aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDerek Stevens <nilix@nilfm.cc>2022-05-17 22:29:40 -0600
committerDerek Stevens <nilix@nilfm.cc>2022-05-17 22:29:40 -0600
commit7c0d0c864aec533c96ca9e03c9bb9fcc62d68857 (patch)
treebf769ab351c91e264ee54311f652900007ebc0a2
parent0e5a81f27b631f23afd06fef046176f4662792a3 (diff)
fix middleware, add diagnostics to router
-rw-r--r--middleware/middleware.go15
-rw-r--r--quartzgun_test.go10
-rw-r--r--router/router.go2
-rw-r--r--testData/static/style.css0
-rw-r--r--testData/templates/cms_list.html3
-rw-r--r--testData/templates/error.html1
-rw-r--r--testData/templates/footer.html4
-rw-r--r--testData/templates/header.html11
-rw-r--r--testData/templates/login.html21
9 files changed, 59 insertions, 8 deletions
diff --git a/middleware/middleware.go b/middleware/middleware.go
index 138ed71..cbd1998 100644
--- a/middleware/middleware.go
+++ b/middleware/middleware.go
@@ -2,12 +2,13 @@ package middleware
import (
"context"
+ "fmt"
"net/http"
"nilfm.cc/git/quartzgun/auth"
"nilfm.cc/git/quartzgun/cookie"
)
-func Protected(next http.Handler, userStore auth.UserStore) http.Handler {
+func Protected(next http.Handler, method string, userStore auth.UserStore) http.Handler {
handlerFunc := func(w http.ResponseWriter, req *http.Request) {
user, err := cookie.GetToken("user", req)
if err == nil {
@@ -15,13 +16,17 @@ func Protected(next http.Handler, userStore auth.UserStore) http.Handler {
if err == nil {
login, err := userStore.ValidateUser(user, session)
if err == nil && login {
+ fmt.Printf("authorized!\n")
+ fmt.Printf("user: %s, session: %s\n", user, session)
+ req.Method = method
next.ServeHTTP(w, req)
return
}
}
}
+ fmt.Printf("unauthorized...\n")
req.Method = http.MethodGet
- http.Redirect(w, req, "/login", http.StatusTemporaryRedirect)
+ http.Redirect(w, req, "/login", http.StatusSeeOther)
}
return http.HandlerFunc(handlerFunc)
@@ -37,15 +42,17 @@ func Authorize(next string, userStore auth.UserStore) http.Handler {
24*7*52)
if err == nil {
req.Method = http.MethodGet
- http.Redirect(w, req, next, http.StatusOK)
+ fmt.Printf("logged in as %s\n", req.FormValue("user"))
+ http.Redirect(w, req, next, http.StatusSeeOther)
} else {
*req = *req.WithContext(
context.WithValue(
req.Context(),
"message",
"Incorrect credentials"))
+ fmt.Printf("login failed!\n")
req.Method = http.MethodGet
- http.Redirect(w, req, "/login", http.StatusTemporaryRedirect)
+ http.Redirect(w, req, "/login", http.StatusSeeOther)
}
}
diff --git a/quartzgun_test.go b/quartzgun_test.go
index c325926..3c9d099 100644
--- a/quartzgun_test.go
+++ b/quartzgun_test.go
@@ -6,6 +6,7 @@ import (
"html/template"
"net/http"
"nilfm.cc/git/quartzgun/indentalUserDB"
+ "nilfm.cc/git/quartzgun/middleware"
"nilfm.cc/git/quartzgun/renderer"
"nilfm.cc/git/quartzgun/router"
"testing"
@@ -43,7 +44,14 @@ func TestMain(m *testing.M) {
Fallback: *template.Must(template.ParseFiles("testData/templates/error.html", "testData/templates/footer.html")),
}
- rtr.Get("/", AddContent(renderer.Template("testData/templates/test.html")))
+ rtr.Get("/login", renderer.Template(
+ "testData/templates/login.html"))
+
+ rtr.Post("/login", middleware.Authorize("/", udb))
+
+ rtr.Get("/", middleware.Protected(
+ renderer.Template(
+ "testData/templates/test.html"), http.MethodGet, udb))
rtr.Get("/json", ApiSomething(renderer.JSON("apiData")))
diff --git a/router/router.go b/router/router.go
index 2d9ea3c..f80b8f6 100644
--- a/router/router.go
+++ b/router/router.go
@@ -3,6 +3,7 @@ package router
import (
"context"
"errors"
+ "fmt"
"html/template"
"log"
"net/http"
@@ -100,6 +101,7 @@ func (self *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) {
}
}
+ fmt.Printf("%s: %s\n", req.Method, req.URL.Path)
/* Otherwise, this is a normal route */
for _, r := range self.routes {
diff --git a/testData/static/style.css b/testData/static/style.css
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/testData/static/style.css
diff --git a/testData/templates/cms_list.html b/testData/templates/cms_list.html
new file mode 100644
index 0000000..063a450
--- /dev/null
+++ b/testData/templates/cms_list.html
@@ -0,0 +1,3 @@
+{{template "header"}}
+<h1>It works!</h1>
+{{template "footer"}} \ No newline at end of file
diff --git a/testData/templates/error.html b/testData/templates/error.html
index 86c502f..eed8715 100644
--- a/testData/templates/error.html
+++ b/testData/templates/error.html
@@ -6,7 +6,6 @@
<meta charset='utf-8'>
<meta name='viewport' content='width=device-width,initial-scale=1'>
- <link rel='stylesheet' type='text/css' href='/style.css'>
<link rel='shortcut icon' href='/favicon.ico'>
<title>test &mdash; error</title>
</head>
diff --git a/testData/templates/footer.html b/testData/templates/footer.html
index 4310abf..0c38b62 100644
--- a/testData/templates/footer.html
+++ b/testData/templates/footer.html
@@ -1,4 +1,4 @@
-{{ define "footer" }}
+{{define "footer"}}
</body>
</html>
-{{ end }}
+{{end}} \ No newline at end of file
diff --git a/testData/templates/header.html b/testData/templates/header.html
new file mode 100644
index 0000000..f3c546f
--- /dev/null
+++ b/testData/templates/header.html
@@ -0,0 +1,11 @@
+{{define "header"}}
+<!DOCTYPE html>
+<html lang='en'>
+ <head>
+ <meta charset='utf-8'>
+ <meta name='description' content='Nirvash CMS'/>
+ <meta name='viewport' content='width=device-width,initial-scale=1'>
+ <title>Nirvash &mdash; Test</title>
+ </head>
+ <body>
+{{end}} \ No newline at end of file
diff --git a/testData/templates/login.html b/testData/templates/login.html
new file mode 100644
index 0000000..f3f740e
--- /dev/null
+++ b/testData/templates/login.html
@@ -0,0 +1,21 @@
+{{ $errorMsg := (.Context).Value "message" }}
+
+<!DOCTYPE html>
+<html lang='en'>
+ <head>
+ <meta charset='utf-8'>
+ <meta name='description' content='Nirvash CMS'/>
+ <meta name='viewport' content='width=device-width,initial-scale=1'>
+ <title>Nirvash &mdash; Login</title>
+ </head>
+ <body>
+ {{ if $errorMsg }}
+ <div class="error">{{ $errorMsg }}</div>
+ {{ end }}
+ <form action='/login' method='post'>
+ <input type="text" name="user" placeholder="user">
+ <input type="password" name="password" placeholder="password">
+ <input type="submit" value="Login">
+ </form>
+ </body>
+</html>