2020-05-24 14:41:19 +03:00
|
|
|
package routes
|
|
|
|
|
|
|
|
import (
|
2020-05-24 17:34:32 +03:00
|
|
|
"fmt"
|
2020-05-24 14:41:19 +03:00
|
|
|
"github.com/gorilla/schema"
|
2020-10-09 22:37:16 +03:00
|
|
|
conf "github.com/muety/wakapi/config"
|
2020-05-25 23:24:29 +03:00
|
|
|
"github.com/muety/wakapi/middlewares"
|
2020-05-24 14:41:19 +03:00
|
|
|
"github.com/muety/wakapi/models"
|
|
|
|
"github.com/muety/wakapi/services"
|
|
|
|
"github.com/muety/wakapi/utils"
|
|
|
|
"net/http"
|
2020-05-24 17:34:32 +03:00
|
|
|
"net/url"
|
2020-05-30 23:19:05 +03:00
|
|
|
"time"
|
2020-05-24 14:41:19 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
type IndexHandler struct {
|
2020-10-09 22:37:16 +03:00
|
|
|
config *conf.Config
|
2020-05-30 21:41:27 +03:00
|
|
|
userSrvc *services.UserService
|
|
|
|
keyValueSrvc *services.KeyValueService
|
2020-05-24 14:41:19 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
var loginDecoder = schema.NewDecoder()
|
2020-05-24 17:34:32 +03:00
|
|
|
var signupDecoder = schema.NewDecoder()
|
2020-05-24 14:41:19 +03:00
|
|
|
|
2020-05-30 21:41:27 +03:00
|
|
|
func NewIndexHandler(userService *services.UserService, keyValueService *services.KeyValueService) *IndexHandler {
|
2020-05-24 14:41:19 +03:00
|
|
|
return &IndexHandler{
|
2020-10-09 22:37:16 +03:00
|
|
|
config: conf.Get(),
|
2020-05-30 21:41:27 +03:00
|
|
|
userSrvc: userService,
|
|
|
|
keyValueSrvc: keyValueService,
|
2020-05-24 14:41:19 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
|
2020-05-24 14:41:19 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:34:32 +03:00
|
|
|
if handleAlerts(w, r, "") {
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-09 22:37:16 +03:00
|
|
|
templates[conf.IndexTemplate].Execute(w, nil)
|
2020-05-24 14:41:19 +03:00
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) GetImprint(w http.ResponseWriter, r *http.Request) {
|
2020-05-30 21:41:27 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
text := "failed to load content"
|
|
|
|
if data, err := h.keyValueSrvc.GetString(models.ImprintKey); err == nil {
|
|
|
|
text = data.Value
|
|
|
|
}
|
|
|
|
|
2020-10-09 22:37:16 +03:00
|
|
|
templates[conf.ImprintTemplate].Execute(w, &struct {
|
2020-05-30 21:41:27 +03:00
|
|
|
HtmlText string
|
|
|
|
}{HtmlText: text})
|
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) PostLogin(w http.ResponseWriter, r *http.Request) {
|
2020-05-24 14:41:19 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:34:32 +03:00
|
|
|
if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-24 14:41:19 +03:00
|
|
|
var login models.Login
|
|
|
|
if err := r.ParseForm(); err != nil {
|
2020-05-24 17:34:32 +03:00
|
|
|
respondAlert(w, "missing parameters", "", "", http.StatusBadRequest)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
if err := loginDecoder.Decode(&login, r.PostForm); err != nil {
|
2020-05-24 17:34:32 +03:00
|
|
|
respondAlert(w, "missing parameters", "", "", http.StatusBadRequest)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user, err := h.userSrvc.GetUserById(login.Username)
|
|
|
|
if err != nil {
|
2020-05-24 17:34:32 +03:00
|
|
|
respondAlert(w, "resource not found", "", "", http.StatusNotFound)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-25 23:24:29 +03:00
|
|
|
// TODO: depending on middleware package here is a hack
|
2020-10-04 11:37:38 +03:00
|
|
|
if !middlewares.CheckAndMigratePassword(user, &login, h.config.Security.PasswordSalt, h.userSrvc) {
|
2020-05-24 17:34:32 +03:00
|
|
|
respondAlert(w, "invalid credentials", "", "", http.StatusUnauthorized)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-04 11:37:38 +03:00
|
|
|
encoded, err := h.config.Security.SecureCookie.Encode(models.AuthCookieKey, login)
|
2020-05-24 14:41:19 +03:00
|
|
|
if err != nil {
|
2020-05-24 17:34:32 +03:00
|
|
|
respondAlert(w, "internal server error", "", "", http.StatusInternalServerError)
|
2020-05-24 14:41:19 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-30 23:19:05 +03:00
|
|
|
user.LastLoggedInAt = models.CustomTime(time.Now())
|
|
|
|
h.userSrvc.Update(user)
|
|
|
|
|
2020-05-24 14:41:19 +03:00
|
|
|
cookie := &http.Cookie{
|
|
|
|
Name: models.AuthCookieKey,
|
|
|
|
Value: encoded,
|
|
|
|
Path: "/",
|
2020-10-04 11:37:38 +03:00
|
|
|
Secure: !h.config.Security.InsecureCookies,
|
2020-05-24 14:41:19 +03:00
|
|
|
HttpOnly: true,
|
|
|
|
}
|
|
|
|
http.SetCookie(w, cookie)
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 14:41:19 +03:00
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) PostLogout(w http.ResponseWriter, r *http.Request) {
|
2020-05-24 14:41:19 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
2020-10-04 11:37:38 +03:00
|
|
|
utils.ClearCookie(w, models.AuthCookieKey, !h.config.Security.InsecureCookies)
|
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 14:41:19 +03:00
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) GetSignup(w http.ResponseWriter, r *http.Request) {
|
2020-05-24 17:34:32 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-09 22:37:16 +03:00
|
|
|
if handleAlerts(w, r, conf.SignupTemplate) {
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-10-09 22:37:16 +03:00
|
|
|
templates[conf.SignupTemplate].Execute(w, nil)
|
2020-05-24 17:34:32 +03:00
|
|
|
}
|
|
|
|
|
2020-06-07 20:28:32 +03:00
|
|
|
func (h *IndexHandler) PostSignup(w http.ResponseWriter, r *http.Request) {
|
2020-05-24 17:34:32 +03:00
|
|
|
if h.config.IsDev() {
|
|
|
|
loadTemplates()
|
|
|
|
}
|
|
|
|
|
|
|
|
if cookie, err := r.Cookie(models.AuthCookieKey); err == nil && cookie.Value != "" {
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var signup models.Signup
|
|
|
|
if err := r.ParseForm(); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "missing parameters", "", conf.SignupTemplate, http.StatusBadRequest)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
if err := signupDecoder.Decode(&signup, r.PostForm); err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "missing parameters", "", conf.SignupTemplate, http.StatusBadRequest)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-24 22:42:15 +03:00
|
|
|
if !signup.IsValid() {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "invalid parameters", "", conf.SignupTemplate, http.StatusBadRequest)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
_, created, err := h.userSrvc.CreateOrGet(&signup)
|
|
|
|
if err != nil {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "failed to create new user", "", conf.SignupTemplate, http.StatusInternalServerError)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
if !created {
|
2020-10-09 22:37:16 +03:00
|
|
|
respondAlert(w, "user already existing", "", conf.SignupTemplate, http.StatusConflict)
|
2020-05-24 17:34:32 +03:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
msg := url.QueryEscape("account created successfully")
|
2020-10-04 11:37:38 +03:00
|
|
|
http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.Server.BasePath, msg), http.StatusFound)
|
2020-05-24 17:34:32 +03:00
|
|
|
}
|