generated from fun-stack/example
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathauth.go
100 lines (79 loc) · 2.12 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package main
import (
"database/sql"
"math/rand"
"net/http"
"strconv"
"github.com/johnwarden/httperror"
"github.com/pkg/errors"
)
func (app app) getUserID(r *http.Request) sql.NullInt64 {
var id sql.NullInt64
cookie, err := r.Cookie("userID")
if err != nil {
if !errors.Is(err, http.ErrNoCookie) {
app.logger.Error("r.Cookie('UserID'", err)
}
return id
}
idInt, err := strconv.Atoi(cookie.Value)
if err != nil {
app.logger.Error("Parsing cookie", err)
}
id.Int64 = int64(idInt)
id.Valid = true
return id
}
type loginParams struct {
UserID sql.NullInt64
}
func (app app) loginHandler() func(http.ResponseWriter, *http.Request, loginParams) error {
return func(w http.ResponseWriter, r *http.Request, p loginParams) error {
userID := p.UserID
if !userID.Valid {
loggedInUserID := app.getUserID(r)
if loggedInUserID.Valid {
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
return nil
}
// Assign a random user ID if none specified as parameter
userID.Int64 = rand.Int63()
userID.Valid = true
}
if userID.Int64 == 0 {
return httperror.PublicErrorf(http.StatusUnauthorized, "Can't login as user 0")
}
setUserIDCookie(w, userID)
http.Redirect(w, r, "/score", http.StatusTemporaryRedirect)
return nil
}
}
func (app app) logoutHandler() func(http.ResponseWriter, *http.Request, struct{}) error {
return func(w http.ResponseWriter, r *http.Request, p struct{}) error {
var userID sql.NullInt64
setUserIDCookie(w, userID)
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
return nil
}
}
func setUserIDCookie(w http.ResponseWriter, userID sql.NullInt64) {
value := strconv.Itoa(int(userID.Int64))
maxAge := 365 * 24 * 60 * 60
if !userID.Valid {
maxAge = -1
value = ""
}
cookie := http.Cookie{
Name: "userID",
Value: value,
Path: "/",
MaxAge: maxAge,
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteLaxMode,
}
// Use the http.SetCookie() function to send the cookie to the client.
// Behind the scenes this adds a `Set-Cookie` header to the response
// containing the necessary cookie data.
http.SetCookie(w, &cookie)
}