x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

fix: more refactoring #181

Browse Source
This commit is contained in:
Tim Wundenberg
2024-10-12 21:57:39 +02:00
parent 9fd9f9649e
commit 38d530a3c9
13 changed files with 779 additions and 561 deletions
Download Patch File Download Diff File Expand all files Collapse all files

228
handler/auth.go
View File

@@ -35,14 +35,14 @@ func (handler HandlerAuthImpl) handle(router *http.ServeMux) {
// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
router.Handle("/auth/signin", handler.handleSignInPage())
router.Handle("/auth/signup", handler.handleSignUpPage())
router.Handle("/auth/verify", service.HandleSignUpVerifyPage(handler.db, handler.serverSettings)) // Hint for the user to verify their email
router.Handle("/auth/delete-account", service.HandleDeleteAccountPage(handler.db, handler.serverSettings))
router.Handle("/auth/verify", handler.handleSignUpVerifyPage()) // Hint for the user to verify their email
router.Handle("/auth/delete-account", handler.handleDeleteAccountPage())
router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(handler.db)) // The link contained in the email
router.Handle("/auth/change-password", service.HandleChangePasswordPage(handler.db, handler.serverSettings))
router.Handle("/auth/reset-password", service.HandleResetPasswordPage(handler.db, handler.serverSettings))
router.Handle("/auth/change-password", handler.handleChangePasswordPage())
router.Handle("/auth/reset-password", handler.handleResetPasswordPage())
router.Handle("/api/auth/signup", handler.handleSignUp())
router.Handle("/api/auth/signin", handler.handleSignIn())
router.Handle("/api/auth/signout", service.HandleSignOutComp(handler.db))
router.Handle("/api/auth/signout", handler.handleSignOut())
router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(handler.db, handler.serverSettings))
router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(handler.db, handler.serverSettings))
router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(handler.db))
@@ -56,9 +56,8 @@ var (
func (handler HandlerAuthImpl) handleSignInPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user := utils.GetUserFromSession(handler.db, r)
if user == nil {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
userComp := service.UserInfoComp(nil)
signIn := auth.SignInOrUpComp(true)
err := template.Layout(signIn, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
@@ -67,31 +66,40 @@ func (handler HandlerAuthImpl) handleSignInPage() http.HandlerFunc {
utils.LogError("Failed to render sign in page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
} else if !user.EmailVerified {
if !user.EmailVerified {
utils.DoRedirect(w, r, "/auth/verify")
} else {
utils.DoRedirect(w, r, "/")
}
}
}
func (handler HandlerAuthImpl) handleSignIn() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := utils.WaitMinimumTime(securityWaitDuration, func() (*service.User, error) {
var email = r.FormValue("email")
var password = r.FormValue("password")
user, err := handler.service.SignIn(email, password)
session, err := handler.service.SignIn(email, password)
if err != nil {
return nil, err
}
err = service.TryCreateSessionAndSetCookie(r, w, handler.db, user.Id)
if err != nil {
return nil, err
cookie := http.Cookie{
Name: "id",
Value: session.Id,
MaxAge: 60 * 60 * 8, // 8 hours
Secure: true,
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
Path: "/",
}
return user, nil
http.SetCookie(w, &cookie)
return session.User, nil
})
if err != nil {
@@ -115,9 +123,8 @@ func (handler HandlerAuthImpl) handleSignIn() http.HandlerFunc {
func (handler HandlerAuthImpl) handleSignUpPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user := utils.GetUserFromSession(handler.db, r)
if user == nil {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
userComp := service.UserInfoComp(nil)
signUpComp := auth.SignInOrUpComp(false)
err := template.Layout(signUpComp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
@@ -126,14 +133,16 @@ func (handler HandlerAuthImpl) handleSignUpPage() http.HandlerFunc {
utils.LogError("Failed to render sign up page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
} else if !user.EmailVerified {
if !user.EmailVerified {
utils.DoRedirect(w, r, "/auth/verify")
} else {
utils.DoRedirect(w, r, "/")
}
}
}
func (handler HandlerAuthImpl) handleSignUp() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
var email = r.FormValue("email")
@@ -163,3 +172,186 @@ func (handler HandlerAuthImpl) handleSignUp() http.HandlerFunc {
utils.TriggerToast(w, r, "success", "A link to activate your account has been emailed to the address provided.")
}
}
func (handler HandlerAuthImpl) handleSignOut() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
err := handler.service.SignOut(utils.GetSessionID(r))
if err != nil {
utils.TriggerToast(w, r, "error", "Internal Server Error")
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
c := http.Cookie{
Name: "id",
Value: "",
MaxAge: -1,
Secure: true,
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
Path: "/",
}
http.SetCookie(w, &c)
utils.DoRedirect(w, r, "/")
}
}
func (handler HandlerAuthImpl) handleSignUpVerifyPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
}
if user.EmailVerified {
utils.DoRedirect(w, r, "/")
} else {
userComp := service.UserInfoComp(user)
signIn := auth.VerifyComp()
err := template.Layout(signIn, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
if err != nil {
utils.LogError("Failed to render verify page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
}
}
func (handler HandlerAuthImpl) handleDeleteAccountPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// An unverified email should be able to delete their account
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
}
userComp := service.UserInfoComp(user)
comp := auth.DeleteAccountComp()
err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
if err != nil {
utils.LogError("Failed to render delete account page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
}
func (handler HandlerAuthImpl) handleChangePasswordPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
isPasswordReset := r.URL.Query().Has("token")
user, _ := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if user == nil && !isPasswordReset {
utils.DoRedirect(w, r, "/auth/signin")
} else {
userComp := service.UserInfoComp(user)
comp := auth.ChangePasswordComp(isPasswordReset)
err := template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
if err != nil {
utils.LogError("Failed to render change password page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
}
}
func (handler HandlerAuthImpl) handleResetPasswordPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
}
userComp := service.UserInfoComp(user)
comp := auth.ResetPasswordComp()
err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
if err != nil {
utils.LogError("Failed to render change password page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
}
func (handler HandlerAuthImpl) HandleResetPasswordPage() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
return
}
userComp := service.UserInfoComp(user)
comp := auth.ResetPasswordComp()
err = template.Layout(comp, userComp, handler.serverSettings.Environment).Render(r.Context(), w)
if err != nil {
utils.LogError("Failed to render change password page", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
}
}
}
func (handler HandlerAuthImpl) HandleDeleteAccountComp() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
return
}
password := r.FormValue("password")
_, err = handler.service.SignIn(user.Email, password)
if err != nil {
utils.TriggerToast(w, r, "error", "Password not correct")
return
}
err = handler.service.DeleteAccount(user)
if err != nil {
utils.TriggerToast(w, r, "error", "Internal Server Error")
return
}
utils.DoRedirect(w, r, "/")
}
}
func (handler HandlerAuthImpl) HandleVerifyResendComp() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
return
}
go handler.service.SendVerificationMail(user.Id, user.Email)
w.Write([]byte("<p class=\"mt-8\">Verification email sent</p>"))
}
}
func (handler HandlerAuthImpl) HandleChangePasswordComp() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
user, err := handler.service.GetUserFromSessionId(utils.GetSessionID(r))
if err != nil {
utils.DoRedirect(w, r, "/auth/signin")
return
}
currPass := r.FormValue("current-password")
newPass := r.FormValue("new-password")
err = handler.service.ChangePassword(user, currPass, newPass)
if err != nil {
utils.TriggerToast(w, r, "error", "Password not correct")
return
}
utils.TriggerToast(w, r, "success", "Password changed")
}
}