learn-code-the-hard-way
/
zedshaw-games
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Now have a basic auth library for doing bcrypt auth.

Browse Source
main
Zed A. Shaw 16 hours ago
parent b0c4144987
commit eaaf309260
4 changed files with 69 additions and 29 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 55
      api/auth.go
  2. 34
      api/controllers.go
  3. 2
      go.mod
  4. 1
      public/login/index.html

55
api/auth.go
Unescape View File

@ -0,0 +1,55 @@
package api
import (
"golang.org/x/crypto/bcrypt"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session"
"zedshaw.games/webapp/data"
)
func CheckAuthed(c *fiber.Ctx) (bool, *session.Session, error) {
sess, err := STORE.Get(c)
if err != nil { return false, sess, err }
authed := sess.Get("authenticated") == true
return authed, sess, nil
}
func NotAuthed(err error, authed bool) bool {
return err != nil || authed == false
}
func LogoutUser(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return err }
sess.Set("authenticated", false)
err = sess.Save()
return err
}
func LoginUser(result *data.User, login *data.Login) (bool, error) {
sql, args, err := sq.Select("username, password").
From("user").Where("username=?", login.Username).ToSql()
if err != nil { return false, err }
err = data.DB.Get(result, sql, args...)
if err != nil { return false, err }
pass_good := bcrypt.CompareHashAndPassword([]byte(result.Password), []byte(login.Password))
if pass_good != nil { return false, pass_good }
return login.Username == result.Username && pass_good == nil, nil
}
func SetUserPassword(password string, user *data.User) error {
hashed, err := bcrypt.GenerateFromPassword([]byte(password), 12)
if err == nil { return err }
user.Password = string(hashed)
return nil
}

34
api/controllers.go
Unescape View File

@ -2,8 +2,8 @@ package api
import ( import (
"log" "log"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel" sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session" "github.com/gofiber/fiber/v2/middleware/session"
@ -13,25 +13,17 @@ import (
var STORE *session.Store var STORE *session.Store
func Logout(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) }
sess.Set("authenticated", false) func GetApiLogout(c *fiber.Ctx) error {
err = sess.Save() err := LogoutUser(c)
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
return c.Redirect("/") return c.Redirect("/")
} }
func GetApiStream(c *fiber.Ctx) error { func GetApiStream(c *fiber.Ctx) error {
sess, err := STORE.Get(c) authed, _, err := CheckAuthed(c)
if err != nil { return IfErrNil(err, c) } if NotAuthed(err, authed) { return IfErrNil(err, c) }
if sess.Get("authenticated") != true {
// NOTE: need my own error thing
return IfErrNil(err, c)
}
sql, args, err := sq.Select("*").From("stream").ToSql() sql, args, err := sq.Select("*").From("stream").ToSql()
err = data.SelectJson[data.Stream](c, err, sql, args...) err = data.SelectJson[data.Stream](c, err, sql, args...)
@ -58,20 +50,15 @@ func GetApiStreamIdLinks(c *fiber.Ctx) error {
} }
func PostApiLogin(c *fiber.Ctx) error { func PostApiLogin(c *fiber.Ctx) error {
var result data.User var user data.User
login, err := ReceivePost[data.Login](c) login, err := ReceivePost[data.Login](c)
if(err != nil) { return IfErrNil(err, c) } if(err != nil) { return IfErrNil(err, c) }
sql, args, err := sq.Select("username, password"). pass_good, err := LoginUser(&user, login)
From("user").Where("username=?", login.Username).ToSql()
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
err = data.DB.Get(&result, sql, args...) if pass_good {
if err != nil { return IfErrNil(err, c) }
if login.Username == result.Username && login.Password == result.Password {
sess, err := STORE.Get(c) sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
@ -103,12 +90,11 @@ func PostApiLink(c *fiber.Ctx) error {
return IfErrNil(err, c) return IfErrNil(err, c)
} }
func Setup(app *fiber.App) { func Setup(app *fiber.App) {
STORE = session.New() STORE = session.New()
app.Get("/api/stream/", GetApiStream) app.Get("/api/stream", GetApiStream)
app.Get("/api/logout/", Logout) app.Get("/api/logout", GetApiLogout)
app.Get("/api/stream/:id", GetApiStreamId) app.Get("/api/stream/:id", GetApiStreamId)
app.Get("/api/stream/:id/links", GetApiStreamIdLinks) app.Get("/api/stream/:id/links", GetApiStreamIdLinks)
app.Post("/api/login", PostApiLogin) app.Post("/api/login", PostApiLogin)

2
go.mod
Unescape View File

@ -11,6 +11,7 @@ require (
github.com/jmoiron/sqlx v1.4.0 github.com/jmoiron/sqlx v1.4.0
github.com/mattn/go-sqlite3 v1.14.28 github.com/mattn/go-sqlite3 v1.14.28
github.com/stretchr/testify v1.10.0 github.com/stretchr/testify v1.10.0
golang.org/x/crypto v0.39.0
) )
require ( require (
@ -95,7 +96,6 @@ require (
go.opentelemetry.io/otel v1.35.0 // indirect go.opentelemetry.io/otel v1.35.0 // indirect
go.opentelemetry.io/otel/trace v1.35.0 // indirect go.opentelemetry.io/otel/trace v1.35.0 // indirect
go.uber.org/multierr v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b // indirect golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b // indirect
golang.org/x/mod v0.25.0 // indirect golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.41.0 // indirect golang.org/x/net v0.41.0 // indirect

1
public/login/index.html
Unescape View File

@ -8,7 +8,6 @@
<title>ZedShaw's Game Thing</title> <title>ZedShaw's Game Thing</title>
</head> </head>
<body data-testid="login-page"> <body data-testid="login-page">
<header> <header>
<a href="/">🏡</a> <span>Zed's Game Dev Website Yay</span> <a href="/">🏡</a> <span>Zed's Game Dev Website Yay</span>

Write Preview
Loading…
Cancel
Save