203 lines
6.0 KiB
Go
203 lines
6.0 KiB
Go
package routes
|
|
|
|
import (
|
|
"context"
|
|
"embed"
|
|
"fmt"
|
|
"html/template"
|
|
"log"
|
|
"math/rand"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"sunshine.industries/some-automoderation/rooms"
|
|
"sunshine.industries/some-automoderation/sessions"
|
|
)
|
|
|
|
// function to register all http routes for servicing auth pages and logic
|
|
func registerLoginRoutes(
|
|
templateFs *embed.FS,
|
|
sessionSM sessions.SessionManagement,
|
|
roomsM rooms.RoomManager,
|
|
) {
|
|
// login page
|
|
http.HandleFunc(loginPath, func(w http.ResponseWriter, r *http.Request) {
|
|
renderLoginPage(w)
|
|
})
|
|
http.HandleFunc("/login/join", joinRoomHandler(templateFs, sessionSM, roomsM))
|
|
http.HandleFunc("/login/create", createRoomHandler(templateFs, sessionSM, roomsM))
|
|
http.HandleFunc("/login/room-name-check", checkRoomName(templateFs, roomsM))
|
|
}
|
|
|
|
const authCookieName = "auth"
|
|
const loginPath = "/login"
|
|
type contextKey string
|
|
|
|
// checks sessionId from cookie
|
|
// when non-zero session found - pass to next http.Hander
|
|
// when no session available - render same as login page and redirect to /
|
|
func authedPageMiddleware(
|
|
sessionsM sessions.SessionManagement, next http.Handler,
|
|
) http.Handler {
|
|
returnNoAccess := func(w http.ResponseWriter, r *http.Request) {
|
|
log.Printf("auth middle > restricting access to %s", r.URL.Path)
|
|
w.Header().Add("HX-Replace-Url", loginPath)
|
|
renderLoginPage(w)
|
|
}
|
|
rerturnSuccess := func(w http.ResponseWriter, r *http.Request, session sessions.SessionData) {
|
|
ctx := context.WithValue(r.Context(), contextKey("session"), session)
|
|
log.Printf("auth middle > allowing access to %s for %+v", r.URL.Path, session)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
}
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
sessionCookie, err := r.Cookie(authCookieName)
|
|
if err != nil {
|
|
returnNoAccess(w, r)
|
|
return
|
|
}
|
|
// TODO log here, why i get 'error readin 0'
|
|
sessionId, err := strconv.Atoi(sessionCookie.Value)
|
|
if err != nil {
|
|
returnNoAccess(w, r)
|
|
return
|
|
}
|
|
session := sessionsM.Get(sessionId)
|
|
if session == (sessions.SessionData{}) {
|
|
returnNoAccess(w, r)
|
|
return
|
|
} else {
|
|
rerturnSuccess(w, r, session)
|
|
return
|
|
}
|
|
})
|
|
}
|
|
|
|
func renderLoginPage(w http.ResponseWriter) {
|
|
var templFile = "templates/login.gohtml"
|
|
tmpl := template.Must(template.ParseFS(templateFs, templFile))
|
|
err := tmpl.Execute(w, nil)
|
|
if err != nil {
|
|
log.Printf("my error in executing template, huh\n %s", err)
|
|
}
|
|
}
|
|
|
|
func createRoomHandler( templateFs *embed.FS,
|
|
sessionSM sessions.SessionManagement,
|
|
roomsM rooms.RoomManager,
|
|
) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
err := r.ParseForm()
|
|
if err != nil {
|
|
// TODO return error notice somehow
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
}
|
|
roomName := r.PostFormValue("roomName")
|
|
_, exists, _ := roomsM.Get(roomName)
|
|
if exists {
|
|
// TODO return anouther error notice
|
|
log.Printf("error, room name occupied %s", roomName)
|
|
return
|
|
}
|
|
person := rooms.Person{
|
|
PersonId: rand.Int(),
|
|
Name: r.PostFormValue("personalName"),
|
|
PasswordHash: r.PostFormValue("personalPassword"), // TODO hash the password, not to store
|
|
}
|
|
newRoom := rooms.Room{
|
|
Name: roomName,
|
|
PasswordHash: r.PostFormValue("roomPassword"), // TODO hash the password, not to store
|
|
AdminIds: []int{person.PersonId},
|
|
Paricipants: []rooms.Person{person},
|
|
}
|
|
err = roomsM.Save(newRoom)
|
|
if err != nil {
|
|
log.Printf("what am i to do? error saving room %s", err)
|
|
// todo return error notice somehow
|
|
}
|
|
newSessionId, err := sessionSM.Save(newRoom.Name, person.PersonId)
|
|
if err != nil {
|
|
log.Printf("what am i to do? error saving session %s", err)
|
|
// todo return error notice somehow
|
|
}
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: authCookieName,
|
|
Value: fmt.Sprint(newSessionId),
|
|
Secure: true,
|
|
HttpOnly: true,
|
|
Path: "/",
|
|
})
|
|
var templFile = "templates/index.gohtml"
|
|
tmpl := template.Must(template.ParseFS(templateFs, templFile))
|
|
w.Header().Add("HX-Retarget", "body")
|
|
w.Header().Add("HX-Push-Url", "/")
|
|
err = tmpl.Execute(w, nil)
|
|
if err != nil {
|
|
log.Printf("my error in executing template, huh\n %s", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// checking whether the room name already exists
|
|
// toggle button between Join or Create
|
|
func checkRoomName( templateFs *embed.FS,
|
|
roomsM rooms.RoomManager,
|
|
) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
err := r.ParseForm()
|
|
if err != nil {
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
}
|
|
roomName := r.PostFormValue("roomName")
|
|
_, isFound, err := roomsM.Get(roomName)
|
|
if err != nil {
|
|
log.Printf("/login/room-name-check error finding room %s\n", err)
|
|
}
|
|
var templFile = "templates/login.gohtml"
|
|
tmpl := template.Must(template.ParseFS(templateFs, templFile))
|
|
err = tmpl.ExecuteTemplate(w, "formButton", isFound)
|
|
}
|
|
}
|
|
|
|
func joinRoomHandler( templateFs *embed.FS,
|
|
sessionSM sessions.SessionManagement,
|
|
roomsM rooms.RoomManager,
|
|
) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
err := r.ParseForm()
|
|
if err != nil {
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
}
|
|
|
|
rn := r.PostFormValue("roomName")
|
|
rp := r.PostFormValue("roomPassword")
|
|
pn := r.PostFormValue("personalName")
|
|
pp := r.PostFormValue("personalPassword")
|
|
|
|
room, _, err := roomsM.Get(rn)
|
|
if err != nil {
|
|
log.Printf("/login/submit error getting room %s", rn)
|
|
// return i guess
|
|
} else {
|
|
log.Printf("/login/submit found room %+v", room)
|
|
}
|
|
|
|
roomId := "room-name-actually" // would be taken from rooms interface from redis
|
|
// would be either taken from room info on correct person pass or created
|
|
personId := 111
|
|
id, err := sessionSM.Save(roomId, personId)
|
|
if err != nil {
|
|
log.Printf("/login/submit > error saving session %s", err)
|
|
}
|
|
|
|
fmt.Fprintf(w, "is is %d. room things %s & %s, personal things %s and %s. \n found room %+v", id, rn, rp, pn, pp, room)
|
|
// i suppose here i'll need to
|
|
// a) check if room password OK
|
|
// b) get room data
|
|
// c) check if such person exists,
|
|
// either create one, or check password
|
|
// d) how should i monitor sessions? - space in redis
|
|
// so save session to redis and add cookie with sessionId
|
|
}
|
|
}
|
|
|