diff options
| author | Melonai <einebeere@gmail.com> | 2021-07-26 23:50:43 +0200 |
|---|---|---|
| committer | Melonai <einebeere@gmail.com> | 2021-07-26 23:50:43 +0200 |
| commit | 175da8f22cd791e81338fe61e6099125868cf5a0 (patch) | |
| tree | 91a234d8aafd54be34aae5ff5b948b34e52fb020 /handlers/portgate.go | |
| parent | 83a8214119eccb39f4c38e7b1ae54daebdeb0184 (diff) | |
| download | portgate-175da8f22cd791e81338fe61e6099125868cf5a0.tar.zst portgate-175da8f22cd791e81338fe61e6099125868cf5a0.zip | |
Basic Authentication and Authorization
Diffstat (limited to 'handlers/portgate.go')
| -rw-r--r-- | handlers/portgate.go | 43 |
1 files changed, 40 insertions, 3 deletions
diff --git a/handlers/portgate.go b/handlers/portgate.go index f53f3c9..6e002e7 100644 --- a/handlers/portgate.go +++ b/handlers/portgate.go @@ -2,7 +2,9 @@ package handlers import ( "github.com/valyala/fasthttp" + "net/http" "portgate" + "time" ) // handlePortgateRequest handles all Portgate specific request for either showing Portgate @@ -32,14 +34,49 @@ func (h *RequestHandler) handlePortgateIndexRequest(ctx *fasthttp.RequestCtx) { // handlePortgatePageRequest renders the Portgate page with either the authentication page or // a basic information page. func (h *RequestHandler) handlePortgatePageRequest(ctx *fasthttp.RequestCtx) { - // We render the page template and pass it to the user. ctx.Response.Header.SetContentType("text/html") - err := h.templates.ExecuteTemplate(ctx, "authenticate.template.html", nil) + + var err error + + // We render the page template and pass it to the user. + if portgate.VerifyTokenFromCookie(h.config, ctx) { + // User is authenticated, show the information page + err = h.templates.ExecuteTemplate(ctx, "information.template.html", nil) + } else { + // Show the authentication page + err = h.templates.ExecuteTemplate(ctx, "authenticate.template.html", nil) + } + if err != nil { h.handleError(ctx) } } func (h *RequestHandler) handleAuthenticateRequest(ctx *fasthttp.RequestCtx) { - // TODO + + givenKey := ctx.PostArgs().Peek("key") + if givenKey == nil || !h.config.CheckKey(string(givenKey)) { + ctx.Error("Wrong key.", http.StatusUnauthorized) + return + } + + token, err := portgate.CreateToken(h.config, string(givenKey)) + if err != nil { + h.handleError(ctx) + } + + cookie := fasthttp.AcquireCookie() + defer fasthttp.ReleaseCookie(cookie) + + cookie.SetExpire(portgate.GetExpirationDateFrom(time.Now())) + cookie.SetSameSite(fasthttp.CookieSameSiteStrictMode) + cookie.SetHTTPOnly(true) + cookie.SetKey("_portgate_token") + cookie.SetValue(token) + + ctx.Response.Header.SetCookie(cookie) + + // TODO: Redirect to previously request path. + // http.StatusFound redirects a POST request to a GET request. + ctx.Redirect("/_portgate", http.StatusFound) } |