Tim Wundenberg
f83a404206
All checks were successful
Build Docker Image / Explore-Gitea-Actions (push) Successful in 46s
229 lines
6.5 KiB
Go
229 lines
6.5 KiB
Go
package handler
|
|
|
|
import (
|
|
"me-fit/service"
|
|
"me-fit/template"
|
|
"me-fit/template/auth"
|
|
"me-fit/types"
|
|
"me-fit/utils"
|
|
|
|
"database/sql"
|
|
"net/http"
|
|
)
|
|
|
|
func authUi(db *sql.DB) http.Handler {
|
|
router := http.NewServeMux()
|
|
|
|
router.Handle("/auth/signin", handleSignInPage(db))
|
|
router.Handle("/auth/signup", handleSignUpPage(db))
|
|
router.Handle("/auth/verify", handleSignUpVerifyPage(db)) // Hint for the user to verify their email
|
|
router.Handle("/auth/delete-account", handleDeleteAccountPage(db))
|
|
router.Handle("/auth/verify-email", handleSignUpVerifyResponsePage(db)) // The link contained in the email
|
|
router.Handle("/auth/change-password", handleChangePasswordPage(db))
|
|
router.Handle("/auth/reset-password", handleResetPasswordPage(db))
|
|
router.Handle("/", handleNotFound(db))
|
|
|
|
return router
|
|
}
|
|
|
|
func authApi(db *sql.DB) http.Handler {
|
|
router := http.NewServeMux()
|
|
|
|
router.Handle("/api/auth/signup", handleSignUp(db))
|
|
router.Handle("/api/auth/signin", handleSignIn(db))
|
|
router.Handle("/api/auth/signout", service.HandleSignOutComp(db))
|
|
router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(db))
|
|
router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(db))
|
|
router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(db))
|
|
router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(db))
|
|
router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(db))
|
|
|
|
return router
|
|
}
|
|
|
|
func handleSignInPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := service.GetUserFromRequest(db, r)
|
|
|
|
if user == nil {
|
|
userComp := service.UserInfoComp(nil)
|
|
signIn := auth.SignInOrUpComp(true)
|
|
err := template.Layout(signIn, userComp).Render(r.Context(), w)
|
|
|
|
if err != nil {
|
|
utils.LogError("Failed to render sign in page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
|
|
} else if !user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleSignUpPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := service.GetUserFromRequest(db, r)
|
|
|
|
if user == nil {
|
|
userComp := service.UserInfoComp(nil)
|
|
signUpComp := auth.SignInOrUpComp(false)
|
|
err := template.Layout(signUpComp, userComp).Render(r.Context(), w)
|
|
|
|
if err != nil {
|
|
utils.LogError("Failed to render sign up page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
|
|
} else if !user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleSignUpVerifyPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := service.GetUserFromRequest(db, r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
} else if user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/")
|
|
} else {
|
|
userComp := service.UserInfoComp(user)
|
|
signIn := auth.VerifyComp()
|
|
err := template.Layout(signIn, userComp).Render(r.Context(), w)
|
|
if err != nil {
|
|
utils.LogError("Failed to render verify page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleDeleteAccountPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
// An unverified email should be able to delete their account
|
|
user := service.GetUserFromRequest(db, r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
} else {
|
|
userComp := service.UserInfoComp(user)
|
|
comp := auth.DeleteAccountComp()
|
|
err := template.Layout(comp, userComp).Render(r.Context(), w)
|
|
if err != nil {
|
|
utils.LogError("Failed to render delete account page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleSignUpVerifyResponsePage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
token := r.URL.Query().Get("token")
|
|
if token == "" {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
return
|
|
}
|
|
|
|
err := service.ValidateEmail(db, token)
|
|
if err != nil {
|
|
utils.LogError("Could not validate email", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
|
|
func handleChangePasswordPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
isPasswordReset := r.URL.Query().Has("token")
|
|
|
|
user := service.GetUserFromRequest(db, r)
|
|
if user == nil && !isPasswordReset {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
} else {
|
|
userComp := service.UserInfoComp(user)
|
|
comp := auth.ChangePasswordComp(isPasswordReset)
|
|
err := template.Layout(comp, userComp).Render(r.Context(), w)
|
|
if err != nil {
|
|
utils.LogError("Failed to render change password page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleResetPasswordPage(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user := service.GetUserFromRequest(db, r)
|
|
if user != nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
} else {
|
|
userComp := service.UserInfoComp(nil)
|
|
comp := auth.ResetPasswordComp()
|
|
err := template.Layout(comp, userComp).Render(r.Context(), w)
|
|
if err != nil {
|
|
utils.LogError("Failed to render change password page", err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func handleSignUp(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
var email = r.FormValue("email")
|
|
var password = r.FormValue("password")
|
|
|
|
sessionId, err := service.SignUp(db, email, password)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
http.SetCookie(w, createSessionCookie(*sessionId))
|
|
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
}
|
|
}
|
|
|
|
func createSessionCookie(sessionId types.SessionId) *http.Cookie {
|
|
cookie := http.Cookie{
|
|
Name: "id",
|
|
Value: string(sessionId),
|
|
MaxAge: 60 * 60 * 8, // 8 hours
|
|
Secure: true,
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteStrictMode,
|
|
Path: "/",
|
|
}
|
|
|
|
return &cookie
|
|
}
|
|
|
|
func handleSignIn(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
var email = r.FormValue("email")
|
|
var password = r.FormValue("password")
|
|
|
|
sessionId, err := service.SignIn(db, email, password)
|
|
if err != nil {
|
|
utils.TriggerToast(w, r, "error", "Invalid username or password")
|
|
}
|
|
|
|
http.SetCookie(w, createSessionCookie(*sessionId))
|
|
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
}
|
|
}
|