chore(auth): finalize test of new structure
This commit is contained in:
@@ -1,61 +1,88 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"me-fit/db"
|
||||
"me-fit/service"
|
||||
"me-fit/utils"
|
||||
"time"
|
||||
|
||||
"database/sql"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type AuthHandler struct {
|
||||
type HandlerAuth interface {
|
||||
handle(router *http.ServeMux)
|
||||
}
|
||||
|
||||
type HandlerAuthImpl struct {
|
||||
db *sql.DB
|
||||
service *service.AuthService
|
||||
service service.ServiceAuth
|
||||
}
|
||||
|
||||
func handleAuth(db *sql.DB, router *http.ServeMux) {
|
||||
a := AuthHandler{
|
||||
func NewHandlerAuth(db *sql.DB, service service.ServiceAuth) HandlerAuth {
|
||||
return HandlerAuthImpl{
|
||||
db: db,
|
||||
service: service.NewAuthService(db),
|
||||
service: service,
|
||||
}
|
||||
// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
|
||||
router.Handle("/auth/signin", service.HandleSignInPage(db))
|
||||
router.Handle("/auth/signup", service.HandleSignUpPage(db))
|
||||
router.Handle("/auth/verify", service.HandleSignUpVerifyPage(db)) // Hint for the user to verify their email
|
||||
router.Handle("/auth/delete-account", service.HandleDeleteAccountPage(db))
|
||||
router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(db)) // The link contained in the email
|
||||
router.Handle("/auth/change-password", service.HandleChangePasswordPage(db))
|
||||
router.Handle("/auth/reset-password", service.HandleResetPasswordPage(db))
|
||||
router.Handle("/api/auth/signup", service.HandleSignUpComp(db))
|
||||
router.Handle("/api/auth/signin", a.handleSignIn())
|
||||
router.Handle("/api/auth/signout", service.HandleSignOutComp(db))
|
||||
router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(db))
|
||||
router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(db))
|
||||
router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(db))
|
||||
router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(db))
|
||||
router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(db))
|
||||
}
|
||||
|
||||
func (a AuthHandler) handleSignIn() http.HandlerFunc {
|
||||
func (handler HandlerAuthImpl) handle(router *http.ServeMux) {
|
||||
// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
|
||||
router.Handle("/auth/signin", service.HandleSignInPage(handler.db))
|
||||
router.Handle("/auth/signup", service.HandleSignUpPage(handler.db))
|
||||
router.Handle("/auth/verify", service.HandleSignUpVerifyPage(handler.db)) // Hint for the user to verify their email
|
||||
router.Handle("/auth/delete-account", service.HandleDeleteAccountPage(handler.db))
|
||||
router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(handler.db)) // The link contained in the email
|
||||
router.Handle("/auth/change-password", service.HandleChangePasswordPage(handler.db))
|
||||
router.Handle("/auth/reset-password", service.HandleResetPasswordPage(handler.db))
|
||||
router.Handle("/api/auth/signup", service.HandleSignUpComp(handler.db))
|
||||
router.Handle("/api/auth/signin", handler.handleSignIn())
|
||||
router.Handle("/api/auth/signout", service.HandleSignOutComp(handler.db))
|
||||
router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(handler.db))
|
||||
router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(handler.db))
|
||||
router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(handler.db))
|
||||
router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(handler.db))
|
||||
router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(handler.db))
|
||||
}
|
||||
|
||||
var (
|
||||
securityWaitDuration = 250 * time.Millisecond
|
||||
)
|
||||
|
||||
func (handler HandlerAuthImpl) handleSignIn() http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
var email = r.FormValue("email")
|
||||
var password = r.FormValue("password")
|
||||
user, err := utils.WaitMinimumTime(securityWaitDuration, func() (*db.User, error) {
|
||||
var email = r.FormValue("email")
|
||||
var password = r.FormValue("password")
|
||||
|
||||
user := a.service.SignIn(email, password)
|
||||
|
||||
if user != nil {
|
||||
result := service.TryCreateSessionAndSetCookie(r, w, a.db, user.Id)
|
||||
if !result {
|
||||
return
|
||||
user, err := handler.service.SignIn(email, password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if !user.EmailVerified {
|
||||
utils.DoRedirect(w, r, "/auth/verify")
|
||||
err = service.TryCreateSessionAndSetCookie(r, w, handler.db, user.Id)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
if err == service.InvaidEmailOrPassword {
|
||||
utils.TriggerToast(w, r, "error", "Invalid email or password")
|
||||
http.Error(w, "Invalid email or password", http.StatusUnauthorized)
|
||||
} else {
|
||||
utils.DoRedirect(w, r, "/")
|
||||
utils.LogError("Error signing in", err)
|
||||
http.Error(w, "An error occurred", http.StatusInternalServerError)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if user.EmailVerified {
|
||||
utils.DoRedirect(w, r, "/")
|
||||
} else {
|
||||
http.Error(w, "Invalid email or password", http.StatusUnauthorized)
|
||||
utils.DoRedirect(w, r, "/auth/verify")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user