gisle
/
wrouter
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Core functionality for new aiterp.net servers
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commits
1 Branch
0 Tags
488 KiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
wrouter/auth/handler.go

116 lines
2.5 KiB
Raw Permalink Normal View History

Second Commit
7 years ago
Added remaining tests on handler, added logout-flag on User
7 years ago
Second Commit
7 years ago
Added remaining tests on handler, added logout-flag on User
7 years ago
Second Commit
7 years ago
Fixed handler_test
7 years ago
Second Commit
7 years ago
Added remaining tests on handler, added logout-flag on User
7 years ago
Second Commit
7 years ago
Fixed handler_test
7 years ago
Second Commit
7 years ago
Fixed handler_test
7 years ago
Second Commit
7 years ago
  1. package auth
  3. import (
  4. "net/http"
  5. "strings"
  7. "git.aiterp.net/gisle/wrouter/response"
  8. )
  10. type handler struct {
  11. }
  13. func (h *handler) Handle(path string, w http.ResponseWriter, req *http.Request, user *User) bool {
  14. // Get the subpath out of the path
  15. subpath := req.URL.Path[len(path):]
  16. if subpath[0] == '/' {
  17. subpath = subpath[1:]
  18. }
  20. method := FindAuthenticator(req.Form.Get("method"))
  21. if method == nil {
  22. if user == nil {
  23. response.Text(w, 400, "Invalid method: "+req.Form.Get("method"))
  24. return true
  25. }
  27. method = user.method
  28. }
  30. switch strings.ToLower(subpath) {
  31. case "login":
  32. {
  33. if req.Method != "POST" {
  34. response.Text(w, 405, req.Method+" not allowed")
  35. return true
  36. }
  38. username := req.Form.Get("username")
  39. password := req.Form.Get("password")
  41. w.Header().Set("X-Auth-Method", method.Name())
  43. user, err := method.Login(username, password)
  44. if err == nil && user != nil {
  45. sess := OpenSession(user)
  46. http.SetCookie(w, &http.Cookie{Name: SessionCookieName, Value: sess.ID, Expires: sess.Time.Add(SessionMaxTime), Path: "/", HttpOnly: true})
  48. response.JSON(w, 200, sess)
  49. } else {
  50. response.Text(w, 401, "Login failed")
  51. }
  52. }
  53. case "register":
  54. {
  55. if req.Method != "POST" {
  56. response.Text(w, 405, req.Method+" not allowed")
  57. return true
  58. }
  60. data := make(map[string]string)
  61. for key, value := range req.Form {
  62. if key != "username" && key != "password" && key != "method" {
  63. data[key] = value[0]
  64. }
  65. }
  67. username := req.Form.Get("username")
  68. password := req.Form.Get("password")
  70. user, err := method.Register(username, password, data)
  71. if err == nil && user != nil {
  72. sess := OpenSession(user)
  73. http.SetCookie(w, &http.Cookie{Name: SessionCookieName, Value: sess.ID, Expires: sess.Time.Add(SessionMaxTime), Path: "/", HttpOnly: true})
  75. response.JSON(w, 200, sess)
  76. } else {
  77. response.Text(w, 401, err.Error())
  78. }
  79. }
  80. case "logout-all":
  81. {
  82. if req.Method != "POST" {
  83. response.Text(w, 405, req.Method+" not allowed")
  84. return true
  85. }
  87. if user != nil {
  88. ClearSessions(user)
  89. response.Empty(w)
  90. } else {
  91. response.Text(w, 401, "Not logged in")
  92. }
  93. }
  94. case "status":
  95. {
  96. if req.Method != "GET" {
  97. response.Text(w, 405, req.Method+" not allowed")
  98. return true
  99. }
  101. if user != nil {
  102. response.JSON(w, 200, user)
  103. } else {
  104. response.Text(w, 401, "Not logged in")
  105. }
  106. }
  107. default:
  108. {
  109. response.Text(w, 404, "Operation not found: "+subpath)
  110. }
  111. }
  113. return true
  114. }
  116. var Handler = &handler{}