camzalewski/personal-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Initial commit of auth package.

Browse source
This commit is contained in:
mikestefanello 2021-12-11 23:17:12 -05:00
parent 5582bb6acd
commit 25e5119dd5
5 changed files with 99 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

60
auth/auth.go Normal file
View file

@ -0,0 +1,60 @@
package auth
import (
"errors"
"github.com/labstack/echo-contrib/session"
"github.com/labstack/echo/v4"
"golang.org/x/crypto/bcrypt"
)
const (
sessionName = "ua"
sessionKeyUserID = "user_id"
sessionKeyAuthenticated = "authenticated"
)
func Login(c echo.Context, userID int) error {
sess, err := session.Get(sessionName, c)
if err != nil {
return err
}
sess.Values[sessionKeyUserID] = userID
sess.Values[sessionKeyAuthenticated] = true
// TODO: max age?
return sess.Save(c.Request(), c.Response())
}
func Logout(c echo.Context) error {
sess, err := session.Get(sessionName, c)
if err != nil {
return err
}
sess.Values[sessionKeyAuthenticated] = false
return sess.Save(c.Request(), c.Response())
}
func GetUserID(c echo.Context) (int, error) {
sess, err := session.Get(sessionName, c)
if err != nil {
return 0, err
}
if sess.Values[sessionKeyAuthenticated] == true {
return sess.Values[sessionKeyUserID].(int), nil
}
return 0, errors.New("user not authenticated")
}
func HashPassword(password string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return "", err
}
return string(hash), nil
}
func CheckPassword(password, hash string) error {
return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
}

5
controllers/home.go
View file

@ -1,6 +1,8 @@
package controllers package controllers
import ( import (
"goweb/auth"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
@ -16,5 +18,8 @@ func (h *Home) Get(c echo.Context) error {
p.Metatags.Description = "Welcome to the homepage." p.Metatags.Description = "Welcome to the homepage."
p.Metatags.Keywords = []string{"Go", "MVC", "Web", "Software"} p.Metatags.Keywords = []string{"Go", "MVC", "Web", "Software"}
uid, _ := auth.GetUserID(c)
c.Logger().Infof("logged in user ID: %d", uid)
return h.RenderPage(c, p) return h.RenderPage(c, p)
} }

19
controllers/logout.go Normal file
View file

@ -0,0 +1,19 @@
package controllers
import (
"goweb/auth"
"goweb/msg"
"github.com/labstack/echo/v4"
)
type Logout struct {
Controller
}
func (l *Logout) Get(c echo.Context) error {
if err := auth.Logout(c); err == nil {
msg.Success(c, "You have been logged out successfully.")
}
return l.Redirect(c, "home")
}

21
controllers/register.go
View file

@ -1,10 +1,9 @@
package controllers package controllers
import ( import (
"goweb/auth"
"goweb/msg" "goweb/msg"
"golang.org/x/crypto/bcrypt"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
@ -38,20 +37,18 @@ func (r *Register) Post(c echo.Context) error {
} }
// Parse the form values // Parse the form values
form := new(RegisterForm) if err := c.Bind(&r.form); err != nil {
if err := c.Bind(form); err != nil {
return fail("unable to parse form values", err) return fail("unable to parse form values", err)
} }
r.form = *form
// Validate the form // Validate the form
if err := c.Validate(form); err != nil { if err := c.Validate(r.form); err != nil {
msg.Danger(c, "All fields are required.") msg.Danger(c, "All fields are required.")
return r.Get(c) return r.Get(c)
} }
// Hash the password // Hash the password
pwHash, err := bcrypt.GenerateFromPassword([]byte(form.Password), bcrypt.DefaultCost) pwHash, err := auth.HashPassword(r.form.Password)
if err != nil { if err != nil {
return fail("unable to hash password", err) return fail("unable to hash password", err)
} }
@ -59,8 +56,8 @@ func (r *Register) Post(c echo.Context) error {
// Attempt creating the user // Attempt creating the user
u, err := r.Container.ORM.User. u, err := r.Container.ORM.User.
Create(). Create().
SetUsername(form.Username). SetUsername(r.form.Username).
SetPassword(string(pwHash)). SetPassword(pwHash).
Save(c.Request().Context()) Save(c.Request().Context())
if err != nil { if err != nil {
@ -68,6 +65,12 @@ func (r *Register) Post(c echo.Context) error {
} }
c.Logger().Infof("user created: %s", u.Username) c.Logger().Infof("user created: %s", u.Username)
err = auth.Login(c, u.ID)
if err != nil {
// TODO
}
msg.Info(c, "Your account has been created. You are now logged in.") msg.Info(c, "Your account has been created. You are now logged in.")
return r.Redirect(c, "home") return r.Redirect(c, "home")
} }

3
controllers/router.go
View file

@ -90,6 +90,9 @@ func userRoutes(g *echo.Group, ctr Controller) {
g.GET("/user/login", login.Get).Name = "login" g.GET("/user/login", login.Get).Name = "login"
g.POST("/user/login", login.Post).Name = "login.post" g.POST("/user/login", login.Post).Name = "login.post"
logout := Logout{Controller: ctr}
g.GET("/user/logout", logout.Get).Name = "logout"
register := Register{Controller: ctr} register := Register{Controller: ctr}
g.GET("/user/register", register.Get).Name = "register" g.GET("/user/register", register.Get).Name = "register"
g.POST("/user/register", register.Post).Name = "register.post" g.POST("/user/register", register.Post).Name = "register.post"