Merge branch 'master' into enhanced_routing_and_logout_fixes

Merge remote-tracking branch 'origin/enhanced_routing_and_logout_fixes' into enhanced_routing_and_logout_fixes
Merge remote-tracking branch 'origin/master'
2024-02-28 10:06:56 -06:00 · 2024-02-28 09:52:47 -06:00 · 2024-02-28 09:52:10 -06:00 · 2024-02-28 09:51:56 -06:00 · 2024-02-28 09:51:26 -06:00 · 2024-02-18 17:23:46 -06:00
11 changed files with 86 additions and 41 deletions
--- a/README.md
+++ b/README.md
@ -19,7 +19,7 @@ fine with getting your hands dirty, but I plan on having it ready to go for more
 - Config file handling
 - Scheduled tasks
 - Entire website compiles into a single binary (~10mb) (excluding env.json)
- Minimal dependencies (just standard library, postgres driver, and experimental package for bcrypt)
+- Minimal dependencies (just standard library, postgres driver, and x/crypto for bcrypt)
 <hr>
@ -59,7 +59,7 @@ fine with getting your hands dirty, but I plan on having it ready to go for more
 ### License and disclaimer 😤
 - You are free to use this project under the terms of the MIT license. See LICENSE for more details.
- You and you alone are responsible for the security and everything else regarding your application.
+- You are responsible for the security and everything else regarding your application.
 - It is not required, but I ask that when you use this project you give me credit by linking to this repository.
 - I also ask that when releasing self-hosted or other end-user applications that you release it under
  the [GPLv3](https://www.gnu.org/licenses/gpl-3.0.html) license. This too is not required, but I would appreciate it.
--- a/controllers/get.go
+++ b/controllers/get.go
@ -13,21 +13,11 @@ type Get struct {
 	App *app.App
 }
-func (g *Get) ShowHome(w http.ResponseWriter, _ *http.Request) {
+func (g *Get) ShowHome(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		Test string
+		CsrfToken       string
-	}
+		IsAuthenticated bool
-
+		Test            string
 	data := dataStruct{
 		Test: "Hello World!",
 	}
 	templating.RenderTemplate(w, "templates/pages/home.html", data)
 }
 func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
 		CsrfToken string
 	}
 	CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -35,8 +25,41 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	isAuthenticated := true
 	user, err := models.CurrentUser(g.App, r)
 	if err != nil || user.Id == 0 {
 		isAuthenticated = false
 	}
 	data := dataStruct{
-		CsrfToken: CsrfToken,
+		CsrfToken:       CsrfToken,
 		Test:            "Hello World!",
 		IsAuthenticated: isAuthenticated,
 	}
 	templating.RenderTemplate(w, "templates/pages/home.html", data)
 }
 func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
 		CsrfToken       string
 		IsAuthenticated bool
 	}
 	CsrfToken, err := security.GenerateCsrfToken(w, r)
 	if err != nil {
 		return
 	}
 	isAuthenticated := true
 	user, err := models.CurrentUser(g.App, r)
 	if err != nil || user.Id == 0 {
 		isAuthenticated = false
 	}
 	data := dataStruct{
 		CsrfToken:       CsrfToken,
 		IsAuthenticated: isAuthenticated,
 	}
 	templating.RenderTemplate(w, "templates/pages/register.html", data)
@ -44,7 +67,8 @@ func (g *Get) ShowRegister(w http.ResponseWriter, r *http.Request) {
 func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
 	type dataStruct struct {
-		CsrfToken string
+		CsrfToken       string
 		IsAuthenticated bool
 	}
 	CsrfToken, err := security.GenerateCsrfToken(w, r)
@ -58,8 +82,3 @@ func (g *Get) ShowLogin(w http.ResponseWriter, r *http.Request) {
 	templating.RenderTemplate(w, "templates/pages/login.html", data)
 }
 func (g *Get) Logout(w http.ResponseWriter, r *http.Request) {
 	models.LogoutUser(g.App, w, r)
 	http.Redirect(w, r, "/", http.StatusFound)
 }
--- a/controllers/post.go
+++ b/controllers/post.go
@ -50,3 +50,8 @@ func (p *Post) Register(w http.ResponseWriter, r *http.Request) {
 	http.Redirect(w, r, "/login", http.StatusFound)
 }
 func (p *Post) Logout(w http.ResponseWriter, r *http.Request) {
 	models.LogoutUser(p.App, w, r)
 	http.Redirect(w, r, "/", http.StatusFound)
 }
--- a/database/migrate.go
+++ b/database/migrate.go
@ -9,7 +9,8 @@ import (
 	"reflect"
 )
-// Migrate given a dummy object of any type, it will create a table with the same name as the type and create columns with the same name as the fields of the object
+// Migrate given a dummy object of any type, it will create a table with the same name
 // as the type and create columns with the same name as the fields of the object
 func Migrate(app *app.App, anyStruct interface{}) error {
 	valueOfStruct := reflect.ValueOf(anyStruct)
 	typeOfStruct := valueOfStruct.Type()
@ -23,10 +24,15 @@ func Migrate(app *app.App, anyStruct interface{}) error {
 	for i := 0; i < valueOfStruct.NumField(); i++ {
 		fieldType := typeOfStruct.Field(i)
 		fieldName := fieldType.Name
-		if fieldName != "Id" && fieldName != "id" {
+
-			err := createColumn(app, tableName, fieldName, fieldType.Type.Name())
+		// Create column if dummy for migration is NOT zero value
-			if err != nil {
+		fieldValue := valueOfStruct.Field(i).Interface()
-				return err
+		if !reflect.ValueOf(fieldValue).IsZero() {
 			if fieldName != "Id" && fieldName != "id" {
 				err := createColumn(app, tableName, fieldName, fieldType.Type.Name())
 				if err != nil {
 					return err
 				}
 			}
 		}
 	}
--- a/go.mod
+++ b/go.mod
@ -1,8 +1,8 @@
 module GoWeb
-go 1.21
+go 1.22
 require (
 	github.com/lib/pq v1.10.9
-	golang.org/x/crypto v0.17.0
+	golang.org/x/crypto v0.20.0
 )
--- a/go.sum
+++ b/go.sum
@ -1,4 +1,4 @@
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
--- a/models/migrations.go
+++ b/models/migrations.go
@ -25,7 +25,7 @@ func RunAllMigrations(app *app.App) error {
 		Id:         1,
 		UserId:     1,
 		AuthToken:  "migrate",
-		RememberMe: false,
+		RememberMe: true, // Booleans must be true to migrate properly
 		CreatedAt:  time.Now(),
 	}
 	err = database.Migrate(app, session)
--- a/models/session.go
+++ b/models/session.go
@ -17,7 +17,7 @@ type Session struct {
 	CreatedAt  time.Time
 }
-const sessionColumnsNoId = "\"UserId\", \"AuthToken\",\"RememberMe\", \"CreatedAt\""
+const sessionColumnsNoId = "\"UserId\", \"AuthToken\", \"RememberMe\", \"CreatedAt\""
 const sessionColumns = "\"Id\", " + sessionColumnsNoId
 const sessionTable = "public.\"Session\""
--- a/routes/get.go
+++ b/routes/get.go
@ -22,12 +22,11 @@ func Get(app *app.App) {
 		return
 	}
 	staticHandler := http.FileServer(http.FS(staticFS))
-	http.Handle("/static/", http.StripPrefix("/static/", staticHandler))
+	http.Handle("GET /static/", http.StripPrefix("/static/", staticHandler))
 	slog.Info("serving static files from embedded file system /static")
 	// Pages
-	http.HandleFunc("/", getController.ShowHome)
+	http.HandleFunc("GET /", getController.ShowHome)
-	http.HandleFunc("/login", getController.ShowLogin)
+	http.HandleFunc("GET /login", getController.ShowLogin)
-	http.HandleFunc("/register", getController.ShowRegister)
+	http.HandleFunc("GET /register", getController.ShowRegister)
 	http.HandleFunc("/logout", getController.Logout)
 }
--- a/routes/post.go
+++ b/routes/post.go
@ -15,6 +15,7 @@ func Post(app *app.App) {
 	}
 	// User authentication
-	http.HandleFunc("/register-handle", middleware.Csrf(postController.Register))
+	http.HandleFunc("POST /register-handle", middleware.Csrf(postController.Register))
-	http.HandleFunc("/login-handle", middleware.Csrf(postController.Login))
+	http.HandleFunc("POST /login-handle", middleware.Csrf(postController.Login))
 	http.HandleFunc("POST /logout", middleware.Csrf(postController.Logout))
 }
--- a/templates/base.html
+++ b/templates/base.html
@ -6,6 +6,21 @@
    <link href="/static/css/style.css" rel="stylesheet">
 </head>
 <body>
 <div class="navbar">
    {{ if .IsAuthenticated }}
    <form action="/logout" method="post">
        <input name="csrf_token" type="hidden" value="{{ .CsrfToken }}">
        <input type="submit" value="Logout">
    </form>
    {{ else }}
    <form action="/login" method="get">
        <input type="submit" value="Login">
    </form>
    <form action="/register" method="get">
        <input type="submit" value="Register">
    </form>
    {{ end }}
 </div>
 {{ template "content" . }}
 <div class="footer-container">
    <footer>
Author	SHA1	Message	Date
max	783ddaf553	Merge branch 'master' into enhanced_routing_and_logout_fixes	2024-02-28 10:06:56 -06:00
max	b8b64968bb	Merge remote-tracking branch 'origin/enhanced_routing_and_logout_fixes' into enhanced_routing_and_logout_fixes	2024-02-28 09:52:47 -06:00
max	aad9cdfaf5	Merge remote-tracking branch 'origin/master'	2024-02-28 09:52:10 -06:00
max	3738ba689e	Update x/crypto	2024-02-28 09:51:56 -06:00
max	65be302aa4	Update x/crypto	2024-02-28 09:51:26 -06:00
Maximilian	8ab50cb37c	Merge branch 'master' into enhanced_routing_and_logout_fixes	2024-02-18 17:23:46 -06:00
Maximilian	a833823ad6	Fix wording	2024-02-18 17:23:23 -06:00
max	6d6aff50b3	Only show logout (now CSRF protected) if user is authenticated, include relevant authentication logic in GET controllers (this should be moved to middleware)	2024-02-14 13:20:35 -06:00
max	a6be73765a	Add GET verb to static handler	2024-02-14 13:16:52 -06:00
max	ddc9e51831	Fix boolean column migration example	2024-02-14 13:16:15 -06:00
max	dc450e26dd	Move logout to POST route and controller with CSRF middleware. Add CsrfToken to home for logout	2024-02-12 14:46:26 -06:00
max	de4a217c5f	Update extended crypto library	2024-02-09 14:47:29 -06:00
max	c4e83d06b9	Bump go version to 1.22	2024-02-09 14:21:45 -06:00
max	51da24be9b	Small formatting fix	2024-02-09 13:44:21 -06:00
Maximilian	e497f4d2f0	Ignore fields that are zero value	2024-01-20 16:32:07 -06:00