rnsrk/wisski-cloud-distillery
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update URL routes

Browse source
This commit is contained in:
Tom Wiesing 2023-01-03 13:02:42 +01:00
parent dab7a5c4ae
commit b3039768af
No known key found for this signature in database
21 changed files with 152 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/dis/component/auth/auth.go
View file

@ -27,7 +27,7 @@ var (
_ component.Routeable = (*Auth)(nil)
)
func (auth *Auth) Routes() []string { return []string{"/auth/"} }
func (auth *Auth) Routes() []string { return []string{"/user/"} }
func (auth *Auth) HandleRoute(ctx context.Context, route string) (http.Handler, error) {
router := httprouter.New()

2
internal/dis/component/auth/protect.go
View file

@ -33,7 +33,7 @@ func (auth *Auth) Protect(handler http.Handler, perm Permission) http.Handler {
}
// redirect the user to the login endpoint, with the original URI as a return
dest := "/auth/login?next=" + url.QueryEscape(r.URL.RequestURI())
dest := "/user/login?next=" + url.QueryEscape(r.URL.RequestURI())
http.Redirect(w, r, dest, http.StatusSeeOther)
return
}

3
internal/dis/component/auth/routes.go
View file

@ -49,7 +49,8 @@ func (auth *Auth) authPassword(ctx context.Context) http.Handler {
CSRF: auth.csrf.Get(nil),
RenderTemplate: passwordTemplate,
RenderTemplate: passwordTemplate,
RenderTemplateContext: auth.UserFormContext,
Validate: func(r *http.Request, values map[string]string) (struct{}, error) {
old, passcode, new, new2 := values["old"], values["passcode"], values["new"], values["new2"]

30
internal/dis/component/auth/templates/home.html
View file

@ -1,20 +1,16 @@
{{ template "_base.html" . }}
{{ define "title" }}Distillery User{{ end }}
{{ define "title" }}User{{ end }}
{{ define "header/time" }}
<!-- no header/time -->
{{ end }}
{{ define "header"}}
<!-- no header -->
<p>
<a class="pure-button pure-button-primary" href="/user/">{{ .User.User }}</a>
</p>
<p>
<a class="pure-button pure-button-small" href="/user/logout/">Logout</a>
</p>
{{ end }}
{{ define "content" }}
<div class="pure-u-1">
Welcome {{ .User.User }}!
<a class="pure-button pure-button-small" href="/auth/logout/">Logout</a>
<hr />
</div>
<div class="pure-u-1">
<p>
{{ if .User.Admin }}
@ -29,11 +25,11 @@
{{ end }}
</p>
<div class="pure-button-group" role="group" role="Actions">
<a class="pure-button" href="/auth/password/">Change Password</a>
<a class="pure-button" href="/user/password/">Change Password</a>
{{ if .User.TOTPEnabled }}
<a class="pure-button" href="/auth/totp/disable/">Disable TOTP</a>
<a class="pure-button" href="/user/totp/disable/">Disable TOTP</a>
{{ else }}
<a class="pure-button" href="/auth/totp/enable/">Enable TOTP</a>
<a class="pure-button" href="/user/totp/enable/">Enable TOTP</a>
{{ end }}
</div>
<hr />
@ -43,11 +39,13 @@
<div class="pure-u-1">
{{ if (not .User.TOTPEnabled) }}
<div>
TOTP is required to access these.
<p class="error-message">
TOTP is required to access these.
</p>
</div>
{{ end }}
<div class="pure-button-group" role="group" role="Actions">
<a class="pure-button" href="/dis/">Distillery Control Page</a>
<a class="pure-button" href="/admin/">Distillery Admin Page</a>
</div>
<hr />
</div>

14
internal/dis/component/auth/templates/password.html
View file

@ -1,9 +1,13 @@
{{ template "_form.html" . }}
{{ define "form/title" }}Change Password{{ end }}
{{ define "form/button" }}Update{{ end }}
{{ define "form/extra" }}
<div>
<a class="pure-button" href="/auth/">Back</a>
<hr />
</div>
{{ define "header"}}
<p>
<a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
<a class="pure-button pure-button-primary" href="/user/password/">Change Password</a>
</p>
<p>
<a class="pure-button pure-button-small" href="/user/logout/">Logout</a>
</p>
{{ end }}

15
internal/dis/component/auth/templates/totp_disable.html
View file

@ -1,12 +1,17 @@
{{ template "_form.html" . }}
{{ define "form/title" }}Disable TOTP{{ end }}
{{ define "form/button" }}Disable{{ end }}
{{ define "form/extra" }}
<div>
<a class="pure-button" href="/auth/">Back</a>
<hr />
</div>
{{ define "header"}}
<p>
<a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
<a class="pure-button pure-button-primary" href="/user/totp/disable/">Disable TOTP</a>
</p>
<p>
<a class="pure-button pure-button-small" href="/user/logout/">Logout</a>
</p>
{{ end }}
{{ define "form/inside" }}
<div>
<ul>

13
internal/dis/component/auth/templates/totp_enable.html
View file

@ -1,11 +1,14 @@
{{ template "_form.html" . }}
{{ define "form/title" }}Enable TOTP{{ end }}
{{ define "form/button" }}Enable{{ end }}
{{ define "form/extra" }}
<div>
<a class="pure-button" href="/auth/">Back</a>
<hr />
</div>
{{ define "header"}}
<p>
<a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
<a class="pure-button pure-button-primary" href="/user/totp/enable/">Enable TOTP</a>
</p>
<p>
<a class="pure-button pure-button-small" href="/user/logout/">Logout</a>
</p>
{{ end }}
{{ define "form/inside" }}
<div>

13
internal/dis/component/auth/templates/totp_enroll.html
View file

@ -1,11 +1,14 @@
{{ template "_form.html" . }}
{{ define "form/title" }}Enable TOTP{{ end }}
{{ define "form/button" }}Enable{{ end }}
{{ define "form/extra" }}
<div>
<a class="pure-button" href="/auth/">Back</a>
<hr />
</div>
{{ define "header" }}
<p>
<a class="pure-button" href="/user/">{{ .User.User }}</a> &gt;
<a class="pure-button pure-button-primary" href="/user/totp/enroll/">Enroll TOTP</a>
</p>
<p>
<a class="pure-button pure-button-small" href="/user/logout/">Logout</a>
</p>
{{ end }}
{{ define "form/inside" }}
<div>

24
internal/dis/component/auth/totp.go
View file

@ -28,7 +28,9 @@ func (auth *Auth) authTOTPEnable(ctx context.Context) http.Handler {
user, err := auth.UserOf(r)
return struct{}{}, err == nil && user != nil && user.TOTPEnabled
},
RenderTemplate: totpEnableTemplate,
RenderTemplate: totpEnableTemplate,
RenderTemplateContext: auth.UserFormContext,
Validate: func(r *http.Request, values map[string]string) (struct{}, error) {
password := values["password"]
@ -55,7 +57,7 @@ func (auth *Auth) authTOTPEnable(ctx context.Context) http.Handler {
},
RenderSuccess: func(_ struct{}, values map[string]string, w http.ResponseWriter, r *http.Request) error {
http.Redirect(w, r, "/auth/totp/enroll", http.StatusSeeOther)
http.Redirect(w, r, "/user/totp/enroll", http.StatusSeeOther)
return nil
},
}
@ -66,7 +68,7 @@ var totpEnrollStr string
var totpEnrollTemplate = static.AssetsAuthLogin.MustParseShared("totp_enroll.html", totpEnrollStr)
type totpEnrollContext struct {
httpx.FormContext
userFormContext
TOTPImage template.URL
TOTPURL template.URL
}
@ -86,11 +88,16 @@ func (auth *Auth) authTOTPEnroll(ctx context.Context) http.Handler {
return struct{}{}, user != nil && user.TOTPEnabled
},
RenderForm: func(context httpx.FormContext, w http.ResponseWriter, r *http.Request) {
user, err := auth.UserOf(r)
ctx := totpEnrollContext{
FormContext: context,
userFormContext: userFormContext{
FormContext: context,
},
}
if user, err := auth.UserOf(r); err == nil && user != nil {
if err == nil && user != nil {
ctx.userFormContext.User = &user.User
secret, err := user.TOTP()
if err == nil {
img, _ := TOTPLink(secret, 500, 500)
@ -127,7 +134,7 @@ func (auth *Auth) authTOTPEnroll(ctx context.Context) http.Handler {
},
RenderSuccess: func(_ struct{}, values map[string]string, w http.ResponseWriter, r *http.Request) error {
http.Redirect(w, r, "/auth/", http.StatusSeeOther)
http.Redirect(w, r, "/user/", http.StatusSeeOther)
return nil
},
}
@ -151,7 +158,8 @@ func (auth *Auth) authTOTPDisable(ctx context.Context) http.Handler {
user, _ := auth.UserOf(r)
return struct{}{}, user != nil && !user.TOTPEnabled
},
RenderTemplate: totpDisableTemplate,
RenderTemplate: totpDisableTemplate,
RenderTemplateContext: auth.UserFormContext,
Validate: func(r *http.Request, values map[string]string) (struct{}, error) {
password, passcode := values["password"], values["passcode"]
@ -178,7 +186,7 @@ func (auth *Auth) authTOTPDisable(ctx context.Context) http.Handler {
},
RenderSuccess: func(_ struct{}, values map[string]string, w http.ResponseWriter, r *http.Request) error {
http.Redirect(w, r, "/auth/", http.StatusSeeOther)
http.Redirect(w, r, "/user/", http.StatusSeeOther)
return nil
},
}

17
internal/dis/component/auth/user.go
View file

@ -7,8 +7,10 @@ import (
"errors"
"fmt"
"image/png"
"net/http"
"github.com/FAU-CDI/wisski-distillery/internal/models"
"github.com/FAU-CDI/wisski-distillery/pkg/httpx"
"github.com/pquerna/otp"
"github.com/pquerna/otp/totp"
"golang.org/x/crypto/bcrypt"
@ -288,3 +290,18 @@ func (au *AuthUser) Delete(ctx context.Context) error {
return table.Delete(&au.User).Error
}
type userFormContext struct {
httpx.FormContext
User *models.User
}
func (au *Auth) UserFormContext(ctx httpx.FormContext, r *http.Request) any {
user, err := au.UserOf(r)
uctx := userFormContext{FormContext: ctx}
if err == nil {
uctx.User = &user.User
}
return uctx
}