witty/web/auth.go

107 lines
2.1 KiB
Go
Raw Normal View History

2022-01-29 03:25:15 +01:00
package web
import (
"net/http"
"strings"
"github.com/gin-gonic/contrib/sessions"
"github.com/gin-gonic/gin"
"github.com/gorilla/csrf"
"github.com/syssecfsu/witty/cmd"
)
const (
userKey = "authorized_user"
nameKey = "last_login"
loginKey = "login_msg"
)
func leftLoginMsg(c *gin.Context, msg string) {
session := sessions.Default(c)
session.Set(loginKey, msg)
session.Save()
}
func login(c *gin.Context) {
session := sessions.Default(c)
username := c.PostForm("username")
passwd := c.PostForm("passwd")
// Validate form input
if strings.Trim(username, " ") == "" || strings.Trim(passwd, " ") == "" {
leftLoginMsg(c, "User name or password cannot be empty")
c.Redirect(http.StatusSeeOther, "/login")
return
}
// Check for username and password match, usually from a database
if !cmd.ValidateUser([]byte(username), []byte(passwd)) {
leftLoginMsg(c, "Username/password does not match")
c.Redirect(http.StatusSeeOther, "/login")
return
}
// Save the username in the session
session.Set(userKey, username)
session.Set(nameKey, username)
if err := session.Save(); err != nil {
leftLoginMsg(c, "Failed to save session data")
c.Redirect(http.StatusSeeOther, "/login")
return
}
c.Redirect(http.StatusSeeOther, "/")
}
func logout(c *gin.Context) {
session := sessions.Default(c)
user := session.Get(userKey)
if user != nil {
session.Delete(userKey)
session.Save()
}
leftLoginMsg(c, "Welcome to WiTTY")
c.Redirect(http.StatusFound, "/login")
}
// AuthRequired is a simple middleware to check the session
func AuthRequired(c *gin.Context) {
session := sessions.Default(c)
user := session.Get(userKey)
if user == nil {
leftLoginMsg(c, "Not authorized, login first")
c.Redirect(http.StatusTemporaryRedirect, "/login")
c.Abort()
return
}
c.Next()
}
func loginPage(c *gin.Context) {
session := sessions.Default(c)
msg := session.Get(loginKey)
if msg == nil {
msg = "Login first"
}
username := session.Get(nameKey)
if username == nil {
username = ""
}
c.HTML(http.StatusOK, "login.html",
gin.H{
"msg": msg,
"username": username,
"csrfField": csrf.TemplateField(c.Request),
},
)
}