Noah
dd1e6c2918
* Initial codebase (lot of work!) * Uses vanilla Go net/http and implements by hand: session cookies backed by Redis; log in/out; CSRF protection; email verification flow; initial database models (User table)
67 lines
1.6 KiB
Go
67 lines
1.6 KiB
Go
package account
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"git.kirsle.net/apps/gosocial/pkg/log"
|
|
"git.kirsle.net/apps/gosocial/pkg/models"
|
|
"git.kirsle.net/apps/gosocial/pkg/session"
|
|
"git.kirsle.net/apps/gosocial/pkg/templates"
|
|
)
|
|
|
|
// Login controller.
|
|
func Login() http.HandlerFunc {
|
|
tmpl := templates.Must("account/login.html")
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// Posting?
|
|
if r.Method == http.MethodPost {
|
|
var (
|
|
// Collect form fields.
|
|
username = strings.ToLower(r.PostFormValue("username"))
|
|
password = r.PostFormValue("password")
|
|
)
|
|
|
|
// Look up their account.
|
|
user, err := models.FindUser(username)
|
|
if err != nil {
|
|
session.FlashError(w, r, "Incorrect username or password.")
|
|
templates.Redirect(w, r.URL.Path)
|
|
return
|
|
}
|
|
|
|
log.Warn("err: %+v user: %+v", err, user)
|
|
|
|
// Verify password.
|
|
if err := user.CheckPassword(password); err != nil {
|
|
session.FlashError(w, r, "Incorrect username or password.")
|
|
templates.Redirect(w, r.URL.Path)
|
|
return
|
|
}
|
|
|
|
// OK. Log in the user's session.
|
|
session.LoginUser(w, r, user)
|
|
|
|
// Redirect to their dashboard.
|
|
session.Flash(w, r, "Login successful.")
|
|
templates.Redirect(w, "/me")
|
|
return
|
|
}
|
|
|
|
if err := tmpl.Execute(w, r, nil); err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
})
|
|
}
|
|
|
|
// Logout controller.
|
|
func Logout() http.HandlerFunc {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
session.Flash(w, r, "You have been successfully logged out.")
|
|
session.LogoutUser(w, r)
|
|
templates.Redirect(w, "/")
|
|
})
|
|
}
|