Moved the auth stuff into common/ so it's easier to merge back.

4 days ago · 3e6156e93c
parent 49946e7f26
commit 3e6156e93c
3 changed files with 13 additions and 84 deletions
--- a/admin/handlers.go
+++ b/admin/handlers.go
@ -6,12 +6,11 @@ import (
  "fmt"
  "github.com/gofiber/fiber/v2"
  "MY/webapp/data"
-  "MY/webapp/api"
  . "MY/webapp/common"
 )

 func GetApiTableIndex(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  var tables []string
@ -24,7 +23,7 @@ func GetApiTableIndex(c *fiber.Ctx) error {
 }

 func GetApiSelectAll(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -50,14 +49,14 @@ func GetApiSelectAll(c *fiber.Ctx) error {
 }

 func GetPageSelectAll(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  return c.Render("admin/table/contents", fiber.Map{"Table": c.Params("table")})
 }

 func GetApiSelectOne(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -73,7 +72,7 @@ func GetApiSelectOne(c *fiber.Ctx) error {
 }

 func GetPageSelectOne(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -87,7 +86,7 @@ func GetPageSelectOne(c *fiber.Ctx) error {
 }

 func PostApiUpdate(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -102,7 +101,7 @@ func PostApiUpdate(c *fiber.Ctx) error {
 }

 func GetPageInsert(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -110,7 +109,7 @@ func GetPageInsert(c *fiber.Ctx) error {
 }

 func GetApiInsert(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -120,7 +119,7 @@ func GetApiInsert(c *fiber.Ctx) error {
 }

 func PostApiInsert(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -136,7 +135,7 @@ func PostApiInsert(c *fiber.Ctx) error {
 }

 func DeleteApi(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  table := c.Params("table")
@ -151,7 +150,7 @@ func DeleteApi(c *fiber.Ctx) error {
 }

 func GetPageAdminIndex(c *fiber.Ctx) error {
-  _, err := api.CheckAuthed(c, true)
+  _, err := CheckAuthed(c, true)
  if err != nil { return c.Redirect("/") }

  return c.Render("admin/table/index", fiber.Map{})
--- a/api/auth.go
+++ b/api/auth.go
@ -1,17 +1,11 @@
 package api

 import (
-  "errors"
-  "golang.org/x/crypto/bcrypt"
-  "log"
-
  "github.com/gofiber/fiber/v2"
  _ "github.com/mattn/go-sqlite3"
  sq "github.com/Masterminds/squirrel"
-  "github.com/gofiber/fiber/v2/middleware/session"

  "MY/webapp/data"
-  "MY/webapp/config"
  . "MY/webapp/common"
 )

@ -69,66 +63,3 @@ func PostApiLogin(c *fiber.Ctx) error {
    return c.Redirect("/login/")
  }
 }
-
-func IsAdmin(user *data.User) bool {
-  return user.Username == config.Settings.Admin
-}
-
-func CheckAuthed(c *fiber.Ctx, needs_admin bool) (*session.Session, error) {
-  sess, err := STORE.Get(c)
-  if err != nil { return sess, err }
-
-  // BUG: this has to come from the databse, just temporary
-  admin := sess.Get("admin") == true
-  authed := sess.Get("authenticated") == true
-
-  log.Printf("session admin=%v, session authed=%v, needs_admin = %v",
-    sess.Get("admin"), sess.Get("authenticated"), needs_admin)
-
-  if needs_admin {
-    authed = admin && authed
-    log.Printf("after needs_admin block: authed=%v", authed)
-  }
-
-  if authed {
-    log.Println("user is authed, return nil and sess")
-    return sess, nil
-  } else {
-    log.Println("user is NOT authed, return error")
-    return sess, errors.New("Authentication, permission failure")
-  }
-}
-
-func LogoutUser(c *fiber.Ctx) error {
-  sess, err := STORE.Get(c)
-  if err != nil { return err }
-
-  err = sess.Destroy()
-  if err != nil { return err }
-
-  err = sess.Save()
-  return err
-}
-
-func LoginUser(result *data.User, login *data.Login) (bool, error) {
-  sql, args, err := sq.Select("username, password").
-      From("user").Where("username=?", login.Username).ToSql()
-
-  if err != nil { return false, err }
-
-  err = data.DB.Get(result, sql, args...)
-  if err != nil { return false, err }
-
-  pass_good := bcrypt.CompareHashAndPassword([]byte(result.Password), []byte(login.Password))
-  if pass_good != nil { return false, pass_good }
-
-  return login.Username == result.Username && pass_good == nil, nil
-}
-
-func SetUserPassword(user *data.User) error {
-  hashed, err := bcrypt.GenerateFromPassword([]byte(user.Password), 12)
-  if err != nil { return err }
-
-  user.Password = string(hashed)
-  return nil
-}
--- a/api/handlers.go
+++ b/api/handlers.go
@ -6,12 +6,11 @@ import (

  "github.com/gofiber/fiber/v2"
  "github.com/gofiber/fiber/v2/middleware/session"
+  "MY/webapp/common"
 )

-var STORE *session.Store
-
 func Setup(app *fiber.App) {
-  STORE = session.New()
+  common.STORE = session.New()

  // this forces static pages to reload
  app.Static("/", "./public", fiber.Static{