103 lines
2.6 KiB
Go
103 lines
2.6 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
_ "embed"
|
|
"errors"
|
|
"html/template"
|
|
"net/http"
|
|
|
|
"github.com/FAU-CDI/wisski-distillery/internal/dis/component/control/static"
|
|
"github.com/FAU-CDI/wisski-distillery/pkg/httpx"
|
|
)
|
|
|
|
//go:embed "templates/home.html"
|
|
var homeHTMLStr string
|
|
var homeTemplate = static.AssetsAuthHome.MustParseShared(
|
|
"home.html",
|
|
homeHTMLStr,
|
|
)
|
|
|
|
func (auth *Auth) authHome(ctx context.Context) http.Handler {
|
|
return auth.Protect(&httpx.HTMLHandler[*AuthUser]{
|
|
Handler: auth.UserOf,
|
|
Template: homeTemplate,
|
|
}, nil)
|
|
}
|
|
|
|
//go:embed "templates/password.html"
|
|
var passwordHTMLString string
|
|
var passwordTemplate = static.AssetsAuthLogin.MustParseShared("password.html", passwordHTMLString)
|
|
|
|
type authpasswordContext struct {
|
|
Message string
|
|
Form template.HTML
|
|
}
|
|
|
|
var (
|
|
errPasswordsNotIdentical = errors.New("passwords are not identical")
|
|
errPasswordIsEmpty = errors.New("password is empty")
|
|
errPasswordIncorrect = errors.New("old password is not correct")
|
|
errPasswordSetFailure = errors.New("error saving new password")
|
|
errPasswordSet = errors.New("password was updated")
|
|
)
|
|
|
|
func (auth *Auth) authPassword(ctx context.Context) http.Handler {
|
|
return &httpx.Form[struct{}]{
|
|
Fields: []httpx.Field{
|
|
{Name: "old", Type: httpx.PasswordField, EmptyOnError: true, Label: "Current Password"},
|
|
{Name: "new", Type: httpx.PasswordField, EmptyOnError: true, Label: "New Password"},
|
|
{Name: "new2", Type: httpx.PasswordField, EmptyOnError: true, Label: "New Password (again)"},
|
|
},
|
|
FieldTemplate: httpx.PureCSSFieldTemplate,
|
|
|
|
CSRF: auth.csrf.Get(nil),
|
|
|
|
RenderForm: func(template template.HTML, err error, w http.ResponseWriter, r *http.Request) {
|
|
ctx := authpasswordContext{
|
|
Message: "",
|
|
Form: template,
|
|
}
|
|
if err != nil {
|
|
ctx.Message = err.Error()
|
|
}
|
|
httpx.WriteHTML(ctx, nil, passwordTemplate, "", w, r)
|
|
},
|
|
|
|
Validate: func(r *http.Request, values map[string]string) (struct{}, error) {
|
|
old, new, new2 := values["old"], values["new"], values["new2"]
|
|
|
|
if new != new2 {
|
|
return struct{}{}, errPasswordsNotIdentical
|
|
}
|
|
|
|
if new == "" {
|
|
return struct{}{}, errPasswordIsEmpty
|
|
}
|
|
|
|
user, err := auth.UserOf(r)
|
|
if err != nil {
|
|
return struct{}{}, err
|
|
}
|
|
|
|
{
|
|
err := user.CheckPassword(r.Context(), []byte(old))
|
|
if err != nil {
|
|
return struct{}{}, errPasswordIncorrect
|
|
}
|
|
}
|
|
{
|
|
err := user.SetPassword(r.Context(), []byte(new))
|
|
if err != nil {
|
|
return struct{}{}, errPasswordSetFailure
|
|
}
|
|
}
|
|
|
|
return struct{}{}, nil
|
|
},
|
|
|
|
RenderSuccess: func(_ struct{}, values map[string]string, w http.ResponseWriter, r *http.Request) error {
|
|
return errPasswordSet
|
|
},
|
|
}
|
|
}
|