122 lines
2.6 KiB
Go
122 lines
2.6 KiB
Go
package http
|
|
|
|
import (
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.javil.eu/jacob1123/budgeteer"
|
|
|
|
"gopkg.in/gin-gonic/gin.v1"
|
|
)
|
|
|
|
// Handler handles incoming requests
|
|
type Handler struct {
|
|
UserService budgeteer.UserService
|
|
TokenVerifier budgeteer.TokenVerifier
|
|
}
|
|
|
|
const (
|
|
expiration = 72
|
|
authCookie = "authentication"
|
|
)
|
|
|
|
func (h *Handler) Serve() {
|
|
router := gin.Default()
|
|
|
|
router.LoadHTMLGlob("./templates/*")
|
|
router.Static("/static", "./static")
|
|
|
|
router.GET("/", func(c *gin.Context) { c.HTML(http.StatusOK, "index", nil) })
|
|
router.GET("/login", h.login)
|
|
api := router.Group("/api/v1")
|
|
{
|
|
api.GET("/logout", logout)
|
|
api.GET("/login", func(c *gin.Context) {
|
|
c.Redirect(http.StatusPermanentRedirect, "/login")
|
|
})
|
|
api.POST("/login", h.loginPost)
|
|
|
|
// Unauthenticated routes
|
|
api.GET("/check", func(c *gin.Context) {
|
|
c.String(http.StatusOK, "Accessible")
|
|
})
|
|
api.GET("/hello", func(c *gin.Context) {
|
|
c.String(http.StatusOK, "Hello, World!")
|
|
})
|
|
|
|
// Restricted group
|
|
r := api.Group("/restricted")
|
|
{
|
|
//r.Use(middleware.JWT([]byte(secret)))
|
|
r.GET("", h.restricted)
|
|
}
|
|
}
|
|
|
|
router.Run(":1323")
|
|
}
|
|
|
|
func (h *Handler) restricted(c *gin.Context) {
|
|
token, err := h.verifyLogin(c)
|
|
if err != nil {
|
|
c.Redirect(http.StatusTemporaryRedirect, "/login")
|
|
return
|
|
}
|
|
|
|
name := token.GetName()
|
|
c.String(http.StatusOK, "Welcome "+name+"!")
|
|
}
|
|
|
|
func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
|
|
tokenString, err := c.Cookie(authCookie)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
token, err := h.TokenVerifier.VerifyToken(tokenString)
|
|
if err != nil {
|
|
c.SetCookie(authCookie, "", -1, "", "", false, false)
|
|
return nil, err
|
|
}
|
|
|
|
return token, nil
|
|
}
|
|
|
|
func (h *Handler) login(c *gin.Context) {
|
|
if _, err := h.verifyLogin(c); err == nil {
|
|
c.Redirect(http.StatusTemporaryRedirect, "/api/v1/hello")
|
|
return
|
|
}
|
|
|
|
c.HTML(http.StatusOK, "login", nil)
|
|
}
|
|
|
|
func logout(c *gin.Context) {
|
|
clearLogin(c)
|
|
}
|
|
|
|
func clearLogin(c *gin.Context) {
|
|
c.SetCookie(authCookie, "", -1, "", "", false, true)
|
|
}
|
|
|
|
func (h *Handler) loginPost(c *gin.Context) {
|
|
username, _ := c.GetPostForm("username")
|
|
password, _ := c.GetPostForm("password")
|
|
|
|
if username != "jan" || password != "passwort" {
|
|
c.AbortWithStatus(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
t, err := h.TokenVerifier.CreateToken(username, "Jan Bader")
|
|
if err != nil {
|
|
c.AbortWithStatus(http.StatusUnauthorized)
|
|
}
|
|
|
|
maxAge := (int)((expiration * time.Hour).Seconds())
|
|
c.SetCookie(authCookie, t, maxAge, "", "", false, true)
|
|
|
|
c.JSON(http.StatusOK, map[string]string{
|
|
"token": t,
|
|
})
|
|
}
|