wakapi/routes/home.go

package routes

import (
	"fmt"
	"github.com/gorilla/schema"
	conf "github.com/muety/wakapi/config"
	"github.com/muety/wakapi/middlewares"
	"github.com/muety/wakapi/models"
	"github.com/muety/wakapi/models/view"
	"github.com/muety/wakapi/services"
	"github.com/muety/wakapi/utils"
	"net/http"
	"net/url"
	"time"
)

type HomeHandler struct {
	config   *conf.Config
	userSrvc *services.UserService
}

var loginDecoder = schema.NewDecoder()
var signupDecoder = schema.NewDecoder()

func NewHomeHandler(userService *services.UserService) *HomeHandler {
	return &HomeHandler{
		config:   conf.Get(),
		userSrvc: userService,
	}
}

func (h *HomeHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
		return
	}

	templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r))
}

func (h *HomeHandler) PostLogin(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
		return
	}

	var login models.Login
	if err := r.ParseForm(); err != nil {
		w.WriteHeader(http.StatusBadRequest)
		templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))
		return
	}
	if err := loginDecoder.Decode(&login, r.PostForm); err != nil {
		w.WriteHeader(http.StatusBadRequest)
		templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))
		return
	}

	user, err := h.userSrvc.GetUserById(login.Username)
	if err != nil {
		w.WriteHeader(http.StatusNotFound)
		templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("resource not found"))
		return
	}

	// TODO: depending on middleware package here is a hack
	if !middlewares.CheckAndMigratePassword(user, &login, h.config.Security.PasswordSalt, h.userSrvc) {
		w.WriteHeader(http.StatusUnauthorized)
		templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("invalid credentials"))
		return
	}

	encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("internal server error"))
		return
	}

	user.LastLoggedInAt = models.CustomTime(time.Now())
	h.userSrvc.Update(user)

	cookie := &http.Cookie{
		Name:     models.AuthCookieKey,
		Value:    encoded,
		Path:     "/",
		Secure:   !h.config.Security.InsecureCookies,
		HttpOnly: true,
	}
	http.SetCookie(w, cookie)
	http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
}

func (h *HomeHandler) PostLogout(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	utils.ClearCookie(w, models.AuthCookieKey, !h.config.Security.InsecureCookies)
	http.Redirect(w, r, fmt.Sprintf("%s/", h.config.Server.BasePath), http.StatusFound)
}

func (h *HomeHandler) GetSignup(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
		return
	}

	templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r))
}

func (h *HomeHandler) PostSignup(w http.ResponseWriter, r *http.Request) {
	if h.config.IsDev() {
		loadTemplates()
	}

	if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
		http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
		return
	}

	var signup models.Signup
	if err := r.ParseForm(); err != nil {
		w.WriteHeader(http.StatusBadRequest)
		templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))
		return
	}
	if err := signupDecoder.Decode(&signup, r.PostForm); err != nil {
		w.WriteHeader(http.StatusBadRequest)
		templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))
		return
	}

	if !signup.IsValid() {
		w.WriteHeader(http.StatusBadRequest)
		templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("invalid parameters"))
		return
	}

	_, created, err := h.userSrvc.CreateOrGet(&signup)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
		templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("failed to create new user"))
		return
	}
	if !created {
		w.WriteHeader(http.StatusConflict)
		templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("user already existing"))
		return
	}

	msg := url.QueryEscape("account created successfully")
	http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
}

func (h *HomeHandler) buildViewModel(r *http.Request) *view.HomeViewModel {
	return &view.HomeViewModel{
		Success: r.URL.Query().Get("success"),
		Error:   r.URL.Query().Get("error"),
	}
}
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`package routes`

			`import (`
feat: user signup 2020-05-24 17:34:32 +03:00			`"fmt"`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`"github.com/gorilla/schema"`
chore: minor code enhancements 2020-10-09 22:37:16 +03:00			`conf "github.com/muety/wakapi/config"`
feat: add auto-migrations for old md5 password to maintain backwards compatibility 2020-05-25 23:24:29 +03:00			`"github.com/muety/wakapi/middlewares"`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`"github.com/muety/wakapi/models"`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`"github.com/muety/wakapi/models/view"`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`"github.com/muety/wakapi/services"`
			`"github.com/muety/wakapi/utils"`
			`"net/http"`
feat: user signup 2020-05-24 17:34:32 +03:00			`"net/url"`
feat: persist user creation date (resolve #31) 2020-05-30 23:19:05 +03:00			`"time"`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`)`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`type HomeHandler struct {`
			`config *conf.Config`
			`userSrvc *services.UserService`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`}`

			`var loginDecoder = schema.NewDecoder()`
feat: user signup 2020-05-24 17:34:32 +03:00			`var signupDecoder = schema.NewDecoder()`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00
refactor: alert handling 2020-11-06 23:19:54 +03:00			`func NewHomeHandler(userService services.UserService) HomeHandler {`
			`return &HomeHandler{`
			`config: conf.Get(),`
			`userSrvc: userService,`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`}`
			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`func (h HomeHandler) GetIndex(w http.ResponseWriter, r http.Request) {`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`func (h HomeHandler) PostLogin(w http.ResponseWriter, r http.Request) {`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

feat: user signup 2020-05-24 17:34:32 +03:00			`if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`var login models.Login`
			`if err := r.ParseForm(); err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`
			`if err := loginDecoder.Decode(&login, r.PostForm); err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`

			`user, err := h.userSrvc.GetUserById(login.Username)`
			`if err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusNotFound)`
			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("resource not found"))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`

feat: add auto-migrations for old md5 password to maintain backwards compatibility 2020-05-25 23:24:29 +03:00			`// TODO: depending on middleware package here is a hack`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`if !middlewares.CheckAndMigratePassword(user, &login, h.config.Security.PasswordSalt, h.userSrvc) {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusUnauthorized)`
			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("invalid credentials"))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`

refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`if err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusInternalServerError)`
			`templates[conf.IndexTemplate].Execute(w, h.buildViewModel(r).WithError("internal server error"))`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`return`
			`}`

feat: persist user creation date (resolve #31) 2020-05-30 23:19:05 +03:00			`user.LastLoggedInAt = models.CustomTime(time.Now())`
			`h.userSrvc.Update(user)`

refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`cookie := &http.Cookie{`
			`Name: models.AuthCookieKey,`
			`Value: encoded,`
			`Path: "/",`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`Secure: !h.config.Security.InsecureCookies,`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`HttpOnly: true,`
			`}`
			`http.SetCookie(w, cookie)`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`func (h HomeHandler) PostLogout(w http.ResponseWriter, r http.Request) {`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`utils.ClearCookie(w, models.AuthCookieKey, !h.config.Security.InsecureCookies)`
			`http.Redirect(w, r, fmt.Sprintf("%s/", h.config.Server.BasePath), http.StatusFound)`
refactor: use cookie-based login feat: add login page 2020-05-24 14:41:19 +03:00			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`func (h HomeHandler) GetSignup(w http.ResponseWriter, r http.Request) {`
feat: user signup 2020-05-24 17:34:32 +03:00			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r))`
feat: user signup 2020-05-24 17:34:32 +03:00			`}`

refactor: alert handling 2020-11-06 23:19:54 +03:00			`func (h HomeHandler) PostSignup(w http.ResponseWriter, r http.Request) {`
feat: user signup 2020-05-24 17:34:32 +03:00			`if h.config.IsDev() {`
			`loadTemplates()`
			`}`

			`if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

			`var signup models.Signup`
			`if err := r.ParseForm(); err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`
			`if err := signupDecoder.Decode(&signup, r.PostForm); err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("missing parameters"))`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

feat: add basic sign up instructions 2020-05-24 22:42:15 +03:00			`if !signup.IsValid() {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusBadRequest)`
			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("invalid parameters"))`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

			`_, created, err := h.userSrvc.CreateOrGet(&signup)`
			`if err != nil {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusInternalServerError)`
			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("failed to create new user"))`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`
			`if !created {`
refactor: alert handling 2020-11-06 23:19:54 +03:00			`w.WriteHeader(http.StatusConflict)`
			`templates[conf.SignupTemplate].Execute(w, h.buildViewModel(r).WithError("user already existing"))`
feat: user signup 2020-05-24 17:34:32 +03:00			`return`
			`}`

			`msg := url.QueryEscape("account created successfully")`
refactor: migrate to new config (resolve #54) 2020-10-04 11:37:38 +03:00			`http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.Server.BasePath, msg), http.StatusFound)`
feat: user signup 2020-05-24 17:34:32 +03:00			`}`
refactor: alert handling 2020-11-06 23:19:54 +03:00
			`func (h HomeHandler) buildViewModel(r http.Request) *view.HomeViewModel {`
			`return &view.HomeViewModel{`
			`Success: r.URL.Query().Get("success"),`
			`Error: r.URL.Query().Get("error"),`
			`}`
			`}`