1
0
Fork 0
forked from goffee/core

Compare commits

...

6 commits

23 changed files with 420 additions and 28 deletions

View file

@ -102,6 +102,15 @@ func (c *Context) GetHeader(key string) string {
return c.Request.httpRequest.Header.Get(key)
}
func (c *Context) GetCookie() (UserCookie, error) {
user, err := GetCookie(c.Request.httpRequest)
if err != nil {
return user, err
}
return user, nil
}
func (c *Context) GetUploadedFile(name string) *UploadedFileInfo {
file, fileHeader, err := c.Request.httpRequest.FormFile(name)
if err != nil {

238
cookies.go Normal file
View file

@ -0,0 +1,238 @@
// Copyright (c) 2024 Zeni Kim <zenik@smarteching.com>
// Use of this source code is governed by MIT-style
// license that can be found in the LICENSE file.
package core
import (
"crypto/aes"
"crypto/cipher"
"bytes"
"crypto/rand"
"encoding/base64"
"encoding/gob"
"encoding/hex"
"errors"
"fmt"
"io"
"net/http"
"strings"
)
var (
ErrValueTooLong = errors.New("cookie value too long")
ErrInvalidValue = errors.New("invalid cookie value")
)
// Declare the User type.
type UserCookie struct {
Email string
Token string
}
var secretcookie []byte
func GetCookie(r *http.Request) (UserCookie, error) {
var err error
// Create a new instance of a User type.
var user UserCookie
secretcookie, err = hex.DecodeString("13d6b4dff8f84a10851021ec8608f814570d562c92fe6b5ec4c9f595bcb3234b")
if err != nil {
return user, err
}
gobEncodedValue, err := CookieReadEncrypted(r, "goffee", secretcookie)
if err != nil {
return user, err
}
// Create an strings.Reader containing the gob-encoded value.
reader := strings.NewReader(gobEncodedValue)
// Decode it into the User type. Notice that we need to pass a *pointer* to
// the Decode() target here?
if err := gob.NewDecoder(reader).Decode(&user); err != nil {
return user, err
}
return user, nil
}
func SetCookie(w http.ResponseWriter, email string, token string) error {
// Initialize a User struct containing the data that we want to store in the
// cookie.
var err error
secretcookie, err = hex.DecodeString("13d6b4dff8f84a10851021ec8608f814570d562c92fe6b5ec4c9f595bcb3234b")
if err != nil {
return err
}
user := UserCookie{Email: email, Token: token}
// Initialize a buffer to hold the gob-encoded data.
var buf bytes.Buffer
// Gob-encode the user data, storing the encoded output in the buffer.
err = gob.NewEncoder(&buf).Encode(&user)
if err != nil {
return err
}
// Call buf.String() to get the gob-encoded value as a string and set it as
// the cookie value.
cookie := http.Cookie{
Name: "goffee",
Value: buf.String(),
Path: "/",
MaxAge: 3600,
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteLaxMode,
}
// Write an encrypted cookie containing the gob-encoded data as normal.
err = CookieWriteEncrypted(w, cookie, secretcookie)
if err != nil {
return err
}
fmt.Printf("Cookie set %v\n", email)
return nil
}
func CookieWrite(w http.ResponseWriter, cookie http.Cookie) error {
// Encode the cookie value using base64.
cookie.Value = base64.URLEncoding.EncodeToString([]byte(cookie.Value))
// Check the total length of the cookie contents. Return the ErrValueTooLong
// error if it's more than 4096 bytes.
if len(cookie.String()) > 4096 {
return ErrValueTooLong
}
// Write the cookie as normal.
http.SetCookie(w, &cookie)
return nil
}
func CookieRead(r *http.Request, name string) (string, error) {
// Read the cookie as normal.
cookie, err := r.Cookie(name)
if err != nil {
return "", err
}
// Decode the base64-encoded cookie value. If the cookie didn't contain a
// valid base64-encoded value, this operation will fail and we return an
// ErrInvalidValue error.
value, err := base64.URLEncoding.DecodeString(cookie.Value)
if err != nil {
return "", ErrInvalidValue
}
// Return the decoded cookie value.
return string(value), nil
}
func CookieWriteEncrypted(w http.ResponseWriter, cookie http.Cookie, secretKey []byte) error {
// Create a new AES cipher block from the secret key.
block, err := aes.NewCipher(secretKey)
if err != nil {
return err
}
// Wrap the cipher block in Galois Counter Mode.
aesGCM, err := cipher.NewGCM(block)
if err != nil {
return err
}
// Create a unique nonce containing 12 random bytes.
nonce := make([]byte, aesGCM.NonceSize())
_, err = io.ReadFull(rand.Reader, nonce)
if err != nil {
return err
}
// Prepare the plaintext input for encryption. Because we want to
// authenticate the cookie name as well as the value, we make this plaintext
// in the format "{cookie name}:{cookie value}". We use the : character as a
// separator because it is an invalid character for cookie names and
// therefore shouldn't appear in them.
plaintext := fmt.Sprintf("%s:%s", cookie.Name, cookie.Value)
// Encrypt the data using aesGCM.Seal(). By passing the nonce as the first
// parameter, the encrypted data will be appended to the nonce — meaning
// that the returned encryptedValue variable will be in the format
// "{nonce}{encrypted plaintext data}".
encryptedValue := aesGCM.Seal(nonce, nonce, []byte(plaintext), nil)
// Set the cookie value to the encryptedValue.
cookie.Value = string(encryptedValue)
// Write the cookie as normal.
return CookieWrite(w, cookie)
}
func CookieReadEncrypted(r *http.Request, name string, secretKey []byte) (string, error) {
// Read the encrypted value from the cookie as normal.
encryptedValue, err := CookieRead(r, name)
if err != nil {
return "", err
}
// Create a new AES cipher block from the secret key.
block, err := aes.NewCipher(secretKey)
if err != nil {
return "", err
}
// Wrap the cipher block in Galois Counter Mode.
aesGCM, err := cipher.NewGCM(block)
if err != nil {
return "", err
}
// Get the nonce size.
nonceSize := aesGCM.NonceSize()
// To avoid a potential 'index out of range' panic in the next step, we
// check that the length of the encrypted value is at least the nonce
// size.
if len(encryptedValue) < nonceSize {
return "", ErrInvalidValue
}
// Split apart the nonce from the actual encrypted data.
nonce := encryptedValue[:nonceSize]
ciphertext := encryptedValue[nonceSize:]
// Use aesGCM.Open() to decrypt and authenticate the data. If this fails,
// return a ErrInvalidValue error.
plaintext, err := aesGCM.Open(nil, []byte(nonce), []byte(ciphertext), nil)
if err != nil {
return "", ErrInvalidValue
}
// The plaintext value is in the format "{cookie name}:{cookie value}". We
// use strings.Cut() to split it on the first ":" character.
expectedName, value, ok := strings.Cut(string(plaintext), ":")
if !ok {
return "", ErrInvalidValue
}
// Check that the cookie name is the expected one and hasn't been changed.
if expectedName != name {
return "", ErrInvalidValue
}
// Return the plaintext cookie value.
return value, nil
}

View file

@ -98,9 +98,7 @@ func (app *App) Run(router *httprouter.Router) {
TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)
// if enabled,
if TemplateEnable {
// add public path
publicPath := os.Getenv("TEMPLATE_PUBLIC")
router.ServeFiles("/public/*filepath", http.Dir(publicPath))
router.ServeFiles("/public/*filepath", http.Dir("storage/public"))
}
useHttpsStr := os.Getenv("App_USE_HTTPS")
@ -183,6 +181,7 @@ func (app *App) RegisterRoutes(routes []Route, router *httprouter.Router) *httpr
func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Handle {
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
ctx := &Context{
Request: &Request{
httpRequest: r,
@ -206,11 +205,13 @@ func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Ha
GetEventsManager: resolveEventsManager(),
GetLogger: resolveLogger(),
}
ctx.prepare(ctx)
rhs := app.combHandlers(h, ms)
app.prepareChain(rhs)
app.t = 0
app.chain.execute(ctx)
for _, header := range ctx.Response.headers {
w.Header().Add(header.key, header.val)
}
@ -223,6 +224,7 @@ func (app *App) makeHTTPRouterHandlerFunc(h Controller, ms []Hook) httprouter.Ha
} else {
ct = CONTENT_TYPE_HTML
}
w.Header().Add(CONTENT_TYPE, ct)
if ctx.Response.statusCode != 0 {
w.WriteHeader(ctx.Response.statusCode)

View file

@ -1,6 +1,6 @@
package components
type Button struct {
type FormButton struct {
Text string
Link string
Icon string

View file

@ -1,7 +1,6 @@
{{define "button"}}
<button class="button-container">
<a class="button {{if .IsPrimary}}primary{{end}}" {{if eq .IsSubmit true}}type="submit"{{else}}href="{{.Link}}"{{end}}>
{{.Text}}
{{define "form_button"}}
<button class="btn btn-{{if .IsPrimary}}primary{{end}}" {{if eq .IsSubmit true}}type="submit"{{else}}type="button"{{end}} {{if .IsDisabled}}disabled{{end}}>
{{.Text}}</button>
<!-- tailwind heroicons -->
{{if eq .Icon "gear"}}
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="icon">
@ -17,6 +16,4 @@
<path stroke-linecap="round" stroke-linejoin="round" d="M12 4.5v15m7.5-7.5h-15" />
</svg>
{{end}}
</a>
</button>
{{end}}

View file

@ -0,0 +1,14 @@
package components
type FormCheckbox struct {
Label string
AllCheckbox []FormCheckboxItem
}
type FormCheckboxItem struct {
ID string
Name string
Value string
Label string
IsChecked bool
}

View file

@ -0,0 +1,11 @@
{{define "form_checkbox"}}
<div class="input-container">
<label class="form-label">{{.Label}}</label>
{{range $options := .AllCheckbox}}
<div class="form-check">
<input class="form-check-input" type="checkbox" name="{{$options.Name}}" id="{{$options.ID}}" value="{{$options.Value}}"{{if eq $options.IsChecked true}} checked{{end}}>
<label class="form-check-label" for="{{$options.ID}}">{{$options.Label}}</label>
</div>
{{end}}
</div>
{{end}}

View file

@ -0,0 +1,12 @@
package components
type FormInput struct {
ID string
Label string
Type string
Placeholder string
Value string
Hint string
Error string
IsDisabled bool
}

View file

@ -0,0 +1,15 @@
{{define "form_input"}}
<div class="input-container">
<label class="form-label" for="{{.ID}}">{{.Label}}</label>
<input type="{{.Type}}" id="{{.ID}}" name="{{.ID}}" placeholder="{{.Placeholder}}" class="form-control{{if ne .Error ""}} error{{end}}"
{{if eq .IsDisabled true}}
disabled
{{end}}
{{if ne .Value ""}}
value="{{.Value}}"
{{end}}
aria-describedby="{{.ID}}Help">
{{if ne .Hint ""}}<small id="{{.ID}}Help" class="form-text text-muted">{{.Hint}}</small>{{end}}
{{if ne .Error ""}}<div class="error">{{.Error}}</div>{{end}}
</div>
{{end}}

View file

@ -0,0 +1,15 @@
package components
type FormRadio struct {
Label string
AllRadios []FormRadioItem
}
type FormRadioItem struct {
ID string
Name string
Value string
Label string
IsDisabled bool
IsChecked bool
}

View file

@ -0,0 +1,11 @@
{{define "form_radio"}}
<div class="input-container">
<label class="form-label">{{.Label}}</label>
{{range $options := .AllRadios}}
<div class="form-check{{if eq $options.IsDisabled true}} disabled{{end}}">
<input class="form-check-input" type="radio" name="{{$options.Name}}" id="{{$options.ID}}" value="{{$options.Value}}"{{if eq $options.IsDisabled true}} disabled=""{{end}}{{if eq $options.IsChecked true}} checked=""{{end}}>
<label class="form-check-label" for="{{$options.ID}}">{{$options.Label}}</label>
</div>
{{end}}
</div>
{{end}}

View file

@ -0,0 +1,13 @@
package components
type FormSelect struct {
ID string
SelectedOption FormSelectOption
Label string
AllOptions []FormSelectOption
}
type FormSelectOption struct {
Value string
Caption string
}

View file

@ -0,0 +1,10 @@
{{define "form_select"}}
<div class="input-container">
<label for="{{.ID}}" class="form-label">{{.Label}}</label>
<select class="form-select" id="{{.ID}}" name="{{.ID}}">
{{range $options := .AllOptions}}
<option value="{{$options.Value}}" {{if eq $options.Value $.SelectedOption.Value }}selected="selected"{{end}}>{{$options.Caption}}</option>
{{end}}
</select>
</div>
{{end}}

View file

@ -0,0 +1,7 @@
package components
type FormTextarea struct {
ID string
Label string
AllOptions []FormSelectOption
}

View file

@ -0,0 +1,6 @@
{{define "form_textarea"}}
<div class="input-container">
<label for="{{.ID}}" class="form-label">{{.Label}}</label>
<textarea class="form-control" id="{{.ID}}" name="{{.ID}}" rows="3"></textarea>
</div>
{{end}}

View file

@ -1,8 +0,0 @@
{{define "head"}}
<head>
<meta charset="UTF-8">
<meta name="viewport" content="initial-scale=1, viewport-fit=cover, width=device-width, maximum-scale=1.0, minimum-scale=1.0">
<title>{{.}} | Goffee</title>
<link href="/public/style.css" rel="stylesheet">
</head>
{{end}}

View file

@ -0,0 +1,8 @@
package components
type PageCard struct {
CardTitle string
CardSubTitle string
CardBody string
CardLink string
}

View file

@ -0,0 +1,11 @@
{{define "page_card"}}
<div class="card">
<div class="card-body">
{{if .CardTitle}}<h5 class="card-title">{{.CardTitle}}</h5>{{end}}
{{if .CardSubTitle}}<h6 class="card-subtitle mb-2 text-muted">{{.CardSubTitle}}</h6>{{end}}
{{if .CardBody}}<p class="card-text">{{.CardBody}}</p>{{end}}
{{block "page_card_content" .}}{{end}}
{{if .CardLink}}<a href="{{.CardLink}}" class="card-link">Card link</a>{{end}}
</div>
</div>
{{end}}

View file

@ -0,0 +1,6 @@
{{define "page_footer"}}
<footer>
<script src="/public/app.js"></script>
</footer>
<script src="/public/bootstrap/js/bootstrap.min.js"></script>
{{end}}

View file

@ -0,0 +1,11 @@
{{define "page_head"}}
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>{{.}} | Goffee</title>
<link rel="stylesheet" href="/public/style.css">
<link rel="icon" href="/public/img/favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="/public/bootstrap/css/bootstrap.min.css">
</head>
{{end}}

View file

@ -0,0 +1,14 @@
<!DOCTYPE html>
<html lang="en">
{{template "page_head" "Goffee"}}
<body>
<div class="container">
{{block "page_content" .}}
<main>
<h1>Use this file as base inside cup application</h1>
</main>
{{end}}
{{template "page_footer"}}
</div>
</body>
</html>

View file

@ -1,5 +0,0 @@
package components
type Title struct {
Label string
}

View file

@ -1,5 +0,0 @@
{{define "title"}}
<div class="title">
<h1>{{.Label}}</h1>
</div>
{{end}}