nilix/quartzgun
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add Protected and Authorize middleware, fix cookie bug, gofmt

Browse source
This commit is contained in:
Iris Lightshard 2022-05-16 00:15:09 -06:00
parent 483e59e2b2
commit 0e5a81f27b
Signed by: Iris Lightshard
GPG key ID: 3B7FBC22144E6398
9 changed files with 464 additions and 408 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
auth/auth.go
View file

@ -1,9 +1,9 @@
package auth package auth
import ( import (
"time"
"net/http" "net/http"
"nilfm.cc/git/quartzgun/cookie" "nilfm.cc/git/quartzgun/cookie"
"time"
) )
type User struct { type User struct {

4
cookie/cookie.go
View file

@ -1,8 +1,8 @@
package cookie package cookie
import ( import (
"net/http"
"crypto/rand" "crypto/rand"
"net/http"
"time" "time"
) )
@ -30,7 +30,7 @@ func StoreToken(field string, token string, w http.ResponseWriter, hrs int) {
func GetToken(field string, req *http.Request) (string, error) { func GetToken(field string, req *http.Request) (string, error) {
c, err := req.Cookie(field) c, err := req.Cookie(field)
if err != nil { if err == nil {
return c.Value, nil return c.Value, nil
} else { } else {
return "", err return "", err

6
go.mod
View file

@ -2,8 +2,4 @@ module nilfm.cc/git/quartzgun
go 1.17 go 1.17
require ( require golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
)

7
go.sum
View file

@ -1,2 +1,9 @@
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

20
indentalUserDB/indentalUserDB.go
View file

@ -1,14 +1,14 @@
package indentalUserDB package indentalUserDB
import ( import (
"time" "errors"
"nilfm.cc/git/quartzgun/cookie" "fmt"
"nilfm.cc/git/quartzgun/auth"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
"nilfm.cc/git/quartzgun/auth"
"nilfm.cc/git/quartzgun/cookie"
"os" "os"
"strings" "strings"
"fmt" "time"
"errors"
) )
type IndentalUserDB struct { type IndentalUserDB struct {
@ -99,7 +99,7 @@ func (self *IndentalUserDB) ChangePassword(user string, password string, oldPass
return nil return nil
} }
func (self *IndentalUserDB) AddUser(user string, password string) error{ func (self *IndentalUserDB) AddUser(user string, password string) error {
if _, exists := self.Users[user]; exists { if _, exists := self.Users[user]; exists {
return errors.New("User already in DB") return errors.New("User already in DB")
} }
@ -114,7 +114,7 @@ func (self *IndentalUserDB) AddUser(user string, password string) error{
Session: "", Session: "",
} }
writeDB(self.Basis, self.Users) writeDB(self.Basis, self.Users)
return nil; return nil
} }
func (self *IndentalUserDB) SetData(user string, key string, value interface{}) error { func (self *IndentalUserDB) SetData(user string, key string, value interface{}) error {
@ -122,8 +122,8 @@ func (self *IndentalUserDB) SetData(user string, key string, value interface{})
return errors.New("User not in DB") return errors.New("User not in DB")
} }
self.Users[user].Data[key] = value; self.Users[user].Data[key] = value
return nil; return nil
} }
func (self *IndentalUserDB) GetData(user string, key string) (interface{}, error) { func (self *IndentalUserDB) GetData(user string, key string) (interface{}, error) {
@ -228,7 +228,7 @@ func writeDB(filePath string, users map[string]*auth.User) error {
user.Pass, user.Pass,
user.Session, user.Session,
user.LoginTime, user.LoginTime,
user.LastSeen)); user.LastSeen))
for k, v := range user.Data { for k, v := range user.Data {
f.WriteString(fmt.Sprintf("\t\t%s: %s\n", k, v)) f.WriteString(fmt.Sprintf("\t\t%s: %s\n", k, v))
} }

53
middleware/middleware.go Normal file
View file

@ -0,0 +1,53 @@
package middleware
import (
"context"
"net/http"
"nilfm.cc/git/quartzgun/auth"
"nilfm.cc/git/quartzgun/cookie"
)
func Protected(next http.Handler, userStore auth.UserStore) http.Handler {
handlerFunc := func(w http.ResponseWriter, req *http.Request) {
user, err := cookie.GetToken("user", req)
if err == nil {
session, err := cookie.GetToken("session", req)
if err == nil {
login, err := userStore.ValidateUser(user, session)
if err == nil && login {
next.ServeHTTP(w, req)
return
}
}
}
req.Method = http.MethodGet
http.Redirect(w, req, "/login", http.StatusTemporaryRedirect)
}
return http.HandlerFunc(handlerFunc)
}
func Authorize(next string, userStore auth.UserStore) http.Handler {
handlerFunc := func(w http.ResponseWriter, req *http.Request) {
err := auth.Login(
req.FormValue("user"),
req.FormValue("password"),
userStore,
w,
24*7*52)
if err == nil {
req.Method = http.MethodGet
http.Redirect(w, req, next, http.StatusOK)
} else {
*req = *req.WithContext(
context.WithValue(
req.Context(),
"message",
"Incorrect credentials"))
req.Method = http.MethodGet
http.Redirect(w, req, "/login", http.StatusTemporaryRedirect)
}
}
return http.HandlerFunc(handlerFunc)
}

12
quartzgun_test.go
View file

@ -1,13 +1,13 @@
package main package main
import ( import (
"fmt"
"net/http"
"html/template"
"context" "context"
"nilfm.cc/git/quartzgun/router" "fmt"
"nilfm.cc/git/quartzgun/renderer" "html/template"
"net/http"
"nilfm.cc/git/quartzgun/indentalUserDB" "nilfm.cc/git/quartzgun/indentalUserDB"
"nilfm.cc/git/quartzgun/renderer"
"nilfm.cc/git/quartzgun/router"
"testing" "testing"
) )
@ -30,7 +30,7 @@ func ApiSomething(next http.Handler) http.Handler {
return http.HandlerFunc(handlerFunc) return http.HandlerFunc(handlerFunc)
} }
func TestMain(m *testing.M){ func TestMain(m *testing.M) {
udb := indentalUserDB.CreateIndentalUserDB("testData/userDB.ndtl") udb := indentalUserDB.CreateIndentalUserDB("testData/userDB.ndtl")
udb.AddUser("nilix", "questing") udb.AddUser("nilix", "questing")
sesh, _ := udb.InitiateSession("nilix", "questing") sesh, _ := udb.InitiateSession("nilix", "questing")

4
renderer/renderer.go
View file

@ -1,10 +1,10 @@
package renderer package renderer
import ( import (
"net/http"
"html/template"
"encoding/json" "encoding/json"
"encoding/xml" "encoding/xml"
"html/template"
"net/http"
) )
func Template(t ...string) http.Handler { func Template(t ...string) http.Handler {

16
router/router.go
View file

@ -1,16 +1,16 @@
package router package router
import ( import (
"net/http" "context"
"errors"
"html/template" "html/template"
"regexp"
"log" "log"
"net/http"
"os"
"path"
"regexp"
"strconv" "strconv"
"strings" "strings"
"path"
"os"
"errors"
"context"
) )
type Router struct { type Router struct {
@ -83,7 +83,7 @@ func (self *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) {
p = path.Clean(p) p = path.Clean(p)
/* If the file exists, try to serve it. */ /* If the file exists, try to serve it. */
info, err := os.Stat(p); info, err := os.Stat(p)
if err == nil && !info.IsDir() { if err == nil && !info.IsDir() {
http.ServeFile(w, req, p) http.ServeFile(w, req, p)
/* Handle the common errors */ /* Handle the common errors */
@ -116,7 +116,7 @@ func (self *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) {
req.ParseForm() req.ParseForm()
ProcessParams(req, params) ProcessParams(req, params)
/* handle the request! */ /* handle the request! */
handler.ServeHTTP(w, req); handler.ServeHTTP(w, req)
return return
} }
} }