start cookie session

2024-09-30 09:17:24 -05:00 · 2024-09-30 09:17:24 -05:00 · 1b6f3e6103
commit 1b6f3e6103
parent 017ef4c066
6 changed files with 299 additions and 55 deletions
--- a/controllers/authentication.go
+++ b/controllers/authentication.go
@ -8,7 +8,10 @@ package controllers
 import (
 	"encoding/json"
 	"errors"
+	"fmt"
+
 	"net/http"
+	"os"
 	"strconv"
 	"strings"
 	"time"
@ -19,6 +22,8 @@ import (
 	"git.smarteching.com/goffee/cup/utils"
 	"github.com/google/uuid"
 	"gorm.io/gorm"
+
+	"git.smarteching.com/goffee/core/template/components"
 )

 func Signup(c *core.Context) *core.Response {
@ -123,6 +128,13 @@ func Signin(c *core.Context) *core.Response {
 	email := c.GetRequestParam("email")
 	password := c.GetRequestParam("password")

+	// check if template engine is enable
+	TemplateEnableStr := os.Getenv("TEMPLATE_ENABLE")
+	if TemplateEnableStr == "" {
+		TemplateEnableStr = "false"
+	}
+	TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)
+
 	data := map[string]interface{}{
 		"email":    email,
 		"password": password,
@ -135,37 +147,62 @@ func Signin(c *core.Context) *core.Response {

 	if v.Failed() {
 		c.GetLogger().Error(v.GetErrorMessagesJson())
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusUnprocessableEntity).Json(v.GetErrorMessagesJson())
 		}
+	}

 	var user models.User
 	res := c.GetGorm().Where("email = ?", c.CastToString(email)).First(&user)
 	if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {
 		c.GetLogger().Error(res.Error.Error())
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]string{
 				"message": "internal server error",
 			}))
 		}
+	}

 	if res.Error != nil && errors.Is(res.Error, gorm.ErrRecordNotFound) {
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusUnprocessableEntity).Json(c.MapToJson(map[string]string{
 				"message": "invalid email or password",
 			}))
 		}
+	}

 	ok, err := c.GetHashing().CheckPasswordHash(user.Password, c.CastToString(password))
 	if err != nil {
 		c.GetLogger().Error(err.Error())
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]string{
 				"message": err.Error(),
 			}))
 		}
+	}

 	if !ok {
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusUnprocessableEntity).Json(c.MapToJson(map[string]string{
 				"message": "invalid email or password",
 			}))
 		}
+	}

 	token, err := c.GetJWT().GenerateToken(map[string]interface{}{
 		"userID": user.ID,
@ -173,25 +210,47 @@ func Signin(c *core.Context) *core.Response {

 	if err != nil {
 		c.GetLogger().Error(err.Error())
+		// TODO set error in session
+		if TemplateEnable {
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]string{
 				"message": "internal server error",
 			}))
 		}
+	}
 	// cache the token
 	userAgent := c.GetUserAgent()
 	hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(user.ID, userAgent)
 	err = c.GetCache().Set(hashedCacheKey, token)
 	if err != nil {
 		c.GetLogger().Error(err.Error())
+		if TemplateEnable {
+			// TODO set error in session
+			return c.Response.Redirect("/applogin")
+		} else {
 			return c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]interface{}{
 				"message": "internal server error",
 			}))
 		}
+	}

+	if TemplateEnable {
+		// create cookie
+		err = core.SetCookie(c.Response.HttpResponseWriter, email.(string), token)
+		if err != nil {
+			panic(fmt.Sprintf("Error write encrypted cookie: %v", err))
+			return c.Response.SetStatusCode(http.StatusInternalServerError)
+		}
+
+		// redirecto to app
+		return c.Response.Redirect("/appsample")
+	} else {
 		return c.Response.Json(c.MapToJson(map[string]string{
 			"token": token,
 		}))
 	}
+}

 func ResetPasswordRequest(c *core.Context) *core.Response {
 	email := c.GetRequestParam("email")
@ -389,3 +448,41 @@ func Signout(c *core.Context) *core.Response {
 		"message": "signed out successfully",
 	}))
 }
+
+// Show basic app login
+func AppLogin(c *core.Context) *core.Response {
+
+	type templateData struct {
+		TheTitle components.Title
+	}
+
+	tmplData := templateData{
+		TheTitle: components.Title{
+			Label: "Login form",
+		},
+	}
+
+	return c.Response.Template("login.html", tmplData)
+
+}
+
+// Show basic app sample
+func AppSample(c *core.Context) *core.Response {
+
+	title := "lorem"
+
+	type templateData struct {
+		TheTitle components.Title
+	}
+
+	tmplData := templateData{
+		TheTitle: components.Title{
+			Label: title,
+		},
+	}
+
+	//fmt.Printf("Outside cookie user is: %s", user.Email)
+
+	return c.Response.Template("app.html", tmplData)
+
+}
--- a/controllers/sample.go
+++ b/controllers/sample.go
@ -0,0 +1,27 @@
+// Copyright (c) 2024 Zeni Kim <zenik@smarteching.com>
+// Use of this source code is governed by MIT-style
+// license that can be found in the LICENSE file.
+
+package controllers
+
+import (
+	"git.smarteching.com/goffee/core"
+	"git.smarteching.com/goffee/core/template/components"
+)
+
+// Show basic template
+func Sample(c *core.Context) *core.Response {
+
+	type templateData struct {
+		TheTitle components.Title
+	}
+
+	tmplData := templateData{
+		TheTitle: components.Title{
+			Label: "Lorem ipsum inside",
+		},
+	}
+
+	return c.Response.Template("basic.html", tmplData)
+
+}
--- a/hooks/auth-check.go
+++ b/hooks/auth-check.go
@ -3,6 +3,8 @@ package hooks
 import (
 	"errors"
 	"net/http"
+	"os"
+	"strconv"
 	"strings"

 	"git.smarteching.com/goffee/core"
@ -11,20 +13,92 @@ import (
 	"gorm.io/gorm"
 )

+var CheckSessionCookie core.Hook = func(c *core.Context) {
+
+	pass := true
+	token := ""
+	usercookie, err := c.GetCookie()
+	if err != nil {
+
+	}
+	token = usercookie.Token
+	if token == "" {
+		pass = false
+	} else {
+		payload, err := c.GetJWT().DecodeToken(token)
+		if err != nil {
+			pass = false
+		} else {
+
+			userAgent := c.GetUserAgent()
+			hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(uint(c.CastToInt(payload["userID"])), userAgent)
+
+			cachedToken, err := c.GetCache().Get(hashedCacheKey)
+			if err != nil {
+				pass = false
+			} else if cachedToken != token {
+				pass = false
+			} else {
+				var user models.User
+				res := c.GetGorm().Where("id = ?", payload["userID"]).First(&user)
+				if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {
+					pass = false
+				}
+			}
+		}
+	}
+	// if have session redirect protected page
+	if pass {
+		c.Response.Redirect("/appsample").ForceSendResponse()
+		return
+	}
+
+	c.Next()
+
+}
+
 var AuthCheck core.Hook = func(c *core.Context) {
+
+	// check if template engine is enable
+	TemplateEnableStr := os.Getenv("TEMPLATE_ENABLE")
+	if TemplateEnableStr == "" {
+		TemplateEnableStr = "false"
+	}
+	TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)
+
+	token := ""
+
+	if TemplateEnable {
+		usercookie, err := c.GetCookie()
+		if err != nil {
+
+		}
+		token = usercookie.Token
+		if token == "" {
+			c.Response.Redirect("/applogin").ForceSendResponse()
+			return
+		}
+
+	} else {
 		tokenRaw := c.GetHeader("Authorization")
-	token := strings.TrimSpace(strings.Replace(tokenRaw, "Bearer", "", 1))
+		token = strings.TrimSpace(strings.Replace(tokenRaw, "Bearer", "", 1))
 		if token == "" {
 			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
 				"message": "unauthorized",
 			})).ForceSendResponse()
 			return
 		}
+	}
+
 	payload, err := c.GetJWT().DecodeToken(token)
 	if err != nil {
+		if TemplateEnable {
+			c.Response.Redirect("/applogin").ForceSendResponse()
+		} else {
 			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
 				"message": "unauthorized",
 			})).ForceSendResponse()
+		}
 		return
 	}
 	userAgent := c.GetUserAgent()
@ -33,16 +107,24 @@ var AuthCheck core.Hook = func(c *core.Context) {
 	cachedToken, err := c.GetCache().Get(hashedCacheKey)
 	if err != nil {
 		// user signed out
+		if TemplateEnable {
+			c.Response.Redirect("/applogin").ForceSendResponse()
+		} else {
 			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
 				"message": "unauthorized",
 			})).ForceSendResponse()
+		}
 		return
 	}
 	if cachedToken != token {
 		// using old token replaced with new one after recent signin
+		if TemplateEnable {
+			c.Response.Redirect("/applogin").ForceSendResponse()
+		} else {
 			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
 				"message": "unauthorized",
 			})).ForceSendResponse()
+		}
 		return
 	}

@ -51,17 +133,13 @@ var AuthCheck core.Hook = func(c *core.Context) {
 	if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {
 		// error with the database
 		c.GetLogger().Error(res.Error.Error())
+		if TemplateEnable {
+			c.Response.Redirect("/applogin").ForceSendResponse()
+		} else {
 			c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]interface{}{
 				"message": "internal error",
 			})).ForceSendResponse()
-		return
 		}
-
-	if res.Error != nil && errors.Is(res.Error, gorm.ErrRecordNotFound) {
-		// user record is not found (deleted)
-		c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
-			"message": "unauthorized",
-		})).ForceSendResponse()
 		return
 	}

--- a/storage/templates/app.html
+++ b/storage/templates/app.html
@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+  {{template "head" "Goffee"}}
+  <body>
+  <main>
+  
+    {{template "title" .TheTitle}}
+    
+    
+    </main> 
+  <script src="/public/app.js"></script>
+  </body>
+</html>  
--- a/storage/templates/basic.html
+++ b/storage/templates/basic.html
@ -2,9 +2,13 @@
 <html lang="en">
  {{template "head" "Goffee"}}
  <body>
+    <main>
     {{template "title" .TheTitle}}
      <div class="section">
         Welcome to Goffee
      </div>
+        <img class="goffeelogo"src="/public/img/goffee.png" alt="Goffee logo" />
+    </main> 
+  <script src="/public/app.js"></script>
  </body>
 </html>
--- a/storage/templates/login.html
+++ b/storage/templates/login.html
@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html lang="en">
+  {{template "head" "Goffee"}}
+  <body>
+  <main>
+  
+    {{template "title" .TheTitle}}
+    <form method="POST" action="/signin">
+      <div>
+        <label for="email">Email:</label>
+        <input type="text" id="email" name="email" required>
+      </div>
+      <div>
+        <label for="password">Password:</label>
+        <input type="password" id="password" name="password" required>
+      </div>
+      <div>
+        <button type="submit" name="login">Login</button>
+      </div>
+    </form>
+    
+    </main> 
+  <script src="/public/app.js"></script>
+  </body>
+</html>