127 lines
3.4 KiB
Go
127 lines
3.4 KiB
Go
package handlers
|
|
|
|
import (
|
|
"log"
|
|
"net/http"
|
|
"time"
|
|
|
|
securityHelpers "license-server/helpers/security"
|
|
httpHelpers "synlotto-website/helpers/http"
|
|
templateHelpers "synlotto-website/helpers/template"
|
|
"synlotto-website/models"
|
|
"synlotto-website/storage"
|
|
|
|
"github.com/gorilla/csrf"
|
|
)
|
|
|
|
func Login(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method == http.MethodGet {
|
|
session, _ := httpHelpers.GetSession(w, r)
|
|
if _, ok := session.Values["user_id"].(int); ok {
|
|
http.Redirect(w, r, "/", http.StatusSeeOther)
|
|
return
|
|
}
|
|
tmpl := templateHelpers.LoadTemplateFiles("login.html", "templates/account/login.html")
|
|
|
|
context := templateHelpers.TemplateContext(w, r, models.TemplateData{})
|
|
context["csrfField"] = csrf.TemplateField(r)
|
|
|
|
err := tmpl.ExecuteTemplate(w, "layout", context)
|
|
if err != nil {
|
|
log.Println("❌ Template render error:", err)
|
|
http.Error(w, "Error rendering login page", http.StatusInternalServerError) // Take hte flash message from licnse server this just does a black page also should be using db ahain see licvense server
|
|
}
|
|
return
|
|
}
|
|
|
|
username := r.FormValue("username")
|
|
password := r.FormValue("password")
|
|
|
|
user := models.GetUserByUsername(username)
|
|
if user == nil || !securityHelpers.CheckPasswordHash(user.PasswordHash, password) {
|
|
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
session, _ := httpHelpers.GetSession(w, r)
|
|
|
|
for k := range session.Values {
|
|
delete(session.Values, k)
|
|
}
|
|
|
|
session.Values["user_id"] = user.Id
|
|
session.Values["last_activity"] = time.Now()
|
|
|
|
remember := r.FormValue("remember") == "on"
|
|
if remember {
|
|
session.Options.MaxAge = 60 * 60 * 24 * 30
|
|
} else {
|
|
session.Options.MaxAge = 0
|
|
}
|
|
|
|
err := session.Save(r, w)
|
|
if err != nil {
|
|
log.Println("❌ Failed to save session:", err)
|
|
} else {
|
|
log.Printf("✅ Login saved: user_id=%d, maxAge=%d", user.Id, session.Options.MaxAge)
|
|
for _, c := range r.Cookies() {
|
|
log.Printf("🍪 Cookie after login: %s = %s", c.Name, c.Value)
|
|
}
|
|
}
|
|
|
|
if user == nil || !securityHelpers.CheckPasswordHash(user.PasswordHash, password) {
|
|
storage.LogLoginAttempt(username, false)
|
|
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
storage.LogLoginAttempt(username, true)
|
|
|
|
http.Redirect(w, r, "/", http.StatusSeeOther)
|
|
}
|
|
|
|
func Logout(w http.ResponseWriter, r *http.Request) {
|
|
session, _ := httpHelpers.GetSession(w, r)
|
|
|
|
for k := range session.Values {
|
|
delete(session.Values, k)
|
|
}
|
|
|
|
session.Values["flash"] = "You've been logged out."
|
|
session.Options.MaxAge = 5
|
|
|
|
err := session.Save(r, w)
|
|
if err != nil {
|
|
log.Println("❌ Logout session save failed:", err)
|
|
}
|
|
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
}
|
|
|
|
func Signup(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method == http.MethodGet {
|
|
tmpl := templateHelpers.LoadTemplateFiles("signup.html", "templates/account/signup.html")
|
|
|
|
tmpl.ExecuteTemplate(w, "layout", map[string]interface{}{
|
|
"csrfField": csrf.TemplateField(r),
|
|
})
|
|
return
|
|
}
|
|
|
|
username := r.FormValue("username")
|
|
password := r.FormValue("password")
|
|
|
|
hashed, err := securityHelpers.HashPassword(password)
|
|
if err != nil {
|
|
http.Error(w, "Server error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
err = models.CreateUser(username, hashed)
|
|
if err != nil {
|
|
http.Error(w, "Could not create user", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
}
|