Finish cleaning dependencies
This commit is contained in:
55
http/http.go
55
http/http.go
@ -2,6 +2,7 @@ package http
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"git.javil.eu/jacob1123/budgeteer"
|
||||
|
||||
@ -10,25 +11,30 @@ import (
|
||||
|
||||
// Handler handles incoming requests
|
||||
type Handler struct {
|
||||
UserService budgeteer.UserService
|
||||
UserService budgeteer.UserService
|
||||
TokenVerifier budgeteer.TokenVerifier
|
||||
}
|
||||
|
||||
func (h *Handler) Serve() {
|
||||
const (
|
||||
expiration = 72
|
||||
authCookie = "authentication"
|
||||
)
|
||||
|
||||
func (h *Handler) Serve() {
|
||||
router := gin.Default()
|
||||
|
||||
router.LoadHTMLGlob("./templates/*")
|
||||
router.Static("/static", "./static")
|
||||
|
||||
router.GET("/", func(c *gin.Context) { c.HTML(http.StatusOK, "index", nil) })
|
||||
router.GET("/login", login)
|
||||
router.GET("/login", h.login)
|
||||
api := router.Group("/api/v1")
|
||||
{
|
||||
api.GET("/logout", logout)
|
||||
api.GET("/login", func(c *gin.Context) {
|
||||
c.Redirect(http.StatusPermanentRedirect, "/login")
|
||||
})
|
||||
api.POST("/login", loginPost)
|
||||
api.POST("/login", h.loginPost)
|
||||
|
||||
// Unauthenticated routes
|
||||
api.GET("/check", func(c *gin.Context) {
|
||||
@ -42,34 +48,41 @@ func (h *Handler) Serve() {
|
||||
r := api.Group("/restricted")
|
||||
{
|
||||
//r.Use(middleware.JWT([]byte(secret)))
|
||||
r.GET("", restricted)
|
||||
r.GET("", h.restricted)
|
||||
}
|
||||
}
|
||||
|
||||
router.Run(":1323")
|
||||
}
|
||||
|
||||
func restricted(c *gin.Context) {
|
||||
claims, ok := verifyLogin(c)
|
||||
if !ok {
|
||||
func (h *Handler) restricted(c *gin.Context) {
|
||||
token, err := h.verifyLogin(c)
|
||||
if err != nil {
|
||||
c.Redirect(http.StatusTemporaryRedirect, "/login")
|
||||
return
|
||||
}
|
||||
|
||||
name := claims["name"].(string)
|
||||
name := token.GetName()
|
||||
c.String(http.StatusOK, "Welcome "+name+"!")
|
||||
}
|
||||
|
||||
func verifyLogin(c *gin.Context) error {
|
||||
func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
|
||||
tokenString, err := c.Cookie(authCookie)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
token, err := h.TokenVerifier.VerifyToken(tokenString)
|
||||
if err != nil {
|
||||
c.SetCookie(authCookie, "", -1, "", "", false, false)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func login(c *gin.Context) {
|
||||
if _, ok := verifyLogin(c); ok {
|
||||
func (h *Handler) login(c *gin.Context) {
|
||||
if _, err := h.verifyLogin(c); err == nil {
|
||||
c.Redirect(http.StatusTemporaryRedirect, "/api/v1/hello")
|
||||
return
|
||||
}
|
||||
@ -81,7 +94,11 @@ func logout(c *gin.Context) {
|
||||
clearLogin(c)
|
||||
}
|
||||
|
||||
func loginPost(c *gin.Context) {
|
||||
func clearLogin(c *gin.Context) {
|
||||
c.SetCookie(authCookie, "", -1, "", "", false, true)
|
||||
}
|
||||
|
||||
func (h *Handler) loginPost(c *gin.Context) {
|
||||
username, _ := c.GetPostForm("username")
|
||||
password, _ := c.GetPostForm("password")
|
||||
|
||||
@ -90,5 +107,15 @@ func loginPost(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
loginSuccess(c, username, "Jan Bader")
|
||||
t, err := h.TokenVerifier.CreateToken(username, "Jan Bader")
|
||||
if err != nil {
|
||||
c.AbortWithStatus(http.StatusUnauthorized)
|
||||
}
|
||||
|
||||
maxAge := (int)((expiration * time.Hour).Seconds())
|
||||
c.SetCookie(authCookie, t, maxAge, "", "", false, true)
|
||||
|
||||
c.JSON(http.StatusOK, map[string]string{
|
||||
"token": t,
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user