cpolis/cmd/frontend/sessions.go

package frontend

import (
	"fmt"
	"html/template"
	"log"
	"net/http"

	b "streifling.com/jason/cpolis/cmd/backend"
)

func saveSession(w http.ResponseWriter, r *http.Request, s *b.CookieStore, u *b.User) error {
	session, err := s.Get(r, "cookie")
	if err != nil {
		return fmt.Errorf("error getting session: %v", err)
	}

	session.Values["authenticated"] = true
	session.Values["id"] = u.ID
	session.Values["name"] = u.FirstName + u.LastName
	session.Values["role"] = u.Role
	if err := session.Save(r, w); err != nil {
		return fmt.Errorf("error saving session: %v", err)
	}

	return nil
}

// getSession is used for verifying that the user is logged in and returns their session and an error.
func getSession(w http.ResponseWriter, r *http.Request, c *b.Config, s *b.CookieStore) (*b.Session, error) {
	msg := "Keine gültige Session. Bitte erneut anmelden."
	tmpl, tmplErr := template.ParseFiles(c.WebDir+"/templates/index.html", c.WebDir+"/templates/login.html")

	tmpSession, err := s.Get(r, "cookie")
	if err != nil {
		if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {
			return nil, fmt.Errorf("error executing template: %v", err)
		}
		return nil, fmt.Errorf("error getting session: %v", err)
	}

	session := &b.Session{Session: *tmpSession}
	if session.IsNew {
		if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {
			return nil, fmt.Errorf("error executing template: %v", err)
		}
	}

	return session, nil
}

func HomePage(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		numRows, err := db.CountEntries("users")
		if err != nil {
			log.Fatalln(err)
		}

		files := make([]string, 2)
		files[0] = c.WebDir + "/templates/index.html"
		if numRows == 0 {
			files[1] = c.WebDir + "/templates/first-user.html"
			tmpl, err := template.ParseFiles(files...)
			if err = template.Must(tmpl, err).Execute(w, nil); err != nil {
				log.Println(err)
				http.Error(w, err.Error(), http.StatusInternalServerError)
				return
			}
		} else {
			session, err := s.Get(r, "cookie")
			if err != nil {
				log.Println(err)
				http.Error(w, err.Error(), http.StatusInternalServerError)
				return
			}
			if auth, ok := session.Values["authenticated"].(bool); auth && ok {
				files[1] = c.WebDir + "/templates/hub.html"
				tmpl, err := template.ParseFiles(files...)
				if err = template.Must(tmpl, err).Execute(w, session.Values["role"]); err != nil {
					log.Println(err)
					http.Error(w, err.Error(), http.StatusInternalServerError)
					return
				}
			} else {
				files[1] = c.WebDir + "/templates/login.html"
				tmpl, err := template.ParseFiles(files...)
				if err = template.Must(tmpl, err).Execute(w, nil); err != nil {
					log.Println(err)
					http.Error(w, err.Error(), http.StatusInternalServerError)
					return
				}
			}
		}
	}
}

func Login(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		userName := r.PostFormValue("username")
		password := r.PostFormValue("password")

		id := db.GetID(userName)
		if id == 0 {
			http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusBadRequest)
			return
		}

		if err := db.CheckPassword(id, password); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		user, err := db.GetUser(c, id)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		if err := saveSession(w, r, s, user); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	}
}

func Logout(c *b.Config, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		session.Options.MaxAge = -1
		if err = session.Save(r, w); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")
		if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	}
}

func ShowHub(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		session, err := getSession(w, r, c, s)
		if err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		session.Values["article"] = nil
		if err = session.Save(r, w); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}

		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
		if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int)); err != nil {
			log.Println(err)
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	}
}
Change structure of code tor frontend and backend one 2024-07-13 13:58:36 +02:00			`package frontend`
Initial sessions implementation 2024-03-03 09:16:49 +01:00
			`import (`
Added partial support for tags 2024-03-03 13:56:49 +01:00			`"fmt"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`"html/template"`
			`"log"`
			`"net/http"`

Shorten lines by referencing frontend as f and backend as b 2024-07-13 14:09:11 +02:00			`b "streifling.com/jason/cpolis/cmd/backend"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`)`

Shorten lines by referencing frontend as f and backend as b 2024-07-13 14:09:11 +02:00			`func saveSession(w http.ResponseWriter, r http.Request, s b.CookieStore, u *b.User) error {`
Added partial support for tags 2024-03-03 13:56:49 +01:00			`session, err := s.Get(r, "cookie")`
			`if err != nil {`
			`return fmt.Errorf("error getting session: %v", err)`
			`}`

			`session.Values["authenticated"] = true`
			`session.Values["id"] = u.ID`
			`session.Values["name"] = u.FirstName + u.LastName`
			`session.Values["role"] = u.Role`
			`if err := session.Save(r, w); err != nil {`
			`return fmt.Errorf("error saving session: %v", err)`
			`}`

			`return nil`
			`}`

Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`// getSession is used for verifying that the user is logged in and returns their session and an error.`
Abstract sessions.Session with b.session 2024-09-28 13:44:25 +02:00			`func getSession(w http.ResponseWriter, r http.Request, c b.Config, s b.CookieStore) (b.Session, error) {`
Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`msg := "Keine gültige Session. Bitte erneut anmelden."`
			`tmpl, tmplErr := template.ParseFiles(c.WebDir+"/templates/index.html", c.WebDir+"/templates/login.html")`

Abstract sessions.Session with b.session 2024-09-28 13:44:25 +02:00			`tmpSession, err := s.Get(r, "cookie")`
Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`if err != nil {`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {`
			`return nil, fmt.Errorf("error executing template: %v", err)`
			`}`
			`return nil, fmt.Errorf("error getting session: %v", err)`
Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`}`

Abstract sessions.Session with b.session 2024-09-28 13:44:25 +02:00			`session := &b.Session{Session: *tmpSession}`
Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`if session.IsNew {`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, tmplErr).ExecuteTemplate(w, "page-content", msg); err != nil {`
			`return nil, fmt.Errorf("error executing template: %v", err)`
			`}`
Moved getSession to frontend/sessions.go 2024-09-28 13:22:53 +02:00			`}`

			`return session, nil`
			`}`

Shorten lines by referencing frontend as f and backend as b 2024-07-13 14:09:11 +02:00			`func HomePage(c b.Config, db b.DB, s *b.CookieStore) http.HandlerFunc {`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`return func(w http.ResponseWriter, r *http.Request) {`
Split up db.go into multiple files 2024-03-09 11:06:03 +01:00			`numRows, err := db.CountEntries("users")`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`if err != nil {`
			`log.Fatalln(err)`
			`}`

Directly create the files []string in the correct size for HomePage 2024-10-04 10:11:43 +02:00			`files := make([]string, 2)`
			`files[0] = c.WebDir + "/templates/index.html"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`if numRows == 0 {`
Directly create the files []string in the correct size for HomePage 2024-10-04 10:11:43 +02:00			`files[1] = c.WebDir + "/templates/first-user.html"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`tmpl, err := template.ParseFiles(files...)`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).Execute(w, nil); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`} else {`
Fixed login bug 2024-10-04 11:51:24 +02:00			`session, err := s.Get(r, "cookie")`
Correctly handle errors from getSession 2024-10-04 10:35:32 +02:00			`if err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`if auth, ok := session.Values["authenticated"].(bool); auth && ok {`
Directly create the files []string in the correct size for HomePage 2024-10-04 10:11:43 +02:00			`files[1] = c.WebDir + "/templates/hub.html"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`tmpl, err := template.ParseFiles(files...)`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).Execute(w, session.Values["role"]); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`} else {`
Directly create the files []string in the correct size for HomePage 2024-10-04 10:11:43 +02:00			`files[1] = c.WebDir + "/templates/login.html"`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`tmpl, err := template.ParseFiles(files...)`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).Execute(w, nil); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`}`
			`}`
			`}`
			`}`

Shorten lines by referencing frontend as f and backend as b 2024-07-13 14:09:11 +02:00			`func Login(c b.Config, db b.DB, s *b.CookieStore) http.HandlerFunc {`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`return func(w http.ResponseWriter, r *http.Request) {`
			`userName := r.PostFormValue("username")`
			`password := r.PostFormValue("password")`

Show error messages in UI if something goes wrong 2024-10-04 16:06:33 +02:00			`id := db.GetID(userName)`
			`if id == 0 {`
Instead of having entire articles in the RSS feed, items now contain just a link 2024-08-30 21:20:29 +02:00			`http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusBadRequest)`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`return`
			`}`

			`if err := db.CheckPassword(id, password); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

Encrypt sensitive user data with aes256 2024-10-27 13:29:46 +01:00			`user, err := db.GetUser(c, id)`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`if err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

Added partial support for tags 2024-03-03 13:56:49 +01:00			`if err := saveSession(w, r, s, user); err != nil {`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

Added ability to upload media and parse cli arguments 2024-03-29 09:07:17 +01:00			`tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Initial sessions implementation 2024-03-03 09:16:49 +01:00			`}`
			`}`
Added logout 2024-03-12 20:27:39 +01:00
Shorten lines by referencing frontend as f and backend as b 2024-07-13 14:09:11 +02:00			`func Logout(c b.Config, s b.CookieStore) http.HandlerFunc {`
Added logout 2024-03-12 20:27:39 +01:00			`return func(w http.ResponseWriter, r *http.Request) {`
Created package "calls" and verification for frontend and calls 2024-08-18 11:20:06 +02:00			`session, err := getSession(w, r, c, s)`
Added logout 2024-03-12 20:27:39 +01:00			`if err != nil {`
Correctly handle errors from getSession 2024-10-04 10:35:32 +02:00			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
Created package "calls" and verification for frontend and calls 2024-08-18 11:20:06 +02:00			`return`
Added logout 2024-03-12 20:27:39 +01:00			`}`

			`session.Options.MaxAge = -1`
			`if err = session.Save(r, w); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

Added ability to upload media and parse cli arguments 2024-03-29 09:07:17 +01:00			`tmpl, err := template.ParseFiles(c.WebDir + "/templates/login.html")`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Added logout 2024-03-12 20:27:39 +01:00			`}`
			`}`
Relocated ShowHub from articles.go to sessions.go because it has even less to do with articles than with sessions 2024-08-18 11:46:23 +02:00
			`func ShowHub(c b.Config, db b.DB, s *b.CookieStore) http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`session, err := getSession(w, r, c, s)`
			`if err != nil {`
Correctly handle errors from getSession 2024-10-04 10:35:32 +02:00			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
Relocated ShowHub from articles.go to sessions.go because it has even less to do with articles than with sessions 2024-08-18 11:46:23 +02:00			`return`
			`}`

			`session.Values["article"] = nil`
			`if err = session.Save(r, w); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`

			`tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")`
Check for errors when executing templates 2024-10-04 10:21:56 +02:00			`if err = template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int)); err != nil {`
			`log.Println(err)`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Relocated ShowHub from articles.go to sessions.go because it has even less to do with articles than with sessions 2024-08-18 11:46:23 +02:00			`}`
			`}`