ShowRegister(w http.ResponseWriter, r *http.Request) { |  | ||||||
| 	type dataStruct struct { |  | ||||||
| 		CsrfToken string |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Create csrf token |  | ||||||
| 	CsrfToken, err := security.GenerateCsrfToken(w, r) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	data := dataStruct{ |  | ||||||
| 		CsrfToken: CsrfToken, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	templating.RenderTemplate(getController.App, w, "templates/pages/register.html", data) |  | ||||||
| } |  | ||||||
|  |  | ||||||
| func (getController *GetController) ShowLogin(w http.ResponseWriter, r *http.Request) { |  | ||||||
| 	type dataStruct struct { |  | ||||||
| 		CsrfToken string |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Create csrf token |  | ||||||
| 	CsrfToken, err := security.GenerateCsrfToken(w, r) |  | ||||||
| 	if err != nil { |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	data := dataStruct{ |  | ||||||
| 		CsrfToken: CsrfToken, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	templating.RenderTemplate(getController.App, w, "templates/pages/login.html", data) |  | ||||||
| } |  | ||||||
|  |  | ||||||
| func (getController *GetController) Logout(w http.ResponseWriter, r *http.Request) { |  | ||||||
| 	models.LogoutUser(getController.App, w, r) |  | ||||||
| 	http.Redirect(w, r, "/", http.StatusFound) |  | ||||||
| } |  | ||||||
| @@ -2,35 +2,28 @@ package controllers | |||||||
| 
 | 
 | ||||||
| import ( | import ( | ||||||
| 	"GoWeb/app" | 	"GoWeb/app" | ||||||
| 	"GoWeb/database/models" | 	"GoWeb/models" | ||||||
| 	"GoWeb/security" |  | ||||||
| 	"log" | 	"log" | ||||||
| 	"net/http" | 	"net/http" | ||||||
| 	"time" | 	"time" | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| // PostController is a wrapper struct for the App struct | // Post is a wrapper struct for the App struct | ||||||
| type PostController struct { | type Post struct { | ||||||
| 	App *app.App | 	App *app.App | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func (postController *PostController) Login(w http.ResponseWriter, r *http.Request) { | func (p *Post) Login(w http.ResponseWriter, r *http.Request) { | ||||||
| 	// Validate csrf token |  | ||||||
| 	_, err := security.VerifyCsrfToken(r) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error verifying csrf token") |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	username := r.FormValue("username") | 	username := r.FormValue("username") | ||||||
| 	password := r.FormValue("password") | 	password := r.FormValue("password") | ||||||
|  | 	remember := r.FormValue("remember") == "on" | ||||||
| 
 | 
 | ||||||
| 	if username == "" || password == "" { | 	if username == "" || password == "" { | ||||||
| 		log.Println("Tried to login user with empty username or password") | 		log.Println("Tried to login user with empty username or password") | ||||||
| 		http.Redirect(w, r, "/login", http.StatusFound) | 		http.Redirect(w, r, "/login", http.StatusFound) | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	_, err = models.AuthenticateUser(postController.App, w, username, password) | 	_, err := models.AuthenticateUser(p.App, w, username, password, remember) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		log.Println("Error authenticating user") | 		log.Println("Error authenticating user") | ||||||
| 		log.Println(err) | 		log.Println(err) | ||||||
| @@ -41,14 +34,7 @@ func (postController *PostController) Login(w http.ResponseWriter, r *http.Reque | |||||||
| 	http.Redirect(w, r, "/", http.StatusFound) | 	http.Redirect(w, r, "/", http.StatusFound) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func (postController *PostController) Register(w http.ResponseWriter, r *http.Request) { | func (p *Post) Register(w http.ResponseWriter, r *http.Request) { | ||||||
| 	// Validate csrf token |  | ||||||
| 	_, err := security.VerifyCsrfToken(r) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error verifying csrf token") |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	username := r.FormValue("username") | 	username := r.FormValue("username") | ||||||
| 	password := r.FormValue("password") | 	password := r.FormValue("password") | ||||||
| 	createdAt := time.Now() | 	createdAt := time.Now() | ||||||
| @@ -59,7 +45,7 @@ func (postController *PostController) Register(w http.ResponseWriter, r *http.Re | |||||||
| 		http.Redirect(w, r, "/register", http.StatusFound) | 		http.Redirect(w, r, "/register", http.StatusFound) | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	_, err = models.CreateUser(postController.App, username, password, createdAt, updatedAt) | 	_, err := models.CreateUser(p.App, username, password, createdAt, updatedAt) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		log.Println("Error creating user") | 		log.Println("Error creating user") | ||||||
| 		log.Println(err) | 		log.Println(err) | ||||||
| @@ -4,13 +4,12 @@ import ( | |||||||
| 	"GoWeb/app" | 	"GoWeb/app" | ||||||
| 	"database/sql" | 	"database/sql" | ||||||
| 	"fmt" | 	"fmt" | ||||||
| 	"log" |  | ||||||
| 
 |  | ||||||
| 	_ "github.com/lib/pq" | 	_ "github.com/lib/pq" | ||||||
|  | 	"log" | ||||||
| ) | ) | ||||||
| 
 | 
 | ||||||
| // ConnectDB returns a new database connection | // Connect returns a new database connection | ||||||
| func ConnectDB(app *app.App) *sql.DB { | func Connect(app *app.App) *sql.DB { | ||||||
| 	// Set connection parameters from config | 	// Set connection parameters from config | ||||||
| 	postgresConfig := fmt.Sprintf("host=%s port=%s user=%s "+ | 	postgresConfig := fmt.Sprintf("host=%s port=%s user=%s "+ | ||||||
| 		"password=%s dbname=%s sslmode=disable", | 		"password=%s dbname=%s sslmode=disable", | ||||||
							
								
								
									
										119
									
								
								database/migrate.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										119
									
								
								database/migrate.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,119 @@ | |||||||
|  | package database | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"errors" | ||||||
|  | 	"fmt" | ||||||
|  | 	"github.com/lib/pq" | ||||||
|  | 	"log" | ||||||
|  | 	"reflect" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // Migrate given a dummy object of any type, it will create a table with the same name as the type and create columns with the same name as the fields of the object | ||||||
|  | func Migrate(app *app.App, anyStruct interface{}) error { | ||||||
|  | 	valueOfStruct := reflect.ValueOf(anyStruct) | ||||||
|  | 	typeOfStruct := valueOfStruct.Type() | ||||||
|  |  | ||||||
|  | 	tableName := typeOfStruct.Name() | ||||||
|  | 	err := createTable(app, tableName) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	for i := 0; i < valueOfStruct.NumField(); i++ { | ||||||
|  | 		fieldType := typeOfStruct.Field(i) | ||||||
|  | 		fieldName := fieldType.Name | ||||||
|  | 		if fieldName != "Id" && fieldName != "id" { | ||||||
|  | 			err := createColumn(app, tableName, fieldName, fieldType.Type.Name()) | ||||||
|  | 			if err != nil { | ||||||
|  | 				return err | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // createTable creates a table with the given name if it doesn't exist, it is assumed that id will be the primary key | ||||||
|  | func createTable(app *app.App, tableName string) error { | ||||||
|  | 	var tableExists bool | ||||||
|  | 	err := app.Db.QueryRow("SELECT EXISTS (SELECT 1 FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE c.relname ~ $1 AND pg_catalog.pg_table_is_visible(c.oid))", "^"+tableName+"$").Scan(&tableExists) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error checking if table exists: " + tableName) | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	if tableExists { | ||||||
|  | 		log.Println("Table already exists: " + tableName) | ||||||
|  | 		return nil | ||||||
|  | 	} else { | ||||||
|  | 		sanitizedTableQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS \"%s\" (\"Id\" serial primary key)", tableName) | ||||||
|  |  | ||||||
|  | 		_, err := app.Db.Query(sanitizedTableQuery) | ||||||
|  | 		if err != nil { | ||||||
|  | 			log.Println("Error creating table: " + tableName) | ||||||
|  | 			return err | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		log.Println("Table created successfully: " + tableName) | ||||||
|  | 		return nil | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // createColumn creates a column with the given name and type if it doesn't exist | ||||||
|  | func createColumn(app *app.App, tableName, columnName, columnType string) error { | ||||||
|  | 	var columnExists bool | ||||||
|  | 	err := app.Db.QueryRow("SELECT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_name = $1 AND column_name = $2)", tableName, columnName).Scan(&columnExists) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error checking if column exists: " + columnName + " in table: " + tableName) | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	if columnExists { | ||||||
|  | 		log.Println("Column already exists: " + columnName + " in table: " + tableName) | ||||||
|  | 		return nil | ||||||
|  | 	} else { | ||||||
|  | 		postgresType, err := getPostgresType(columnType) | ||||||
|  | 		if err != nil { | ||||||
|  | 			log.Println("Error creating column: " + columnName + " in table: " + tableName + " with type: " + postgresType) | ||||||
|  | 			return err | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		sanitizedTableName := pq.QuoteIdentifier(tableName) | ||||||
|  | 		query := fmt.Sprintf("ALTER TABLE %s ADD COLUMN IF NOT EXISTS \"%s\" %s", sanitizedTableName, columnName, postgresType) | ||||||
|  |  | ||||||
|  | 		_, err = app.Db.Query(query) | ||||||
|  | 		if err != nil { | ||||||
|  | 			log.Println("Error creating column: " + columnName + " in table: " + tableName + " with type: " + postgresType) | ||||||
|  | 			return err | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		log.Println("Column created successfully:", columnName) | ||||||
|  |  | ||||||
|  | 		return nil | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // Given a type in Go, return the corresponding type in Postgres | ||||||
|  | func getPostgresType(goType string) (string, error) { | ||||||
|  | 	switch goType { | ||||||
|  | 	case "int", "int32", "uint", "uint32": | ||||||
|  | 		return "integer", nil | ||||||
|  | 	case "int64", "uint64": | ||||||
|  | 		return "bigint", nil | ||||||
|  | 	case "int16", "int8", "uint16", "uint8", "byte": | ||||||
|  | 		return "smallint", nil | ||||||
|  | 	case "string": | ||||||
|  | 		return "text", nil | ||||||
|  | 	case "float64": | ||||||
|  | 		return "double precision", nil | ||||||
|  | 	case "bool": | ||||||
|  | 		return "boolean", nil | ||||||
|  | 	case "Time": | ||||||
|  | 		return "timestamp", nil | ||||||
|  | 	case "[]byte": | ||||||
|  | 		return "bytea", nil | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return "", errors.New("Unknown type: " + goType) | ||||||
|  | } | ||||||
| @@ -1,224 +0,0 @@ | |||||||
| package models |  | ||||||
|  |  | ||||||
| import ( |  | ||||||
| 	"GoWeb/app" |  | ||||||
| 	"crypto/rand" |  | ||||||
| 	"database/sql" |  | ||||||
| 	"encoding/hex" |  | ||||||
| 	"log" |  | ||||||
| 	"math" |  | ||||||
| 	"net/http" |  | ||||||
| 	"strconv" |  | ||||||
| 	"time" |  | ||||||
|  |  | ||||||
| 	"golang.org/x/crypto/bcrypt" |  | ||||||
| ) |  | ||||||
|  |  | ||||||
| type User struct { |  | ||||||
| 	Id        int64 |  | ||||||
| 	Username  string |  | ||||||
| 	Password  string |  | ||||||
| 	CreatedAt string |  | ||||||
| 	UpdatedAt string |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // GetCurrentUser finds the currently logged-in user by session cookie |  | ||||||
| func GetCurrentUser(app *app.App, r *http.Request) (User, error) { |  | ||||||
| 	cookie, err := r.Cookie("session") |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error getting session cookie") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	var userId int64 |  | ||||||
|  |  | ||||||
| 	// Query row by session cookie |  | ||||||
| 	err = app.Db.QueryRow("SELECT user_id FROM sessions WHERE session = $1", cookie.Value).Scan(&userId) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error querying session row with session: " + cookie.Value) |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	return GetUserById(app, userId) |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // GetUserById finds a users table row in the database by id and returns a struct representing this row |  | ||||||
| func GetUserById(app *app.App, id int64) (User, error) { |  | ||||||
| 	user := User{} |  | ||||||
|  |  | ||||||
| 	// Query row by id |  | ||||||
| 	row, err := app.Db.Query("SELECT id, username, password, created_at, updated_at FROM users WHERE id = $1", id) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error querying user row with id: " + strconv.FormatInt(id, 10)) |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	defer func(row *sql.Rows) { |  | ||||||
| 		err := row.Close() |  | ||||||
| 		if err != nil { |  | ||||||
| 			log.Println("Error closing database row") |  | ||||||
| 			log.Println(err) |  | ||||||
| 		} |  | ||||||
| 	}(row) |  | ||||||
|  |  | ||||||
| 	// Feed row data into user struct |  | ||||||
| 	row.Next() |  | ||||||
| 	err = row.Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error reading queried row from database") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	return user, nil |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // CreateUser creates a users table row in the database |  | ||||||
| func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) { |  | ||||||
| 	// Hash password |  | ||||||
| 	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error hashing password when creating user") |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	var lastInsertId int64 |  | ||||||
|  |  | ||||||
| 	sqlStatement := "INSERT INTO users (username, password, created_at, updated_at) VALUES ($1, $2, $3, $4) RETURNING id" |  | ||||||
| 	err = app.Db.QueryRow(sqlStatement, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error creating user row") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return User{}, err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	return GetUserById(app, lastInsertId) |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // AuthenticateUser validates the password for the specified user if it matches a session cookie is created and returned |  | ||||||
| func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, password string) (string, error) { |  | ||||||
| 	var hashedPassword []byte |  | ||||||
|  |  | ||||||
| 	// Query row by username, scan password column |  | ||||||
| 	err := app.Db.QueryRow("SELECT password FROM users WHERE username = $1", username).Scan(&hashedPassword) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Unable to find row with username: " + username) |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Validate password |  | ||||||
| 	err = bcrypt.CompareHashAndPassword(hashedPassword, []byte(password)) |  | ||||||
| 	if err != nil { // Failed to validate password, doesn't match |  | ||||||
| 		log.Println("Authentication error (incorrect password) for user:" + username) |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} else { |  | ||||||
| 		return createSessionCookie(app, w, username) |  | ||||||
| 	} |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // createSessionCookie creates a new session token and cookie and returns the token value |  | ||||||
| func createSessionCookie(app *app.App, w http.ResponseWriter, username string) (string, error) { |  | ||||||
| 	// Generate random 64 character string (alpha-numeric) |  | ||||||
| 	buff := make([]byte, int(math.Ceil(float64(64)/2))) |  | ||||||
| 	_, err := rand.Read(buff) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error creating random buffer for session token value") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
| 	str := hex.EncodeToString(buff) |  | ||||||
| 	token := str[:64] |  | ||||||
|  |  | ||||||
| 	// If the auth_token column for any user matches the token, set existingAuthToken to true |  | ||||||
| 	var existingAuthToken bool |  | ||||||
| 	err = app.Db.QueryRow("SELECT EXISTS(SELECT 1 FROM users WHERE auth_token = $1)", token).Scan(&existingAuthToken) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error checking for existing auth token") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// If duplicate token found, recursively call function until unique token is generated |  | ||||||
| 	if existingAuthToken == true { |  | ||||||
| 		log.Println("Duplicate token found in sessions table") |  | ||||||
| 		return createSessionCookie(app, w, username) |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Store token in auth_token column of the users table |  | ||||||
| 	sqlStatement := "UPDATE users SET auth_token = $1 WHERE username = $2" |  | ||||||
| 	_, err = app.Db.Exec(sqlStatement, token, username) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error setting auth_token column in users table") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Create session cookie, containing token |  | ||||||
| 	cookie := &http.Cookie{ |  | ||||||
| 		Name:     "session", |  | ||||||
| 		Value:    token, |  | ||||||
| 		Path:     "/", |  | ||||||
| 		MaxAge:   86400, |  | ||||||
| 		HttpOnly: true, |  | ||||||
| 		Secure:   true, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	http.SetCookie(w, cookie) |  | ||||||
|  |  | ||||||
| 	return token, nil |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // ValidateSessionCookie validates the session cookie and returns the username of the user if valid |  | ||||||
| func ValidateSessionCookie(app *app.App, r *http.Request) (string, error) { |  | ||||||
| 	// Get cookie from request |  | ||||||
| 	cookie, err := r.Cookie("session") |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error getting cookie from request") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Query row by token |  | ||||||
| 	var username string |  | ||||||
| 	err = app.Db.QueryRow("SELECT username FROM users WHERE auth_token = $1", cookie.Value).Scan(&username) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error querying row by token") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return "", err |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	return username, nil |  | ||||||
| } |  | ||||||
|  |  | ||||||
| // LogoutUser deletes the session cookie and token from the database |  | ||||||
| func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) { |  | ||||||
| 	// Get cookie from request |  | ||||||
| 	cookie, err := r.Cookie("session") |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error getting cookie from request") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Set token to empty string |  | ||||||
| 	sqlStatement := "UPDATE users SET auth_token = $1 WHERE auth_token = $2" |  | ||||||
| 	_, err = app.Db.Exec(sqlStatement, "", cookie.Value) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println("Error setting auth_token column in users table") |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Delete cookie |  | ||||||
| 	cookie = &http.Cookie{ |  | ||||||
| 		Name:   "session", |  | ||||||
| 		Value:  "", |  | ||||||
| 		Path:   "/", |  | ||||||
| 		MaxAge: -1, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	http.SetCookie(w, cookie) |  | ||||||
| } |  | ||||||
| @@ -4,7 +4,8 @@ | |||||||
|     "DbPort": "5432", |     "DbPort": "5432", | ||||||
|     "DbName": "database", |     "DbName": "database", | ||||||
|     "DbUser": "user", |     "DbUser": "user", | ||||||
|     "DbPassword": "password" |     "DbPassword": "password", | ||||||
|  |     "DbAutoMigrate": true | ||||||
|   }, |   }, | ||||||
|   "Listen": { |   "Listen": { | ||||||
|     "HttpIp": "127.0.0.1", |     "HttpIp": "127.0.0.1", | ||||||
|   | |||||||
							
								
								
									
										4
									
								
								go.mod
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								go.mod
									
									
									
									
									
								
							| @@ -3,6 +3,6 @@ module GoWeb | |||||||
| go 1.20 | go 1.20 | ||||||
|  |  | ||||||
| require ( | require ( | ||||||
| 	github.com/lib/pq v1.10.7 | 	github.com/lib/pq v1.10.9 | ||||||
| 	golang.org/x/crypto v0.1.0 | 	golang.org/x/crypto v0.11.0 | ||||||
| ) | ) | ||||||
|   | |||||||
							
								
								
									
										8
									
								
								go.sum
									
									
									
									
									
								
							
							
						
						
									
										8
									
								
								go.sum
									
									
									
									
									
								
							| @@ -1,4 +1,4 @@ | |||||||
| github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw= | github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= | ||||||
| github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= | github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= | ||||||
| golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= | golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= | ||||||
| golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= | golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= | ||||||
|   | |||||||
							
								
								
									
										57
									
								
								main.go
									
									
									
									
									
								
							
							
						
						
									
										57
									
								
								main.go
									
									
									
									
									
								
							| @@ -4,11 +4,15 @@ import ( | |||||||
| 	"GoWeb/app" | 	"GoWeb/app" | ||||||
| 	"GoWeb/config" | 	"GoWeb/config" | ||||||
| 	"GoWeb/database" | 	"GoWeb/database" | ||||||
|  | 	"GoWeb/models" | ||||||
| 	"GoWeb/routes" | 	"GoWeb/routes" | ||||||
|  | 	"context" | ||||||
| 	"embed" | 	"embed" | ||||||
| 	"log" | 	"log" | ||||||
| 	"net/http" | 	"net/http" | ||||||
| 	"os" | 	"os" | ||||||
|  | 	"os/signal" | ||||||
|  | 	"syscall" | ||||||
| 	"time" | 	"time" | ||||||
| ) | ) | ||||||
|  |  | ||||||
| @@ -29,7 +33,9 @@ func main() { | |||||||
| 	if _, err := os.Stat("logs"); os.IsNotExist(err) { | 	if _, err := os.Stat("logs"); os.IsNotExist(err) { | ||||||
| 		err := os.Mkdir("logs", 0755) | 		err := os.Mkdir("logs", 0755) | ||||||
| 		if err != nil { | 		if err != nil { | ||||||
| 			panic("Failed to create log directory") | 			log.Println("Failed to create log directory") | ||||||
|  | 			log.Println(err) | ||||||
|  | 			return | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| @@ -37,18 +43,47 @@ func main() { | |||||||
| 	file, err := os.OpenFile("logs/"+time.Now().Format("2006-01-02")+".log", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666) | 	file, err := os.OpenFile("logs/"+time.Now().Format("2006-01-02")+".log", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666) | ||||||
| 	log.SetOutput(file) | 	log.SetOutput(file) | ||||||
|  |  | ||||||
| 	// Connect to database | 	// Connect to database and run migrations | ||||||
| 	appLoaded.Db = database.ConnectDB(&appLoaded) | 	appLoaded.Db = database.Connect(&appLoaded) | ||||||
|  | 	if appLoaded.Config.Db.AutoMigrate { | ||||||
| 	// Define Routes | 		err = models.RunAllMigrations(&appLoaded) | ||||||
| 	routes.GetRoutes(&appLoaded) |  | ||||||
| 	routes.PostRoutes(&appLoaded) |  | ||||||
|  |  | ||||||
| 	// Start server |  | ||||||
| 	log.Println("Starting server and listening on " + appLoaded.Config.Listen.Ip + ":" + appLoaded.Config.Listen.Port) |  | ||||||
| 	err = http.ListenAndServe(appLoaded.Config.Listen.Ip+":"+appLoaded.Config.Listen.Port, nil) |  | ||||||
| 		if err != nil { | 		if err != nil { | ||||||
| 			log.Println(err) | 			log.Println(err) | ||||||
| 			return | 			return | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	// Assign and run scheduled tasks | ||||||
|  | 	appLoaded.ScheduledTasks = app.Scheduled{ | ||||||
|  | 		EveryReboot: []func(app *app.App){models.ScheduledSessionCleanup}, | ||||||
|  | 		EveryMinute: []func(app *app.App){models.ScheduledSessionCleanup}, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Define Routes | ||||||
|  | 	routes.Get(&appLoaded) | ||||||
|  | 	routes.Post(&appLoaded) | ||||||
|  |  | ||||||
|  | 	// Start server | ||||||
|  | 	server := &http.Server{Addr: appLoaded.Config.Listen.Ip + ":" + appLoaded.Config.Listen.Port} | ||||||
|  | 	go func() { | ||||||
|  | 		log.Println("Starting server and listening on " + appLoaded.Config.Listen.Ip + ":" + appLoaded.Config.Listen.Port) | ||||||
|  | 		err := server.ListenAndServe() | ||||||
|  | 		if err != nil && err != http.ErrServerClosed { | ||||||
|  | 			log.Fatalf("Could not listen on %s: %v\n", appLoaded.Config.Listen.Ip+":"+appLoaded.Config.Listen.Port, err) | ||||||
|  | 		} | ||||||
|  | 	}() | ||||||
|  |  | ||||||
|  | 	// Wait for interrupt signal and shut down the server | ||||||
|  | 	interrupt := make(chan os.Signal, 1) | ||||||
|  | 	signal.Notify(interrupt, os.Interrupt, syscall.SIGTERM) | ||||||
|  | 	stop := make(chan struct{}) | ||||||
|  | 	go app.RunScheduledTasks(&appLoaded, 100, stop) | ||||||
|  |  | ||||||
|  | 	<-interrupt | ||||||
|  | 	log.Println("Interrupt signal received. Shutting down server...") | ||||||
|  |  | ||||||
|  | 	err = server.Shutdown(context.Background()) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Fatalf("Could not gracefully shutdown the server: %v\n", err) | ||||||
|  | 	} | ||||||
|  | } | ||||||
|   | |||||||
							
								
								
									
										21
									
								
								middleware/csrf.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								middleware/csrf.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | |||||||
|  | package middleware | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/security" | ||||||
|  | 	"log" | ||||||
|  | 	"net/http" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // Csrf validates the CSRF token and returns the handler function if it succeded | ||||||
|  | func Csrf(f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	return func(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 		_, err := security.VerifyCsrfToken(r) | ||||||
|  | 		if err != nil { | ||||||
|  | 			log.Println("Error verifying csrf token") | ||||||
|  | 			http.Error(w, "Forbidden", http.StatusForbidden) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		f(w, r) | ||||||
|  | 	} | ||||||
|  | } | ||||||
							
								
								
									
										5
									
								
								middleware/groups.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								middleware/groups.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,5 @@ | |||||||
|  | package middleware | ||||||
|  |  | ||||||
|  | import "net/http" | ||||||
|  |  | ||||||
|  | type MiddlewareFunc func(f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) | ||||||
							
								
								
									
										14
									
								
								middleware/wrapper.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								middleware/wrapper.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | |||||||
|  | package middleware | ||||||
|  |  | ||||||
|  | import "net/http" | ||||||
|  |  | ||||||
|  | // ProcessGroup is a wrapper function for the http.HandleFunc function | ||||||
|  | // that takes the function you want to execute (f) and the middleware you want | ||||||
|  | // to execute (m) this should be used when processing multiple groups of middleware at a time | ||||||
|  | func ProcessGroup(f func(w http.ResponseWriter, r *http.Request), m []MiddlewareFunc) func(w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	for _, middleware := range m { | ||||||
|  | 		_ = middleware(f) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return f | ||||||
|  | } | ||||||
							
								
								
									
										37
									
								
								models/migrations.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										37
									
								
								models/migrations.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,37 @@ | |||||||
|  | package models | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"GoWeb/database" | ||||||
|  | 	"time" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // RunAllMigrations defines the structs that should be represented in the database | ||||||
|  | func RunAllMigrations(app *app.App) error { | ||||||
|  | 	// Declare new dummy user for reflection | ||||||
|  | 	user := User{ | ||||||
|  | 		Id:        1, // Id is handled automatically, but it is added here to show it will be skipped during column creation | ||||||
|  | 		Username:  "migrate", | ||||||
|  | 		Password:  "migrate", | ||||||
|  | 		CreatedAt: time.Now(), | ||||||
|  | 		UpdatedAt: time.Now(), | ||||||
|  | 	} | ||||||
|  | 	err := database.Migrate(app, user) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	session := Session{ | ||||||
|  | 		Id:         1, | ||||||
|  | 		UserId:     1, | ||||||
|  | 		AuthToken:  "migrate", | ||||||
|  | 		RememberMe: false, | ||||||
|  | 		CreatedAt:  time.Now(), | ||||||
|  | 	} | ||||||
|  | 	err = database.Migrate(app, session) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
							
								
								
									
										158
									
								
								models/session.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										158
									
								
								models/session.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,158 @@ | |||||||
|  | package models | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"crypto/rand" | ||||||
|  | 	"encoding/hex" | ||||||
|  | 	"log" | ||||||
|  | 	"net/http" | ||||||
|  | 	"time" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | type Session struct { | ||||||
|  | 	Id         int64 | ||||||
|  | 	UserId     int64 | ||||||
|  | 	AuthToken  string | ||||||
|  | 	RememberMe bool | ||||||
|  | 	CreatedAt  time.Time | ||||||
|  | } | ||||||
|  |  | ||||||
|  | const sessionColumnsNoId = "\"UserId\", \"AuthToken\",\"RememberMe\", \"CreatedAt\"" | ||||||
|  | const sessionColumns = "\"Id\", " + sessionColumnsNoId | ||||||
|  | const sessionTable = "public.\"Session\"" | ||||||
|  |  | ||||||
|  | const ( | ||||||
|  | 	selectSessionByAuthToken      = "SELECT " + sessionColumns + " FROM " + sessionTable + " WHERE \"AuthToken\" = $1" | ||||||
|  | 	selectAuthTokenIfExists       = "SELECT EXISTS(SELECT 1 FROM " + sessionTable + " WHERE \"AuthToken\" = $1)" | ||||||
|  | 	insertSession                 = "INSERT INTO " + sessionTable + " (" + sessionColumnsNoId + ") VALUES ($1, $2, $3, $4) RETURNING \"Id\"" | ||||||
|  | 	deleteSessionByAuthToken      = "DELETE FROM " + sessionTable + " WHERE \"AuthToken\" = $1" | ||||||
|  | 	deleteSessionsOlderThan30Days = "DELETE FROM " + sessionTable + " WHERE \"CreatedAt\" < NOW() - INTERVAL '30 days'" | ||||||
|  | 	deleteSessionsOlderThan6Hours = "DELETE FROM " + sessionTable + " WHERE \"CreatedAt\" < NOW() - INTERVAL '6 hours' AND \"RememberMe\" = false" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // CreateSession creates a new session for a user | ||||||
|  | func CreateSession(app *app.App, w http.ResponseWriter, userId int64, remember bool) (Session, error) { | ||||||
|  | 	session := Session{} | ||||||
|  | 	session.UserId = userId | ||||||
|  | 	session.AuthToken = generateAuthToken(app) | ||||||
|  | 	session.RememberMe = remember | ||||||
|  | 	session.CreatedAt = time.Now() | ||||||
|  |  | ||||||
|  | 	// If the AuthToken column for any user matches the token, set existingAuthToken to true | ||||||
|  | 	var existingAuthToken bool | ||||||
|  | 	err := app.Db.QueryRow(selectAuthTokenIfExists, session.AuthToken).Scan(&existingAuthToken) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error checking for existing auth token") | ||||||
|  | 		log.Println(err) | ||||||
|  | 		return Session{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// If duplicate token found, recursively call function until unique token is generated | ||||||
|  | 	if existingAuthToken == true { | ||||||
|  | 		log.Println("Duplicate token found in sessions table, generating new token...") | ||||||
|  | 		return CreateSession(app, w, userId, remember) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Insert session into database | ||||||
|  | 	err = app.Db.QueryRow(insertSession, session.UserId, session.AuthToken, session.RememberMe, session.CreatedAt).Scan(&session.Id) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error inserting session into database") | ||||||
|  | 		return Session{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	createSessionCookie(app, w, session) | ||||||
|  | 	return session, nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func GetSessionByAuthToken(app *app.App, authToken string) (Session, error) { | ||||||
|  | 	session := Session{} | ||||||
|  |  | ||||||
|  | 	err := app.Db.QueryRow(selectSessionByAuthToken, authToken).Scan(&session.Id, &session.UserId, &session.AuthToken, &session.RememberMe, &session.CreatedAt) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error getting session by auth token") | ||||||
|  | 		return Session{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return session, nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // Generates a random 64-byte string | ||||||
|  | func generateAuthToken(app *app.App) string { | ||||||
|  | 	b := make([]byte, 64) | ||||||
|  | 	_, err := rand.Read(b) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error generating random bytes") | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return hex.EncodeToString(b) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // createSessionCookie creates a new session cookie | ||||||
|  | func createSessionCookie(app *app.App, w http.ResponseWriter, session Session) { | ||||||
|  | 	cookie := &http.Cookie{} | ||||||
|  | 	if session.RememberMe { | ||||||
|  | 		cookie = &http.Cookie{ | ||||||
|  | 			Name:     "session", | ||||||
|  | 			Value:    session.AuthToken, | ||||||
|  | 			Path:     "/", | ||||||
|  | 			MaxAge:   2592000 * 1000, // 30 days in ms | ||||||
|  | 			HttpOnly: true, | ||||||
|  | 			Secure:   true, | ||||||
|  | 		} | ||||||
|  | 	} else { | ||||||
|  | 		cookie = &http.Cookie{ | ||||||
|  | 			Name:     "session", | ||||||
|  | 			Value:    session.AuthToken, | ||||||
|  | 			Path:     "/", | ||||||
|  | 			MaxAge:   21600 * 1000, // 6 hours in ms | ||||||
|  | 			HttpOnly: true, | ||||||
|  | 			Secure:   true, | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	http.SetCookie(w, cookie) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // deleteSessionCookie deletes the session cookie | ||||||
|  | func deleteSessionCookie(app *app.App, w http.ResponseWriter) { | ||||||
|  | 	cookie := &http.Cookie{ | ||||||
|  | 		Name:   "session", | ||||||
|  | 		Value:  "", | ||||||
|  | 		Path:   "/", | ||||||
|  | 		MaxAge: -1, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	http.SetCookie(w, cookie) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // DeleteSessionByAuthToken deletes a session from the database by AuthToken | ||||||
|  | func DeleteSessionByAuthToken(app *app.App, w http.ResponseWriter, authToken string) error { | ||||||
|  | 	_, err := app.Db.Exec(deleteSessionByAuthToken, authToken) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error deleting session from database") | ||||||
|  | 		return err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	deleteSessionCookie(app, w) | ||||||
|  |  | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // ScheduledSessionCleanup deletes expired sessions from the database | ||||||
|  | func ScheduledSessionCleanup(app *app.App) { | ||||||
|  | 	// Delete sessions older than 30 days (remember me sessions) | ||||||
|  | 	_, err := app.Db.Exec(deleteSessionsOlderThan30Days) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error deleting 30 day expired sessions from database") | ||||||
|  | 		log.Println(err) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Delete sessions older than 6 hours | ||||||
|  | 	_, err = app.Db.Exec(deleteSessionsOlderThan6Hours) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error deleting 6 hour expired sessions from database") | ||||||
|  | 		log.Println(err) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	log.Println("Deleted expired sessions from database") | ||||||
|  | } | ||||||
							
								
								
									
										125
									
								
								models/user.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										125
									
								
								models/user.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,125 @@ | |||||||
|  | package models | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"log" | ||||||
|  | 	"net/http" | ||||||
|  | 	"strconv" | ||||||
|  | 	"time" | ||||||
|  |  | ||||||
|  | 	"golang.org/x/crypto/bcrypt" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | type User struct { | ||||||
|  | 	Id        int64 | ||||||
|  | 	Username  string | ||||||
|  | 	Password  string | ||||||
|  | 	CreatedAt time.Time | ||||||
|  | 	UpdatedAt time.Time | ||||||
|  | } | ||||||
|  |  | ||||||
|  | const userColumnsNoId = "\"Username\", \"Password\", \"CreatedAt\", \"UpdatedAt\"" | ||||||
|  | const userColumns = "\"Id\", " + userColumnsNoId | ||||||
|  | const userTable = "public.\"User\"" | ||||||
|  |  | ||||||
|  | const ( | ||||||
|  | 	selectUserById       = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Id\" = $1" | ||||||
|  | 	selectUserByUsername = "SELECT " + userColumns + " FROM " + userTable + " WHERE \"Username\" = $1" | ||||||
|  | 	insertUser           = "INSERT INTO " + userTable + " (" + userColumnsNoId + ") VALUES ($1, $2, $3, $4) RETURNING \"Id\"" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // GetCurrentUser finds the currently logged-in user by session cookie | ||||||
|  | func GetCurrentUser(app *app.App, r *http.Request) (User, error) { | ||||||
|  | 	cookie, err := r.Cookie("session") | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error getting session cookie") | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	session, err := GetSessionByAuthToken(app, cookie.Value) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error getting session by auth token") | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return GetUserById(app, session.UserId) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // GetUserById finds a User table row in the database by id and returns a struct representing this row | ||||||
|  | func GetUserById(app *app.App, id int64) (User, error) { | ||||||
|  | 	user := User{} | ||||||
|  |  | ||||||
|  | 	err := app.Db.QueryRow(selectUserById, id).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Get user error (user not found) for user id:" + strconv.FormatInt(id, 10)) | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return user, nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // GetUserByUsername finds a User table row in the database by username and returns a struct representing this row | ||||||
|  | func GetUserByUsername(app *app.App, username string) (User, error) { | ||||||
|  | 	user := User{} | ||||||
|  |  | ||||||
|  | 	err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Get user error (user not found) for user:" + username) | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return user, nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // CreateUser creates a User table row in the database | ||||||
|  | func CreateUser(app *app.App, username string, password string, createdAt time.Time, updatedAt time.Time) (User, error) { | ||||||
|  | 	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error hashing password when creating user") | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	var lastInsertId int64 | ||||||
|  |  | ||||||
|  | 	err = app.Db.QueryRow(insertUser, username, string(hash), createdAt, updatedAt).Scan(&lastInsertId) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error creating user row") | ||||||
|  | 		return User{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return GetUserById(app, lastInsertId) | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // AuthenticateUser validates the password for the specified user | ||||||
|  | func AuthenticateUser(app *app.App, w http.ResponseWriter, username string, password string, remember bool) (Session, error) { | ||||||
|  | 	var user User | ||||||
|  |  | ||||||
|  | 	err := app.Db.QueryRow(selectUserByUsername, username).Scan(&user.Id, &user.Username, &user.Password, &user.CreatedAt, &user.UpdatedAt) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Authentication error (user not found) for user:" + username) | ||||||
|  | 		return Session{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) | ||||||
|  | 	if err != nil { // Failed to validate password, doesn't match | ||||||
|  | 		log.Println("Authentication error (incorrect password) for user:" + username) | ||||||
|  | 		return Session{}, err | ||||||
|  | 	} else { | ||||||
|  | 		return CreateSession(app, w, user.Id, remember) | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
|  | // LogoutUser deletes the session cookie and AuthToken from the database | ||||||
|  | func LogoutUser(app *app.App, w http.ResponseWriter, r *http.Request) { | ||||||
|  | 	cookie, err := r.Cookie("session") | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error getting cookie from request") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	err = DeleteSessionByAuthToken(app, w, cookie.Value) | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println("Error deleting session by AuthToken") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | } | ||||||
							
								
								
									
										57
									
								
								restclient/client.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										57
									
								
								restclient/client.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,57 @@ | |||||||
|  | package restclient | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"bytes" | ||||||
|  | 	"encoding/json" | ||||||
|  | 	"mime/multipart" | ||||||
|  | 	"net/http" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // SendRequest sends an HTTP request to a URL and includes the specified headers and body. | ||||||
|  | // A body can be nil for GET requests, a map[string]string for multipart/form-data requests, | ||||||
|  | // or a struct for JSON requests | ||||||
|  | func SendRequest(url string, method string, headers map[string]string, body interface{}) (http.Response, error) { | ||||||
|  | 	var reqBody *bytes.Buffer | ||||||
|  | 	var contentType string | ||||||
|  |  | ||||||
|  | 	switch v := body.(type) { | ||||||
|  | 	case nil: | ||||||
|  | 		reqBody = bytes.NewBuffer([]byte("")) | ||||||
|  | 	case map[string]string: | ||||||
|  | 		reqBody = &bytes.Buffer{} | ||||||
|  | 		writer := multipart.NewWriter(reqBody) | ||||||
|  | 		for key, value := range v { | ||||||
|  | 			writer.WriteField(key, value) | ||||||
|  | 		} | ||||||
|  | 		writer.Close() | ||||||
|  | 		contentType = writer.FormDataContentType() | ||||||
|  | 	default: | ||||||
|  | 		jsonBody, err := json.Marshal(body) | ||||||
|  | 		if err != nil { | ||||||
|  | 			return http.Response{}, err | ||||||
|  | 		} | ||||||
|  | 		reqBody = bytes.NewBuffer(jsonBody) | ||||||
|  | 		contentType = "application/json" | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	req, err := http.NewRequest(method, url, reqBody) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return http.Response{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	if contentType != "" { | ||||||
|  | 		req.Header.Set("Content-Type", contentType) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	for key, value := range headers { | ||||||
|  | 		req.Header.Add(key, value) | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	client := &http.Client{} | ||||||
|  | 	resp, err := client.Do(req) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return http.Response{}, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return *resp, nil | ||||||
|  | } | ||||||
							
								
								
									
										33
									
								
								routes/get.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								routes/get.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | package routes | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"GoWeb/controllers" | ||||||
|  | 	"io/fs" | ||||||
|  | 	"log" | ||||||
|  | 	"net/http" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // Get defines all project get routes | ||||||
|  | func Get(app *app.App) { | ||||||
|  | 	// Get controller struct initialize | ||||||
|  | 	getController := controllers.Get{ | ||||||
|  | 		App: app, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// Serve static files | ||||||
|  | 	staticFS, err := fs.Sub(app.Res, "static") | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Println(err) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	staticHandler := http.FileServer(http.FS(staticFS)) | ||||||
|  | 	http.Handle("/static/", http.StripPrefix("/static/", staticHandler)) | ||||||
|  | 	log.Println("Serving static files from embedded file system /static") | ||||||
|  |  | ||||||
|  | 	// Pages | ||||||
|  | 	http.HandleFunc("/", getController.ShowHome) | ||||||
|  | 	http.HandleFunc("/login", getController.ShowLogin) | ||||||
|  | 	http.HandleFunc("/register", getController.ShowRegister) | ||||||
|  | 	http.HandleFunc("/logout", getController.Logout) | ||||||
|  | } | ||||||
| @@ -1,26 +0,0 @@ | |||||||
| package routes |  | ||||||
|  |  | ||||||
| import ( |  | ||||||
| 	"GoWeb/app" |  | ||||||
| 	"GoWeb/controllers" |  | ||||||
| 	"log" |  | ||||||
| 	"net/http" |  | ||||||
| ) |  | ||||||
|  |  | ||||||
| // GetRoutes defines all project get routes |  | ||||||
| func GetRoutes(app *app.App) { |  | ||||||
| 	// Get controller struct initialize |  | ||||||
| 	getController := controllers.GetController{ |  | ||||||
| 		App: app, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// Serve static files |  | ||||||
| 	http.Handle("/file/", http.FileServer(http.Dir("./static"))) |  | ||||||
| 	log.Println("Serving static files from: ./static") |  | ||||||
|  |  | ||||||
| 	// Pages |  | ||||||
| 	http.HandleFunc("/", getController.ShowHome) |  | ||||||
| 	http.HandleFunc("/login", getController.ShowLogin) |  | ||||||
| 	http.HandleFunc("/register", getController.ShowRegister) |  | ||||||
| 	http.HandleFunc("/logout", getController.Logout) |  | ||||||
| } |  | ||||||
							
								
								
									
										20
									
								
								routes/post.go
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								routes/post.go
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | |||||||
|  | package routes | ||||||
|  |  | ||||||
|  | import ( | ||||||
|  | 	"GoWeb/app" | ||||||
|  | 	"GoWeb/controllers" | ||||||
|  | 	"GoWeb/middleware" | ||||||
|  | 	"net/http" | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | // Post defines all project post routes | ||||||
|  | func Post(app *app.App) { | ||||||
|  | 	// Post controller struct initialize | ||||||
|  | 	postController := controllers.Post{ | ||||||
|  | 		App: app, | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	// User authentication | ||||||
|  | 	http.HandleFunc("/register-handle", middleware.Csrf(postController.Register)) | ||||||
|  | 	http.HandleFunc("/login-handle", middleware.Csrf(postController.Login)) | ||||||
|  | } | ||||||
| @@ -1,19 +0,0 @@ | |||||||
| package routes |  | ||||||
|  |  | ||||||
| import ( |  | ||||||
| 	"GoWeb/app" |  | ||||||
| 	"GoWeb/controllers" |  | ||||||
| 	"net/http" |  | ||||||
| ) |  | ||||||
|  |  | ||||||
| // PostRoutes defines all project post routes |  | ||||||
| func PostRoutes(app *app.App) { |  | ||||||
| 	// Post controller struct initialize |  | ||||||
| 	postController := controllers.PostController{ |  | ||||||
| 		App: app, |  | ||||||
| 	} |  | ||||||
|  |  | ||||||
| 	// User authentication |  | ||||||
| 	http.HandleFunc("/register-handle", postController.Register) |  | ||||||
| 	http.HandleFunc("/login-handle", postController.Login) |  | ||||||
| } |  | ||||||
| @@ -10,7 +10,6 @@ import ( | |||||||
|  |  | ||||||
| // GenerateCsrfToken generates a csrf token and assigns it to a cookie for double submit cookie csrf protection | // GenerateCsrfToken generates a csrf token and assigns it to a cookie for double submit cookie csrf protection | ||||||
| func GenerateCsrfToken(w http.ResponseWriter, _ *http.Request) (string, error) { | func GenerateCsrfToken(w http.ResponseWriter, _ *http.Request) (string, error) { | ||||||
| 	// Generate random 64 character string (alpha-numeric) |  | ||||||
| 	buff := make([]byte, int(math.Ceil(float64(64)/2))) | 	buff := make([]byte, int(math.Ceil(float64(64)/2))) | ||||||
| 	_, err := rand.Read(buff) | 	_, err := rand.Read(buff) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| @@ -21,7 +20,6 @@ func GenerateCsrfToken(w http.ResponseWriter, _ *http.Request) (string, error) { | |||||||
| 	str := hex.EncodeToString(buff) | 	str := hex.EncodeToString(buff) | ||||||
| 	token := str[:64] | 	token := str[:64] | ||||||
|  |  | ||||||
| 	// Create session cookie, containing token |  | ||||||
| 	cookie := &http.Cookie{ | 	cookie := &http.Cookie{ | ||||||
| 		Name:     "csrf_token", | 		Name:     "csrf_token", | ||||||
| 		Value:    token, | 		Value:    token, | ||||||
| @@ -38,7 +36,6 @@ func GenerateCsrfToken(w http.ResponseWriter, _ *http.Request) (string, error) { | |||||||
|  |  | ||||||
| // VerifyCsrfToken verifies the csrf token | // VerifyCsrfToken verifies the csrf token | ||||||
| func VerifyCsrfToken(r *http.Request) (bool, error) { | func VerifyCsrfToken(r *http.Request) (bool, error) { | ||||||
| 	// Get csrf cookie |  | ||||||
| 	cookie, err := r.Cookie("csrf_token") | 	cookie, err := r.Cookie("csrf_token") | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		log.Println("Error getting csrf_token cookie") | 		log.Println("Error getting csrf_token cookie") | ||||||
| @@ -46,10 +43,8 @@ func VerifyCsrfToken(r *http.Request) (bool, error) { | |||||||
| 		return false, err | 		return false, err | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	// Get csrf token from form |  | ||||||
| 	token := r.FormValue("csrf_token") | 	token := r.FormValue("csrf_token") | ||||||
|  |  | ||||||
| 	// Compare csrf cookie and csrf token |  | ||||||
| 	if cookie.Value == token { | 	if cookie.Value == token { | ||||||
| 		return true, nil | 		return true, nil | ||||||
| 	} | 	} | ||||||
|   | |||||||
							
								
								
									
										75
									
								
								static/css/style.css
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										75
									
								
								static/css/style.css
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,75 @@ | |||||||
|  | body { | ||||||
|  |     font-family: Arial, sans-serif; | ||||||
|  |     background-color: lightblue; | ||||||
|  |     color: #333; | ||||||
|  |     margin: 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | .container { | ||||||
|  |     display: flex; | ||||||
|  |     justify-content: center; | ||||||
|  |     align-items: center; | ||||||
|  |     width: 80%; | ||||||
|  |     padding: 20px; | ||||||
|  |     margin: 0 auto; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | .footer-container { | ||||||
|  |     display: flex; | ||||||
|  |     justify-content: center; | ||||||
|  |     align-items: center; | ||||||
|  |     height: 80px; | ||||||
|  |     background-color: lightblue; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | footer { | ||||||
|  |     color: #0077be; | ||||||
|  |     font-size: 14px; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | form label { | ||||||
|  |     display: block; | ||||||
|  |     font-weight: bold; | ||||||
|  |     margin-bottom: 5px; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | form input[type="text"], | ||||||
|  | form input[type="password"] { | ||||||
|  |     padding: 10px; | ||||||
|  |     font-size: 16px; | ||||||
|  |     border-radius: 5px; | ||||||
|  |     border: none; | ||||||
|  |     margin-bottom: 10px; | ||||||
|  |     width: 100%; | ||||||
|  |     box-sizing: border-box; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | form input[type="submit"] { | ||||||
|  |     display: inline-block; | ||||||
|  |     padding: 10px 20px; | ||||||
|  |     background-color: #0077be; | ||||||
|  |     color: #fff; | ||||||
|  |     border-radius: 5px; | ||||||
|  |     text-decoration: none; | ||||||
|  |     border: none; | ||||||
|  |     cursor: pointer; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | form input[type="submit"]:hover { | ||||||
|  |     background-color: #005fa3; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | h1, h2, h3, h4, h5, h6 { | ||||||
|  |     font-weight: bold; | ||||||
|  |     color: #333; | ||||||
|  |     text-align: center; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | a { | ||||||
|  |     color: #0077be; | ||||||
|  |     text-decoration: none; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | a:hover { | ||||||
|  |     text-decoration: underline; | ||||||
|  | } | ||||||
| @@ -3,11 +3,14 @@ | |||||||
| <head> | <head> | ||||||
|     <meta charset="UTF-8"> |     <meta charset="UTF-8"> | ||||||
|     <title>SiteName - {{ template "pageTitle" }}</title> |     <title>SiteName - {{ template "pageTitle" }}</title> | ||||||
|  |     <link rel="stylesheet" href="/static/css/style.css"> | ||||||
| </head> | </head> | ||||||
| <body> | <body> | ||||||
| {{ template "content" . }} | {{ template "content" . }} | ||||||
| </body> | <div class="footer-container"> | ||||||
|     <footer> |     <footer> | ||||||
|     <p>SiteName - Powered by Go!</p> |         <p>SiteName - Powered by GoWeb!</p> | ||||||
|     </footer> |     </footer> | ||||||
|  | </div> | ||||||
|  | </body> | ||||||
| </html> | </html> | ||||||
| @@ -1,13 +1,18 @@ | |||||||
| {{ define "pageTitle" }}Login{{ end }} | {{ define "pageTitle" }}Login{{ end }} | ||||||
|  |  | ||||||
| {{ define "content" }} | {{ define "content" }} | ||||||
|  | <h1>Login</h1> | ||||||
|  | <div class="container"> | ||||||
|     <form action="/login-handle" method="post"> |     <form action="/login-handle" method="post"> | ||||||
|         <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}"> |         <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}"> | ||||||
|  |  | ||||||
|         <label for="username">Username:</label><br> |         <label for="username">Username:</label><br> | ||||||
|     <input id="username" name="username" type="text" value="John"><br><br> |         <input id="username" name="username" type="text" placeholder="John"><br><br> | ||||||
|         <label for="password">Password:</label><br> |         <label for="password">Password:</label><br> | ||||||
|         <input id="password" name="password" type="password"><br><br> |         <input id="password" name="password" type="password"><br><br> | ||||||
|  |         <label for="remember">Remember Me:</label> | ||||||
|  |         <input id="remember" type="checkbox" name="remember"><br><br> | ||||||
|         <input type="submit" value="Submit"> |         <input type="submit" value="Submit"> | ||||||
|     </form> |     </form> | ||||||
|  | </div> | ||||||
| {{ end }} | {{ end }} | ||||||
|   | |||||||
| @@ -1,13 +1,16 @@ | |||||||
| {{ define "pageTitle" }}Register{{ end }} | {{ define "pageTitle" }}Register{{ end }} | ||||||
|  |  | ||||||
| {{ define "content" }} | {{ define "content" }} | ||||||
|  | <h1>Register</h1> | ||||||
|  | <div class="container"> | ||||||
|     <form action="/register-handle" method="post"> |     <form action="/register-handle" method="post"> | ||||||
|         <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}"> |         <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}"> | ||||||
|  |  | ||||||
|         <label for="username">Username:</label><br> |         <label for="username">Username:</label><br> | ||||||
|     <input id="username" name="username" type="text" value="John"><br><br> |         <input id="username" name="username" type="text" placeholder="John"><br><br> | ||||||
|         <label for="password">Password:</label><br> |         <label for="password">Password:</label><br> | ||||||
|         <input id="password" name="password" type="password"><br><br> |         <input id="password" name="password" type="password"><br><br> | ||||||
|         <input type="submit" value="Submit"> |         <input type="submit" value="Submit"> | ||||||
|     </form> |     </form> | ||||||
|  | </div> | ||||||
| {{ end }} | {{ end }} | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user