Merge pull request 'develop' (#1) from goffee/core:develop into develop

Reviewed-on: #1

context.go

@@ -102,6 +102,15 @@ func (c *Context) GetHeader(key string) string {
 	return c.Request.httpRequest.Header.Get(key)
 }
 
+func (c *Context) GetCookie() (UserCookie, error) {
+
+	user, err := GetCookie(c.Request.httpRequest)
+	if err != nil {
+		return user, err
+	}
+	return user, nil
+}
+
 func (c *Context) GetUploadedFile(name string) *UploadedFileInfo {
 	file, fileHeader, err := c.Request.httpRequest.FormFile(name)
 	if err != nil {

cookies.go

@@ -0,0 +1,238 @@
+// Copyright (c) 2024 Zeni Kim <zenik@smarteching.com>
+// Use of this source code is governed by MIT-style
+// license that can be found in the LICENSE file.
+
+package core
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+
+	"bytes"
+	"crypto/rand"
+	"encoding/base64"
+	"encoding/gob"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+)
+
+var (
+	ErrValueTooLong = errors.New("cookie value too long")
+	ErrInvalidValue = errors.New("invalid cookie value")
+)
+
+// Declare the User type.
+type UserCookie struct {
+	Email string
+	Token string
+}
+
+var secretcookie []byte
+
+func GetCookie(r *http.Request) (UserCookie, error) {
+
+	var err error
+	// Create a new instance of a User type.
+	var user UserCookie
+
+	secretcookie, err = hex.DecodeString("13d6b4dff8f84a10851021ec8608f814570d562c92fe6b5ec4c9f595bcb3234b")
+	if err != nil {
+		return user, err
+	}
+
+	gobEncodedValue, err := CookieReadEncrypted(r, "goffee", secretcookie)
+	if err != nil {
+		return user, err
+	}
+
+	// Create an strings.Reader containing the gob-encoded value.
+	reader := strings.NewReader(gobEncodedValue)
+
+	// Decode it into the User type. Notice that we need to pass a *pointer* to
+	// the Decode() target here?
+	if err := gob.NewDecoder(reader).Decode(&user); err != nil {
+		return user, err
+	}
+
+	return user, nil
+
+}
+
+func SetCookie(w http.ResponseWriter, email string, token string) error {
+	// Initialize a User struct containing the data that we want to store in the
+	// cookie.
+	var err error
+
+	secretcookie, err = hex.DecodeString("13d6b4dff8f84a10851021ec8608f814570d562c92fe6b5ec4c9f595bcb3234b")
+	if err != nil {
+		return err
+	}
+
+	user := UserCookie{Email: email, Token: token}
+
+	// Initialize a buffer to hold the gob-encoded data.
+	var buf bytes.Buffer
+
+	// Gob-encode the user data, storing the encoded output in the buffer.
+	err = gob.NewEncoder(&buf).Encode(&user)
+	if err != nil {
+		return err
+	}
+
+	// Call buf.String() to get the gob-encoded value as a string and set it as
+	// the cookie value.
+	cookie := http.Cookie{
+		Name:     "goffee",
+		Value:    buf.String(),
+		Path:     "/",
+		MaxAge:   3600,
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteLaxMode,
+	}
+
+	// Write an encrypted cookie containing the gob-encoded data as normal.
+	err = CookieWriteEncrypted(w, cookie, secretcookie)
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("Cookie set %v\n", email)
+
+	return nil
+}
+
+func CookieWrite(w http.ResponseWriter, cookie http.Cookie) error {
+	// Encode the cookie value using base64.
+	cookie.Value = base64.URLEncoding.EncodeToString([]byte(cookie.Value))
+
+	// Check the total length of the cookie contents. Return the ErrValueTooLong
+	// error if it's more than 4096 bytes.
+	if len(cookie.String()) > 4096 {
+		return ErrValueTooLong
+	}
+
+	// Write the cookie as normal.
+	http.SetCookie(w, &cookie)
+
+	return nil
+}
+
+func CookieRead(r *http.Request, name string) (string, error) {
+	// Read the cookie as normal.
+	cookie, err := r.Cookie(name)
+	if err != nil {
+		return "", err
+	}
+
+	// Decode the base64-encoded cookie value. If the cookie didn't contain a
+	// valid base64-encoded value, this operation will fail and we return an
+	// ErrInvalidValue error.
+	value, err := base64.URLEncoding.DecodeString(cookie.Value)
+	if err != nil {
+		return "", ErrInvalidValue
+	}
+
+	// Return the decoded cookie value.
+	return string(value), nil
+}
+
+func CookieWriteEncrypted(w http.ResponseWriter, cookie http.Cookie, secretKey []byte) error {
+	// Create a new AES cipher block from the secret key.
+	block, err := aes.NewCipher(secretKey)
+	if err != nil {
+		return err
+	}
+
+	// Wrap the cipher block in Galois Counter Mode.
+	aesGCM, err := cipher.NewGCM(block)
+	if err != nil {
+		return err
+	}
+
+	// Create a unique nonce containing 12 random bytes.
+	nonce := make([]byte, aesGCM.NonceSize())
+	_, err = io.ReadFull(rand.Reader, nonce)
+	if err != nil {
+		return err
+	}
+
+	// Prepare the plaintext input for encryption. Because we want to
+	// authenticate the cookie name as well as the value, we make this plaintext
+	// in the format "{cookie name}:{cookie value}". We use the : character as a
+	// separator because it is an invalid character for cookie names and
+	// therefore shouldn't appear in them.
+	plaintext := fmt.Sprintf("%s:%s", cookie.Name, cookie.Value)
+
+	// Encrypt the data using aesGCM.Seal(). By passing the nonce as the first
+	// parameter, the encrypted data will be appended to the nonce — meaning
+	// that the returned encryptedValue variable will be in the format
+	// "{nonce}{encrypted plaintext data}".
+	encryptedValue := aesGCM.Seal(nonce, nonce, []byte(plaintext), nil)
+
+	// Set the cookie value to the encryptedValue.
+	cookie.Value = string(encryptedValue)
+
+	// Write the cookie as normal.
+	return CookieWrite(w, cookie)
+}
+
+func CookieReadEncrypted(r *http.Request, name string, secretKey []byte) (string, error) {
+	// Read the encrypted value from the cookie as normal.
+	encryptedValue, err := CookieRead(r, name)
+	if err != nil {
+		return "", err
+	}
+
+	// Create a new AES cipher block from the secret key.
+	block, err := aes.NewCipher(secretKey)
+	if err != nil {
+		return "", err
+	}
+
+	// Wrap the cipher block in Galois Counter Mode.
+	aesGCM, err := cipher.NewGCM(block)
+	if err != nil {
+		return "", err
+	}
+
+	// Get the nonce size.
+	nonceSize := aesGCM.NonceSize()
+
+	// To avoid a potential 'index out of range' panic in the next step, we
+	// check that the length of the encrypted value is at least the nonce
+	// size.
+	if len(encryptedValue) < nonceSize {
+		return "", ErrInvalidValue
+	}
+
+	// Split apart the nonce from the actual encrypted data.
+	nonce := encryptedValue[:nonceSize]
+	ciphertext := encryptedValue[nonceSize:]
+
+	// Use aesGCM.Open() to decrypt and authenticate the data. If this fails,
+	// return a ErrInvalidValue error.
+	plaintext, err := aesGCM.Open(nil, []byte(nonce), []byte(ciphertext), nil)
+	if err != nil {
+		return "", ErrInvalidValue
+	}
+
+	// The plaintext value is in the format "{cookie name}:{cookie value}". We
+	// use strings.Cut() to split it on the first ":" character.
+	expectedName, value, ok := strings.Cut(string(plaintext), ":")
+	if !ok {
+		return "", ErrInvalidValue
+	}
+
+	// Check that the cookie name is the expected one and hasn't been changed.
+	if expectedName != name {
+		return "", ErrInvalidValue
+	}
+
+	// Return the plaintext cookie value.
+	return value, nil
+}

core.go

@@ -98,9 +98,7 @@ func (app *App) Run(router *httprouter.Router) {
 	TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)
 	// if enabled,
 	if TemplateEnable {
-		// add public path
+		router.ServeFiles("/public/*filepath", http.Dir("storage/public"))
-		publicPath := os.Getenv("TEMPLATE_PUBLIC")
-		router.ServeFiles("/public/*filepath", http.Dir(publicPath))
 	}
 
 	useHttpsStr := os.Getenv("App_USE_HTTPS")
@@ -183,6 +181,7 @@ func (app *App) RegisterRoutes(routes []Route, router *httprouter.Router) *httpr
 
 func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Handle {
 	return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+
 		ctx := &Context{
 			Request: &Request{
 				httpRequest:    r,
@@ -206,11 +205,13 @@ func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Ha
 			GetEventsManager: resolveEventsManager(),
 			GetLogger:        resolveLogger(),
 		}
+
 		ctx.prepare(ctx)
 		rhs := app.combHandlers(h, ms)
 		app.prepareChain(rhs)
 		app.t = 0
 		app.chain.execute(ctx)
+
 		for _, header := range ctx.Response.headers {
 			w.Header().Add(header.key, header.val)
 		}
@@ -223,6 +224,7 @@ func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Ha
 		} else {
 			ct = CONTENT_TYPE_HTML
 		}
+
 		w.Header().Add(CONTENT_TYPE, ct)
 		if ctx.Response.statusCode != 0 {
 			w.WriteHeader(ctx.Response.statusCode)

template/components/form_button.go

@@ -1,6 +1,6 @@
 package components
 
-type Button struct {
+type FormButton struct {
 	Text       string
 	Link       string
 	Icon       string

template/components/form_button.html

@@ -1,7 +1,6 @@
-{{define "button"}}
+{{define "form_button"}}
-    <button class="button-container">
+    <button class="btn btn-{{if .IsPrimary}}primary{{end}}" {{if eq .IsSubmit true}}type="submit"{{else}}type="button"{{end}} {{if .IsDisabled}}disabled{{end}}>
-        <a class="button {{if .IsPrimary}}primary{{end}}" {{if eq .IsSubmit true}}type="submit"{{else}}href="{{.Link}}"{{end}}>
+            {{.Text}}</button>
-            {{.Text}}
             <!-- tailwind heroicons -->
             {{if eq .Icon "gear"}}
                 <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="icon">
@@ -17,6 +16,4 @@
                     <path stroke-linecap="round" stroke-linejoin="round" d="M12 4.5v15m7.5-7.5h-15" />
                 </svg>
             {{end}}
-        </a>
-    </button>
 {{end}}

template/components/form_checkbox.go

@@ -0,0 +1,14 @@
+package components
+
+type FormCheckbox struct {
+	Label       string
+	AllCheckbox []FormCheckboxItem
+}
+
+type FormCheckboxItem struct {
+	ID        string
+	Name      string
+	Value     string
+	Label     string
+	IsChecked bool
+}

template/components/form_checkbox.html

@@ -0,0 +1,11 @@
+{{define "form_checkbox"}}
+<div class="input-container">
+  <label class="form-label">{{.Label}}</label>
+  {{range $options := .AllCheckbox}}
+  <div class="form-check">
+    <input class="form-check-input" type="checkbox" name="{{$options.Name}}" id="{{$options.ID}}" value="{{$options.Value}}"{{if eq $options.IsChecked true}} checked{{end}}>
+    <label class="form-check-label" for="{{$options.ID}}">{{$options.Label}}</label>
+  </div>  
+  {{end}}
+</div>
+{{end}}

template/components/form_input.go

@@ -0,0 +1,12 @@
+package components
+
+type FormInput struct {
+	ID          string
+	Label       string
+	Type        string
+	Placeholder string
+	Value       string
+	Hint        string
+	Error       string
+	IsDisabled  bool
+}

template/components/form_input.html

@@ -0,0 +1,15 @@
+{{define "form_input"}}
+<div class="input-container">
+    <label class="form-label" for="{{.ID}}">{{.Label}}</label>
+    <input type="{{.Type}}" id="{{.ID}}" name="{{.ID}}" placeholder="{{.Placeholder}}" class="form-control{{if ne .Error ""}} error{{end}}"
+        {{if eq .IsDisabled true}}
+            disabled
+        {{end}}
+        {{if ne .Value ""}}
+            value="{{.Value}}"
+        {{end}}
+        aria-describedby="{{.ID}}Help">
+   {{if ne .Hint ""}}<small id="{{.ID}}Help" class="form-text text-muted">{{.Hint}}</small>{{end}}
+    {{if ne .Error ""}}<div class="error">{{.Error}}</div>{{end}}
+</div>
+{{end}}

template/components/form_radio.go

@@ -0,0 +1,15 @@
+package components
+
+type FormRadio struct {
+	Label     string
+	AllRadios []FormRadioItem
+}
+
+type FormRadioItem struct {
+	ID         string
+	Name       string
+	Value      string
+	Label      string
+	IsDisabled bool
+	IsChecked  bool
+}

template/components/form_radio.html

@@ -0,0 +1,11 @@
+{{define "form_radio"}}
+<div class="input-container">
+  <label class="form-label">{{.Label}}</label>
+  {{range $options := .AllRadios}}
+    <div class="form-check{{if eq $options.IsDisabled true}} disabled{{end}}">
+      <input class="form-check-input" type="radio" name="{{$options.Name}}" id="{{$options.ID}}" value="{{$options.Value}}"{{if eq $options.IsDisabled true}} disabled=""{{end}}{{if eq $options.IsChecked true}} checked=""{{end}}>
+      <label class="form-check-label" for="{{$options.ID}}">{{$options.Label}}</label>
+    </div>
+  {{end}}
+</div>
+{{end}}

template/components/form_select.go

@@ -0,0 +1,13 @@
+package components
+
+type FormSelect struct {
+	ID             string
+	SelectedOption FormSelectOption
+	Label          string
+	AllOptions     []FormSelectOption
+}
+
+type FormSelectOption struct {
+	Value   string
+	Caption string
+}

template/components/form_select.html

@@ -0,0 +1,10 @@
+{{define "form_select"}}
+<div class="input-container">
+  <label for="{{.ID}}" class="form-label">{{.Label}}</label>
+  <select class="form-select" id="{{.ID}}" name="{{.ID}}">
+  {{range $options := .AllOptions}}
+      <option value="{{$options.Value}}" {{if eq $options.Value $.SelectedOption.Value }}selected="selected"{{end}}>{{$options.Caption}}</option>
+  {{end}}
+  </select>
+</div>
+{{end}}

template/components/form_textarea.go

@@ -0,0 +1,7 @@
+package components
+
+type FormTextarea struct {
+	ID         string
+	Label      string
+	AllOptions []FormSelectOption
+}

template/components/form_textarea.html

@@ -0,0 +1,6 @@
+{{define "form_textarea"}}
+<div class="input-container">
+  <label for="{{.ID}}" class="form-label">{{.Label}}</label>
+  <textarea class="form-control" id="{{.ID}}" name="{{.ID}}" rows="3"></textarea>
+</div>
+{{end}}

template/components/head.html

@@ -1,8 +0,0 @@
-{{define "head"}}
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="initial-scale=1, viewport-fit=cover, width=device-width, maximum-scale=1.0, minimum-scale=1.0">
-    <title>{{.}} | Goffee</title>
-    <link href="/public/style.css" rel="stylesheet">
-</head>
-{{end}}

template/components/page_card.go

@@ -0,0 +1,8 @@
+package components
+
+type PageCard struct {
+	CardTitle    string
+	CardSubTitle string
+	CardBody     string
+	CardLink     string
+}

template/components/page_card.html

@@ -0,0 +1,11 @@
+{{define "page_card"}}
+<div class="card">
+  <div class="card-body">
+    {{if .CardTitle}}<h5 class="card-title">{{.CardTitle}}</h5>{{end}}
+    {{if .CardSubTitle}}<h6 class="card-subtitle mb-2 text-muted">{{.CardSubTitle}}</h6>{{end}}
+    {{if .CardBody}}<p class="card-text">{{.CardBody}}</p>{{end}}
+    {{block "page_card_content" .}}{{end}}
+    {{if .CardLink}}<a href="{{.CardLink}}" class="card-link">Card link</a>{{end}}
+  </div>
+</div>
+{{end}}

template/components/page_footer.html

@@ -0,0 +1,6 @@
+{{define "page_footer"}}
+<footer>
+<script src="/public/app.js"></script>
+</footer>
+<script src="/public/bootstrap/js/bootstrap.min.js"></script>
+{{end}}

template/components/page_head.html

@@ -0,0 +1,11 @@
+{{define "page_head"}}
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta http-equiv="X-UA-Compatible" content="ie=edge">
+  <title>{{.}} | Goffee</title>
+  <link rel="stylesheet" href="/public/style.css">
+  <link rel="icon" href="/public/img/favicon.ico" type="image/x-icon">
+  <link rel="stylesheet" href="/public/bootstrap/css/bootstrap.min.css">
+</head>
+{{end}}

template/components/page_page.html

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="en">
+  {{template "page_head" "Goffee"}}
+  <body>
+    <div class="container">
+    {{block "page_content" .}}
+        <main>
+            <h1>Use this file as base inside cup application</h1>  
+        </main>
+    {{end}}
+    {{template "page_footer"}}
+    </div>  
+  </body>
+</html>

template/components/title.go

@@ -1,5 +0,0 @@
-package components
-
-type Title struct {
-	Label string
-}

template/components/title.html

@@ -1,5 +0,0 @@
-{{define "title"}}
-<div class="title">
-    <h1>{{.Label}}</h1>
-</div>
-{{end}}