From 7c0d0c864aec533c96ca9e03c9bb9fcc62d68857 Mon Sep 17 00:00:00 2001 From: Derek Stevens Date: Tue, 17 May 2022 22:29:40 -0600 Subject: [PATCH] fix middleware, add diagnostics to router --- middleware/middleware.go | 15 +++++++++++---- quartzgun_test.go | 10 +++++++++- router/router.go | 2 ++ testData/static/style.css | 0 testData/templates/cms_list.html | 3 +++ testData/templates/error.html | 1 - testData/templates/footer.html | 4 ++-- testData/templates/header.html | 11 +++++++++++ testData/templates/login.html | 21 +++++++++++++++++++++ 9 files changed, 59 insertions(+), 8 deletions(-) create mode 100644 testData/static/style.css create mode 100644 testData/templates/cms_list.html create mode 100644 testData/templates/header.html create mode 100644 testData/templates/login.html diff --git a/middleware/middleware.go b/middleware/middleware.go index 138ed71..cbd1998 100644 --- a/middleware/middleware.go +++ b/middleware/middleware.go @@ -2,12 +2,13 @@ package middleware import ( "context" + "fmt" "net/http" "nilfm.cc/git/quartzgun/auth" "nilfm.cc/git/quartzgun/cookie" ) -func Protected(next http.Handler, userStore auth.UserStore) http.Handler { +func Protected(next http.Handler, method string, userStore auth.UserStore) http.Handler { handlerFunc := func(w http.ResponseWriter, req *http.Request) { user, err := cookie.GetToken("user", req) if err == nil { @@ -15,13 +16,17 @@ func Protected(next http.Handler, userStore auth.UserStore) http.Handler { if err == nil { login, err := userStore.ValidateUser(user, session) if err == nil && login { + fmt.Printf("authorized!\n") + fmt.Printf("user: %s, session: %s\n", user, session) + req.Method = method next.ServeHTTP(w, req) return } } } + fmt.Printf("unauthorized...\n") req.Method = http.MethodGet - http.Redirect(w, req, "/login", http.StatusTemporaryRedirect) + http.Redirect(w, req, "/login", http.StatusSeeOther) } return http.HandlerFunc(handlerFunc) @@ -37,15 +42,17 @@ func Authorize(next string, userStore auth.UserStore) http.Handler { 24*7*52) if err == nil { req.Method = http.MethodGet - http.Redirect(w, req, next, http.StatusOK) + fmt.Printf("logged in as %s\n", req.FormValue("user")) + http.Redirect(w, req, next, http.StatusSeeOther) } else { *req = *req.WithContext( context.WithValue( req.Context(), "message", "Incorrect credentials")) + fmt.Printf("login failed!\n") req.Method = http.MethodGet - http.Redirect(w, req, "/login", http.StatusTemporaryRedirect) + http.Redirect(w, req, "/login", http.StatusSeeOther) } } diff --git a/quartzgun_test.go b/quartzgun_test.go index c325926..3c9d099 100644 --- a/quartzgun_test.go +++ b/quartzgun_test.go @@ -6,6 +6,7 @@ import ( "html/template" "net/http" "nilfm.cc/git/quartzgun/indentalUserDB" + "nilfm.cc/git/quartzgun/middleware" "nilfm.cc/git/quartzgun/renderer" "nilfm.cc/git/quartzgun/router" "testing" @@ -43,7 +44,14 @@ func TestMain(m *testing.M) { Fallback: *template.Must(template.ParseFiles("testData/templates/error.html", "testData/templates/footer.html")), } - rtr.Get("/", AddContent(renderer.Template("testData/templates/test.html"))) + rtr.Get("/login", renderer.Template( + "testData/templates/login.html")) + + rtr.Post("/login", middleware.Authorize("/", udb)) + + rtr.Get("/", middleware.Protected( + renderer.Template( + "testData/templates/test.html"), http.MethodGet, udb)) rtr.Get("/json", ApiSomething(renderer.JSON("apiData"))) diff --git a/router/router.go b/router/router.go index 2d9ea3c..f80b8f6 100644 --- a/router/router.go +++ b/router/router.go @@ -3,6 +3,7 @@ package router import ( "context" "errors" + "fmt" "html/template" "log" "net/http" @@ -100,6 +101,7 @@ func (self *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) { } } + fmt.Printf("%s: %s\n", req.Method, req.URL.Path) /* Otherwise, this is a normal route */ for _, r := range self.routes { diff --git a/testData/static/style.css b/testData/static/style.css new file mode 100644 index 0000000..e69de29 diff --git a/testData/templates/cms_list.html b/testData/templates/cms_list.html new file mode 100644 index 0000000..063a450 --- /dev/null +++ b/testData/templates/cms_list.html @@ -0,0 +1,3 @@ +{{template "header"}} +

It works!

+{{template "footer"}} \ No newline at end of file diff --git a/testData/templates/error.html b/testData/templates/error.html index 86c502f..eed8715 100644 --- a/testData/templates/error.html +++ b/testData/templates/error.html @@ -6,7 +6,6 @@ - test — error diff --git a/testData/templates/footer.html b/testData/templates/footer.html index 4310abf..0c38b62 100644 --- a/testData/templates/footer.html +++ b/testData/templates/footer.html @@ -1,4 +1,4 @@ -{{ define "footer" }} +{{define "footer"}} -{{ end }} +{{end}} \ No newline at end of file diff --git a/testData/templates/header.html b/testData/templates/header.html new file mode 100644 index 0000000..f3c546f --- /dev/null +++ b/testData/templates/header.html @@ -0,0 +1,11 @@ +{{define "header"}} + + + + + + + Nirvash — Test + + +{{end}} \ No newline at end of file diff --git a/testData/templates/login.html b/testData/templates/login.html new file mode 100644 index 0000000..f3f740e --- /dev/null +++ b/testData/templates/login.html @@ -0,0 +1,21 @@ +{{ $errorMsg := (.Context).Value "message" }} + + + + + + + + Nirvash — Login + + + {{ if $errorMsg }} +
{{ $errorMsg }}
+ {{ end }} +
+ + + +
+ +