package routes import ( "context" "embed" "fmt" "html/template" "log" "math/rand" "net/http" "strconv" "sunshine.industries/some-automoderation/rooms" "sunshine.industries/some-automoderation/sessions" ) // function to register all http routes for servicing auth pages and logic func registerLoginRoutes( templateFs *embed.FS, sessionSM sessions.SessionManagement, roomsM rooms.RoomManager, ) { // login page http.HandleFunc(loginPath, func(w http.ResponseWriter, r *http.Request) { renderLoginPage(w) }) http.HandleFunc("/login/join", joinRoomHandler(templateFs, sessionSM, roomsM)) http.HandleFunc("/login/create", createRoomHandler(templateFs, sessionSM, roomsM)) http.HandleFunc("/login/room-name-check", checkRoomName(templateFs, roomsM)) } const authCookieName = "auth" const loginPath = "/login" type contextKey string // checks sessionId from cookie // when non-zero session found - pass to next http.Hander // when no session available - render same as login page and redirect to / func authedPageMiddleware( sessionsM sessions.SessionManagement, next http.Handler, ) http.Handler { returnNoAccess := func(w http.ResponseWriter, r *http.Request) { log.Printf("auth middle > restricting access to %s", r.URL.Path) w.Header().Add("HX-Replace-Url", loginPath) renderLoginPage(w) } rerturnSuccess := func(w http.ResponseWriter, r *http.Request, session sessions.SessionData) { ctx := context.WithValue(r.Context(), contextKey("session"), session) log.Printf("auth middle > allowing access to %s for %+v", r.URL.Path, session) next.ServeHTTP(w, r.WithContext(ctx)) } return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { sessionCookie, err := r.Cookie(authCookieName) if err != nil { returnNoAccess(w, r) return } // TODO log here, why i get 'error readin 0' sessionId, err := strconv.Atoi(sessionCookie.Value) if err != nil { returnNoAccess(w, r) return } session := sessionsM.Get(sessionId) if session == (sessions.SessionData{}) { returnNoAccess(w, r) return } else { rerturnSuccess(w, r, session) return } }) } func renderLoginPage(w http.ResponseWriter) { var templFile = "templates/login.gohtml" tmpl := template.Must(template.ParseFS(templateFs, templFile)) err := tmpl.Execute(w, nil) if err != nil { log.Printf("my error in executing template, huh\n %s", err) } } func createRoomHandler( templateFs *embed.FS, sessionSM sessions.SessionManagement, roomsM rooms.RoomManager, ) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { // TODO return error notice somehow w.WriteHeader(http.StatusBadRequest) } roomName := r.PostFormValue("roomName") _, exists, _ := roomsM.Get(roomName) if exists { // TODO return anouther error notice log.Printf("error, room name occupied %s", roomName) return } person := rooms.Person{ PersonId: rand.Int(), Name: r.PostFormValue("personalName"), PasswordHash: r.PostFormValue("personalPassword"), // TODO hash the password, not to store } newRoom := rooms.Room{ Name: roomName, PasswordHash: r.PostFormValue("roomPassword"), // TODO hash the password, not to store AdminIds: []int{person.PersonId}, Paricipants: []rooms.Person{person}, } err = roomsM.Save(newRoom) if err != nil { log.Printf("what am i to do? error saving room %s", err) // todo return error notice somehow } newSessionId, err := sessionSM.Save(newRoom.Name, person.PersonId) if err != nil { log.Printf("what am i to do? error saving session %s", err) // todo return error notice somehow } http.SetCookie(w, &http.Cookie{ Name: authCookieName, Value: fmt.Sprint(newSessionId), Secure: true, HttpOnly: true, Path: "/", }) var templFile = "templates/index.gohtml" tmpl := template.Must(template.ParseFS(templateFs, templFile)) w.Header().Add("HX-Retarget", "body") w.Header().Add("HX-Push-Url", "/") err = tmpl.Execute(w, nil) if err != nil { log.Printf("my error in executing template, huh\n %s", err) } } } // checking whether the room name already exists // toggle button between Join or Create func checkRoomName( templateFs *embed.FS, roomsM rooms.RoomManager, ) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { w.WriteHeader(http.StatusBadRequest) } roomName := r.PostFormValue("roomName") _, isFound, err := roomsM.Get(roomName) if err != nil { log.Printf("/login/room-name-check error finding room %s\n", err) } var templFile = "templates/login.gohtml" tmpl := template.Must(template.ParseFS(templateFs, templFile)) err = tmpl.ExecuteTemplate(w, "formButton", isFound) } } func joinRoomHandler( templateFs *embed.FS, sessionSM sessions.SessionManagement, roomsM rooms.RoomManager, ) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { w.WriteHeader(http.StatusBadRequest) } rn := r.PostFormValue("roomName") rp := r.PostFormValue("roomPassword") pn := r.PostFormValue("personalName") pp := r.PostFormValue("personalPassword") room, _, err := roomsM.Get(rn) if err != nil { log.Printf("/login/submit error getting room %s", rn) // return i guess } else { log.Printf("/login/submit found room %+v", room) } roomId := "room-name-actually" // would be taken from rooms interface from redis // would be either taken from room info on correct person pass or created personId := 111 id, err := sessionSM.Save(roomId, personId) if err != nil { log.Printf("/login/submit > error saving session %s", err) } fmt.Fprintf(w, "is is %d. room things %s & %s, personal things %s and %s. \n found room %+v", id, rn, rp, pn, pp, room) // i suppose here i'll need to // a) check if room password OK // b) get room data // c) check if such person exists, // either create one, or check password // d) how should i monitor sessions? - space in redis // so save session to redis and add cookie with sessionId } }