gisle
/
wrouter
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Core functionality for new aiterp.net servers
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
488 KiB
Tree: d754bfb686
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd754bfb686'
${ noResults }
wrouter/auth/handler.go

108 lines
2.3 KiB
Raw Normal View History

Second Commit
7 years ago
  1. package auth
  3. import (
  4. "net/http"
  5. "strings"
  7. "git.aiterp.net/gisle/wrouter/response"
  8. )
  10. type handler struct {
  11. }
  13. func (h *handler) Handle(path string, w http.ResponseWriter, req *http.Request, user *User) bool {
  14. // Get the subpath out of the path
  15. subpath := req.URL.Path[len(path):]
  16. if subpath[0] == '/' {
  17. subpath = subpath[1:]
  18. }
  20. method := FindAuthenticator(req.Form.Get("method"))
  22. switch strings.ToLower(subpath) {
  23. case "login":
  24. {
  25. if req.Method != "POST" {
  26. response.Text(w, 405, req.Method+" not allowed")
  27. return true
  28. }
  30. username := req.Form.Get("username")
  31. password := req.Form.Get("password")
  33. w.Header().Set("X-Auth-Method", method.Name())
  35. user, err := method.Login(username, password)
  36. if err != nil && user != nil {
  37. sess := OpenSession(user)
  38. http.SetCookie(w, &http.Cookie{Name: SessionCookieName, Value: sess.ID, Expires: sess.Time.Add(SessionMaxTime)})
  40. response.JSON(w, 200, sess)
  41. } else {
  42. response.Text(w, 401, "Login failed")
  43. }
  44. }
  45. case "register":
  46. {
  47. if req.Method != "POST" {
  48. response.Text(w, 405, req.Method+" not allowed")
  49. return true
  50. }
  52. data := make(map[string]string)
  53. for key, value := range req.Form {
  54. if key != "username" && key != "password" && key != "method" {
  55. data[key] = value[0]
  56. }
  57. }
  59. username := req.Form.Get("username")
  60. password := req.Form.Get("password")
  62. user, err := method.Register(username, password, data)
  63. if err != nil && user != nil {
  64. sess := OpenSession(user)
  65. http.SetCookie(w, &http.Cookie{Name: SessionCookieName, Value: sess.ID, Expires: sess.Time.Add(SessionMaxTime)})
  67. response.JSON(w, 200, sess)
  68. } else {
  69. response.Text(w, 401, "Register failed")
  70. }
  71. }
  72. case "logout-all":
  73. {
  74. if req.Method != "POST" {
  75. response.Text(w, 405, req.Method+" not allowed")
  76. return true
  77. }
  79. if user != nil {
  80. ClearSessions(user)
  81. response.Empty(w)
  82. } else {
  83. response.Text(w, 401, "Not logged in")
  84. }
  85. }
  86. case "status":
  87. {
  88. if req.Method != "GET" {
  89. response.Text(w, 405, req.Method+" not allowed")
  90. return true
  91. }
  93. if user != nil {
  94. response.JSON(w, 200, user)
  95. } else {
  96. response.Text(w, 401, "Not logged in")
  97. }
  98. }
  99. default:
  100. {
  101. response.Text(w, 404, "Operation not found: "+subpath)
  102. }
  103. }
  105. return true
  106. }
  108. var Handler = &handler{}