diff options
Diffstat (limited to 'handler/web')
-rw-r--r-- | handler/web/login.go | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/handler/web/login.go b/handler/web/login.go new file mode 100644 index 0000000..0c70b56 --- /dev/null +++ b/handler/web/login.go @@ -0,0 +1,83 @@ +package web + +import ( + "fmt" + "html/template" + "log" + "net/http" + "time" + + "tildegit.org/andinus/perseus/auth" + "tildegit.org/andinus/perseus/auth/token" + "tildegit.org/andinus/perseus/core" + "tildegit.org/andinus/perseus/storage/sqlite3" +) + +// HandleLogin handles /login pages. +func HandleLogin(w http.ResponseWriter, r *http.Request, db *sqlite3.DB) { + p := Page{Version: core.Version()} + error := []string{} + success := []string{} + + switch r.Method { + case http.MethodGet: + t, _ := template.ParseFiles("web/login.html") + t.Execute(w, p) + + case http.MethodPost: + if err := r.ParseForm(); err != nil { + log.Printf("web/login.go: 400 Bad Request :: %s", err.Error()) + http.Error(w, "400 Bad Request", http.StatusBadRequest) + return + } + + // Get form values + uInfo := make(map[string]string) + uInfo["username"] = r.FormValue("username") + uInfo["password"] = r.FormValue("password") + + // Perform authentication + err := auth.Login(db, uInfo) + + if err != nil { + log.Printf("web/login.go: %s :: %s :: %s", + "login failed", + uInfo["username"], + err.Error()) + + error = append(error, + fmt.Sprintf("Login failed")) + + p.Error = error + } else { + success = append(success, + fmt.Sprintf("Login successful")) + p.Success = success + + // Set token if login was successful. + token, err := token.AddToken(db, uInfo) + if err != nil { + log.Printf("web/login.go: %s :: %s :: %s", + "token generation failed", + uInfo["username"], + err.Error()) + + error = append(error, + fmt.Sprintf("Token generation failed")) + } + // If token was generated then ask browser to + // set it as cookie. + expiration := time.Now().Add(1 * 24 * time.Hour) + cookie := http.Cookie{Name: "token", Value: token, Expires: expiration} + http.SetCookie(w, &cookie) + } + + t, _ := template.ParseFiles("web/login.html") + t.Execute(w, p) + + default: + w.WriteHeader(http.StatusMethodNotAllowed) + log.Printf("web/login.go: %v not allowed on %v", r.Method, r.URL) + } + +} |