learn-code-the-hard-way
/
zedshaw-games
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

Managed to get a simple and NOT SECURE login system going.

Browse Source
main
Zed A. Shaw 2 weeks ago
parent 75b1eb1edb
commit 3bd8d38847
7 changed files with 61 additions and 21 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      Makefile
  2. 32
      api/auth.go
  3. 18
      api/handlers.go
  4. 1
      go.mod
  5. 1
      go.sum
  6. 14
      main.go
  7. 14
      pages/layouts/main.html

2
Makefile
Unescape View File

@ -5,7 +5,7 @@ ifeq '$(OS)' 'Windows_NT'
endif endif
build: site build:
go build . go build .
site: site:

32
api/auth.go
Unescape View File

@ -1,7 +1,9 @@
package api package api
import ( import (
"errors"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
"log"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
@ -9,17 +11,35 @@ import (
"github.com/gofiber/fiber/v2/middleware/session" "github.com/gofiber/fiber/v2/middleware/session"
"zedshaw.games/webapp/data" "zedshaw.games/webapp/data"
"zedshaw.games/webapp/config"
) )
func CheckAuthed(c *fiber.Ctx) (bool, *session.Session, error) { func IsAdmin(user *data.User) bool {
return user.Username == config.Settings.Admin
}
func CheckAuthed(c *fiber.Ctx, needs_admin bool) (*session.Session, error) {
sess, err := STORE.Get(c) sess, err := STORE.Get(c)
if err != nil { return false, sess, err } if err != nil { return sess, err }
// BUG: this has to come from the databse, just temporary
admin := sess.Get("admin") == true
authed := sess.Get("authenticated") == true authed := sess.Get("authenticated") == true
return authed, sess, nil
}
func NotAuthed(err error, authed bool) bool { log.Printf("session admin=%v, session authed=%v, needs_admin = %v", admin, authed, needs_admin)
return err != nil || authed == false
if needs_admin {
authed = admin && authed
log.Printf("after needs_admin block: authed=%v", authed)
}
if authed {
log.Println("user is authed, return nil and sess")
return sess, nil
} else {
log.Println("user is NOT authed, return error")
return sess, errors.New("Authentication, permission failure")
}
} }
func LogoutUser(c *fiber.Ctx) error { func LogoutUser(c *fiber.Ctx) error {

18
api/handlers.go
Unescape View File

@ -23,8 +23,8 @@ func GetApiLogout(c *fiber.Ctx) error {
} }
func GetApiStream(c *fiber.Ctx) error { func GetApiStream(c *fiber.Ctx) error {
authed, _, err := CheckAuthed(c) _, err := CheckAuthed(c, false)
if NotAuthed(err, authed) { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
sql, args, err := sq.Select("*").From("stream").ToSql() sql, args, err := sq.Select("*").From("stream").ToSql()
err = data.SelectJson[data.Stream](c, err, sql, args...) err = data.SelectJson[data.Stream](c, err, sql, args...)
@ -80,7 +80,9 @@ func PostApiLogin(c *fiber.Ctx) error {
sess, err := STORE.Get(c) sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
// BUG: THIS IS A BIG NO NO, just for getting going
sess.Set("authenticated", true) sess.Set("authenticated", true)
sess.Set("admin", IsAdmin(&user))
err = sess.Save() err = sess.Save()
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
@ -94,20 +96,20 @@ func PostApiLink(c *fiber.Ctx) error {
var sql string var sql string
var args []interface{} var args []interface{}
_, err := CheckAuthed(c, false)
if err != nil { return c.Redirect("/login/") }
link, err := ReceivePost[data.Link](c) link, err := ReceivePost[data.Link](c)
if err != nil { goto fail } if err != nil { return IfErrNil(err, c) }
sql, args, err = sq.Insert("stream_blah"). sql, args, err = sq.Insert("stream_link").
Columns("stream_id", "url", "description"). Columns("stream_id", "url", "description").
Values(link.StreamId, link.Url, link.Description).ToSql() Values(link.StreamId, link.Url, link.Description).ToSql()
err = data.Exec(err, sql, args...) err = data.Exec(err, sql, args...)
if(err != nil) { goto fail } if(err != nil) { return IfErrNil(err, c) }
return c.Redirect("/live/") return c.Redirect("/live/")
fail:
return IfErrNil(err, c)
} }

1
go.mod
Unescape View File

@ -3,6 +3,7 @@ module zedshaw.games/webapp
go 1.24.2 go 1.24.2
require ( require (
github.com/BurntSushi/toml v0.3.1
github.com/Masterminds/squirrel v1.5.4 github.com/Masterminds/squirrel v1.5.4
github.com/chromedp/chromedp v0.13.6 github.com/chromedp/chromedp v0.13.6
github.com/go-playground/validator/v10 v10.26.0 github.com/go-playground/validator/v10 v10.26.0

1
go.sum
Unescape View File

@ -18,6 +18,7 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mx
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 h1:+tu3HOoMXB7RXEINRVIpxJCT+KdYiI7LAEAUrOw3dIU= github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69 h1:+tu3HOoMXB7RXEINRVIpxJCT+KdYiI7LAEAUrOw3dIU=
github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69/go.mod h1:L1AbZdiDllfyYH5l5OkAaZtk7VkWe89bPJFmnDBNHxg= github.com/BurntSushi/locker v0.0.0-20171006230638-a6e239ea1c69/go.mod h1:L1AbZdiDllfyYH5l5OkAaZtk7VkWe89bPJFmnDBNHxg=
github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/ClickHouse/ch-go v0.65.1 h1:SLuxmLl5Mjj44/XbINsK2HFvzqup0s6rwKLFH347ZhU= github.com/ClickHouse/ch-go v0.65.1 h1:SLuxmLl5Mjj44/XbINsK2HFvzqup0s6rwKLFH347ZhU=
github.com/ClickHouse/ch-go v0.65.1/go.mod h1:bsodgURwmrkvkBe5jw1qnGDgyITsYErfONKAHn05nv4= github.com/ClickHouse/ch-go v0.65.1/go.mod h1:bsodgURwmrkvkBe5jw1qnGDgyITsYErfONKAHn05nv4=

14
main.go
Unescape View File

@ -14,17 +14,21 @@ import (
"zedshaw.games/webapp/api" "zedshaw.games/webapp/api"
"zedshaw.games/webapp/data" "zedshaw.games/webapp/data"
"zedshaw.games/webapp/config"
) )
func main() { func main() {
config.Load("config.toml")
log.Printf("ADMIN is %s", config.Settings.Admin)
log.SetFlags(log.LstdFlags | log.Lshortfile) log.SetFlags(log.LstdFlags | log.Lshortfile)
engine := html.New("./views", ".html") engine := html.New(config.Settings.Views, ".html")
app := fiber.New(fiber.Config{ app := fiber.New(fiber.Config{
Views: engine, Views: engine,
ViewsLayout: "layouts/main", ViewsLayout: config.Settings.Layouts,
CaseSensitive: true, CaseSensitive: true,
StrictRouting: true, StrictRouting: true,
}) })
@ -33,11 +37,11 @@ func main() {
app.Use(recov.New()) app.Use(recov.New())
api.Setup(app) api.Setup(app)
data.Setup("sqlite3", "db.sqlite3") data.Setup(config.Settings.Database.Driver, config.Settings.Database.Url)
// this sets up graceful shutdown // this sets up graceful shutdown
go func() { go func() {
if err := app.Listen(":5001"); err != nil { if err := app.Listen(config.Settings.Port); err != nil {
log.Panic(err) log.Panic(err)
} }
}() }()

14
pages/layouts/main.html
Unescape View File

@ -26,7 +26,19 @@
{{embed}} {{embed}}
<footer> <footer>
<h1>Footer</h1> <blockstart style="--value: 0; --text: 9">
<block class="horizontal">
<shape style="--w: 200px; --h: 250px">Zed Pic</shape>
<div>
<h3>About Me</h3>
<p>Blah blah about me.</p>
</div>
<div>
<h3>Other Projects</h3>
<p>Some other links to stuff.</p>
</div>
</block>
</blockstart>
</footer> </footer>
</body> </body>
</html> </html>

Write Preview
Loading…
Cancel
Save