This commit is contained in:
@@ -1,14 +1,17 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"log/slog"
|
||||
"me-fit/service"
|
||||
|
||||
"database/sql"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handleAuth(db *sql.DB, router *http.ServeMux) {
|
||||
// Don't use auth middleware for these routes, as it makes redirecting very difficult, if the mail is not yet verified
|
||||
func authUi(db *sql.DB) http.Handler {
|
||||
|
||||
router := http.NewServeMux()
|
||||
|
||||
router.Handle("/auth/signin", service.HandleSignInPage(db))
|
||||
router.Handle("/auth/signup", service.HandleSignUpPage(db))
|
||||
router.Handle("/auth/verify", service.HandleSignUpVerifyPage(db)) // Hint for the user to verify their email
|
||||
@@ -16,6 +19,19 @@ func handleAuth(db *sql.DB, router *http.ServeMux) {
|
||||
router.Handle("/auth/verify-email", service.HandleSignUpVerifyResponsePage(db)) // The link contained in the email
|
||||
router.Handle("/auth/change-password", service.HandleChangePasswordPage(db))
|
||||
router.Handle("/auth/reset-password", service.HandleResetPasswordPage(db))
|
||||
router.Handle("/", service.HandleIndexAnd404(db))
|
||||
|
||||
// return router
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
slog.Warn(r.URL.Path)
|
||||
router.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
||||
func authApi(db *sql.DB) http.Handler {
|
||||
|
||||
router := http.NewServeMux()
|
||||
|
||||
router.Handle("/api/auth/signup", service.HandleSignUpComp(db))
|
||||
router.Handle("/api/auth/signin", service.HandleSignInComp(db))
|
||||
router.Handle("/api/auth/signout", service.HandleSignOutComp(db))
|
||||
@@ -24,4 +40,6 @@ func handleAuth(db *sql.DB, router *http.ServeMux) {
|
||||
router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(db))
|
||||
router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(db))
|
||||
router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(db))
|
||||
|
||||
return router
|
||||
}
|
||||
|
||||
@@ -16,11 +16,16 @@ func GetHandler(db *sql.DB) http.Handler {
|
||||
// Serve static files (CSS, JS and images)
|
||||
router.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("./static/"))))
|
||||
|
||||
handleWorkout(db, router)
|
||||
router.Handle("/auth/", authUi(db))
|
||||
router.Handle("/api/auth/", authApi(db))
|
||||
|
||||
handleAuth(db, router)
|
||||
router.Handle("/workout", auth(db, workoutUi(db)))
|
||||
router.Handle("/api/workout", auth(db, workoutApi(db)))
|
||||
router.Handle("/api/workout/", auth(db, workoutApi(db)))
|
||||
|
||||
return middleware.Logging(middleware.EnableCors(router))
|
||||
return middleware.Logging(
|
||||
middleware.EnableCors(
|
||||
router))
|
||||
}
|
||||
|
||||
func auth(db *sql.DB, h http.Handler) http.Handler {
|
||||
|
||||
@@ -1,15 +1,34 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"log/slog"
|
||||
"me-fit/service"
|
||||
|
||||
"database/sql"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func handleWorkout(db *sql.DB, router *http.ServeMux) {
|
||||
router.Handle("/workout", auth(db, service.HandleWorkoutPage(db)))
|
||||
router.Handle("POST /api/workout", auth(db, service.HandleWorkoutNewComp(db)))
|
||||
router.Handle("GET /api/workout", auth(db, service.HandleWorkoutGetComp(db)))
|
||||
router.Handle("DELETE /api/workout/{id}", auth(db, service.HandleWorkoutDeleteComp(db)))
|
||||
func workoutUi(db *sql.DB) http.Handler {
|
||||
|
||||
router := http.NewServeMux()
|
||||
|
||||
router.Handle("/workout", service.HandleWorkoutPage(db))
|
||||
router.Handle("/", service.HandleIndexAnd404(db))
|
||||
|
||||
return router
|
||||
}
|
||||
|
||||
func workoutApi(db *sql.DB) http.Handler {
|
||||
router := http.NewServeMux()
|
||||
|
||||
// root = "/api/workout/"
|
||||
router.Handle("POST /api/workout", service.HandleWorkoutNewComp(db))
|
||||
router.Handle("GET /api/workout", service.HandleWorkoutGetComp(db))
|
||||
router.Handle("DELETE /api/workout/{id}", service.HandleWorkoutDeleteComp(db))
|
||||
|
||||
// return router
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
slog.Warn(r.URL.Path)
|
||||
router.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
||||
@@ -585,6 +585,7 @@ func HandleResetPasswordComp(db *sql.DB) http.HandlerFunc {
|
||||
utils.TriggerToast(w, r, "info", "If the email exists, an email has been sent")
|
||||
}
|
||||
}
|
||||
|
||||
func sendVerificationEmail(db *sql.DB, userId string, email string) {
|
||||
|
||||
var token string
|
||||
|
||||
40
service/auth_test.go
Normal file
40
service/auth_test.go
Normal file
@@ -0,0 +1,40 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestValidPasswords(t *testing.T) {
|
||||
passwords := []string{
|
||||
"aB!'2d2y", //normal
|
||||
"v-#:j`fQurudEEUk#xA)uzI-B+'eZW3`F*5Eaf+{YID#PWuD.TbyH'f<MC)Ck$!]K[K6~dIN&R'mRaKO,qpDpP'*A!/}73=ilK_COqM/Q%!(hyS8V75e2@J2k223T`tv", // 128 characters
|
||||
`aB!"'2d2y`, // include " in password
|
||||
}
|
||||
|
||||
for _, password := range passwords {
|
||||
|
||||
err := checkPassword(password)
|
||||
if err != nil {
|
||||
t.Errorf("Expected nil, got error")
|
||||
}
|
||||
}
|
||||
}
|
||||
func TestInvalidPasswords(t *testing.T) {
|
||||
passwords := []string{
|
||||
"aB!'2d2", // too short
|
||||
"", // empty
|
||||
"ab123SSa", // no special character
|
||||
"passwor1!", // no uppercase
|
||||
"PASSWOR1!", // no lowercase
|
||||
"Password!", // no number
|
||||
"Password1", // no special character
|
||||
}
|
||||
|
||||
for _, password := range passwords {
|
||||
|
||||
err := checkPassword(password)
|
||||
if err == nil {
|
||||
t.Errorf("Expected error, got nil")
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user