fix middleware, add diagnostics to router
Iris Lightshard nilix@nilfm.cc
PGP Signature
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEkFh6dA+k/6CXFXU4O3+8IhROY5gFAmKEdjQACgkQO3+8IhRO Y5hUcA//dJfzwvHh7F4WnsGI7nFEFOaFnTnTI8UWi7c7k+RtMtjvbwnraex/5pef 8p/IUby0f1Z6izBXHgUlUh1K7ojflck9nirAh9ixiVtSs4S2oUWg5Tajf1gqZbTp +X1GWDaeym8QZGyzjQtUxxyM8wLDEPyoCihssh7i27rpI9OHoBGZU7dNiOg3ny/i X1laHuoyCzLbxYjtv2o/cjRNUu8N0qT4Qdm5L6TubLyDsvjncYD96fyPlTHsf9cx IDJ1OSOx3Rvi6zmNredZhSfQGvHlbGJHgr97TT4lTbY+GhP7Qm99rDwks22w2rLI gpe30mxvKTK+UjRwD5hW1ul+TPEmJkh0WbS1+IwkU0VxpOz6q7Y7IZ0GgzLMB0Ue +KA7AsN/2pPRc07q+Ecy/18JvNagVwaW+DFC160Fxa93/fzx3o9Q1ZrAlVwEqnp8 mdthC1j9MRfjDYqMcKBlNIjFMbhHkNtCbdge7Imoz8YWTHB6bx07cVplIqpkKOF5 O7cwvDV55SLRKIGE7fg77pGj9gF1zED2l4hrCbG9ij3Si+U98cWU3YRR39Gvv6Wn pTi83Mq8jRSyUJH4Wxnq/XXAvT/wenPW153lDxm+VLqyQfCd/DcTiltj86vpbMm+ aBGMn657u+47QQQcHR5mH53d+LLytfz591p/8SpiFkqrQxBF2bI= =k1kw -----END PGP SIGNATURE-----
9 files changed,
59 insertions(+),
8 deletions(-)
M
middleware/middleware.go
→
middleware/middleware.go
@@ -2,12 +2,13 @@ package middleware
import ( "context" + "fmt" "net/http" "nilfm.cc/git/quartzgun/auth" "nilfm.cc/git/quartzgun/cookie" ) -func Protected(next http.Handler, userStore auth.UserStore) http.Handler { +func Protected(next http.Handler, method string, userStore auth.UserStore) http.Handler { handlerFunc := func(w http.ResponseWriter, req *http.Request) { user, err := cookie.GetToken("user", req) if err == nil {@@ -15,13 +16,17 @@ session, err := cookie.GetToken("session", req)
if err == nil { login, err := userStore.ValidateUser(user, session) if err == nil && login { + fmt.Printf("authorized!\n") + fmt.Printf("user: %s, session: %s\n", user, session) + req.Method = method next.ServeHTTP(w, req) return } } } + fmt.Printf("unauthorized...\n") req.Method = http.MethodGet - http.Redirect(w, req, "/login", http.StatusTemporaryRedirect) + http.Redirect(w, req, "/login", http.StatusSeeOther) } return http.HandlerFunc(handlerFunc)@@ -37,15 +42,17 @@ w,
24*7*52) if err == nil { req.Method = http.MethodGet - http.Redirect(w, req, next, http.StatusOK) + fmt.Printf("logged in as %s\n", req.FormValue("user")) + http.Redirect(w, req, next, http.StatusSeeOther) } else { *req = *req.WithContext( context.WithValue( req.Context(), "message", "Incorrect credentials")) + fmt.Printf("login failed!\n") req.Method = http.MethodGet - http.Redirect(w, req, "/login", http.StatusTemporaryRedirect) + http.Redirect(w, req, "/login", http.StatusSeeOther) } }
M
quartzgun_test.go
→
quartzgun_test.go
@@ -6,6 +6,7 @@ "fmt"
"html/template" "net/http" "nilfm.cc/git/quartzgun/indentalUserDB" + "nilfm.cc/git/quartzgun/middleware" "nilfm.cc/git/quartzgun/renderer" "nilfm.cc/git/quartzgun/router" "testing"@@ -43,7 +44,14 @@ },
Fallback: *template.Must(template.ParseFiles("testData/templates/error.html", "testData/templates/footer.html")), } - rtr.Get("/", AddContent(renderer.Template("testData/templates/test.html"))) + rtr.Get("/login", renderer.Template( + "testData/templates/login.html")) + + rtr.Post("/login", middleware.Authorize("/", udb)) + + rtr.Get("/", middleware.Protected( + renderer.Template( + "testData/templates/test.html"), http.MethodGet, udb)) rtr.Get("/json", ApiSomething(renderer.JSON("apiData")))
M
router/router.go
→
router/router.go
@@ -3,6 +3,7 @@
import ( "context" "errors" + "fmt" "html/template" "log" "net/http"@@ -100,6 +101,7 @@ return
} } + fmt.Printf("%s: %s\n", req.Method, req.URL.Path) /* Otherwise, this is a normal route */ for _, r := range self.routes {
A
testData/templates/cms_list.html
@@ -0,0 +1,3 @@
+{{template "header"}} +<h1>It works!</h1> +{{template "footer"}}
M
testData/templates/error.html
→
testData/templates/error.html
@@ -6,7 +6,6 @@ <head>
<meta charset='utf-8'> <meta name='viewport' content='width=device-width,initial-scale=1'> - <link rel='stylesheet' type='text/css' href='/style.css'> <link rel='shortcut icon' href='/favicon.ico'> <title>test — error</title> </head>
A
testData/templates/header.html
@@ -0,0 +1,11 @@
+{{define "header"}} +<!DOCTYPE html> +<html lang='en'> + <head> + <meta charset='utf-8'> + <meta name='description' content='Nirvash CMS'/> + <meta name='viewport' content='width=device-width,initial-scale=1'> + <title>Nirvash — Test</title> + </head> + <body> +{{end}}
A
testData/templates/login.html
@@ -0,0 +1,21 @@
+{{ $errorMsg := (.Context).Value "message" }} + +<!DOCTYPE html> +<html lang='en'> + <head> + <meta charset='utf-8'> + <meta name='description' content='Nirvash CMS'/> + <meta name='viewport' content='width=device-width,initial-scale=1'> + <title>Nirvash — Login</title> + </head> + <body> + {{ if $errorMsg }} + <div class="error">{{ $errorMsg }}</div> + {{ end }} + <form action='/login' method='post'> + <input type="text" name="user" placeholder="user"> + <input type="password" name="password" placeholder="password"> + <input type="submit" value="Login"> + </form> + </body> +</html>