Add login and auth

2024-01-16 22:15:26 +01:00
parent f92e22f142
commit 0fd45ea2bd
7 changed files with 206 additions and 46 deletions
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ b/.idea/inspectionProfiles/Project_Default.xml
@@ -4,10 +4,11 @@
    <inspection_tool class="HtmlUnknownAttribute" enabled="true" level="WARNING" enabled_by_default="true">
      <option name="myValues">
        <value>
-          <list size="3">
+          <list size="4">
            <item index="0" class="java.lang.String" itemvalue="hx-get" />
            <item index="1" class="java.lang.String" itemvalue="hx-target" />
            <item index="2" class="java.lang.String" itemvalue="hx-vals" />
+            <item index="3" class="java.lang.String" itemvalue="hx-post" />
          </list>
        </value>
      </option>
--- a/go.mod
+++ b/go.mod
@@ -17,6 +17,8 @@ require (
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/sessions v1.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
--- a/go.sum
+++ b/go.sum
@@ -27,6 +27,10 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
+github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
+github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
--- a/main.go
+++ b/main.go
@@ -4,17 +4,27 @@ import (
 	"InfrantrySkillCalculator/controllers"
 	"InfrantrySkillCalculator/models"
 	"InfrantrySkillCalculator/utils"
+	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/gorilla/sessions"
+	_ "github.com/gorilla/sessions"
+	"golang.org/x/crypto/bcrypt"
 	"html/template"
 	"io"
 	"log"
+	"net/http"
 	"os"
 )

+var store = sessions.NewCookieStore([]byte("f0q0qew0!)§(ds9713lsda231"))
+
 func main() {
 	//gin.SetMode(gin.ReleaseMode) // uncomment upon release

 	router := gin.New()
+	router.LoadHTMLGlob("templates/**/*")
+	protected := router.Group("/")
+	protected.Use(AuthRequired())

 	models.ConnectDatabase()

@@ -27,7 +37,32 @@ func main() {

 	router.Static("/static", "./static")

-	router.GET("/", func(c *gin.Context) {
+	router.GET("/login", loginPage)
+	router.POST("/login", loginPost)
+	router.GET("/logout", logout)
+
+	protected.GET("/", mainPage)
+
+	protected.GET("/clans", controllers.GetAllClans)
+	protected.GET("/clans_html", controllers.GetAllClansHTML)
+	protected.GET("/clan/:id", controllers.GetClanByID)
+	protected.POST("/clan", controllers.AddClan)
+	protected.PATCH("/clan/:id", controllers.UpdateClanByID)
+	protected.DELETE("/clan/:id", controllers.DeleteClanByID)
+
+	protected.GET("/players", controllers.GetAllPlayers)
+	protected.GET("/players_html", controllers.GetPlayersByClanHTML)
+	protected.GET("/player/:id", controllers.GetPlayerByID)
+	protected.GET("/playerid/:name", controllers.GetPlayerIDByName)
+	protected.POST("/player", controllers.AddPlayer)
+	protected.PATCH("/player/:id", controllers.UpdatePlayerByID)
+	protected.DELETE("/player/:id", controllers.DeletePlayerByID)
+
+	log.Println("Running on 8000...")
+	log.Fatal(router.Run(":8000"))
+}
+
+func mainPage(c *gin.Context) {
 	files := []string{
 		"./templates/index.html",
 		"./templates/components/home_clan_bar.html",
@@ -44,6 +79,9 @@ func main() {
 		"./templates/components/header.html",
 	}
 	tmpl, err := template.ParseFiles(files...)
+	if err != nil {
+		log.Fatal(err)
+	}

 	var clans []models.Clan
 	models.DB.Find(&clans)
@@ -51,31 +89,112 @@ func main() {
 	data := map[string]interface{}{
 		"clans": clans,
 	}
-		if err != nil {
-			log.Fatal(err)
-		}

 	err = tmpl.Execute(c.Writer, data)
 	if err != nil {
 		log.Fatal(err)
 	}
-	})
-
-	router.GET("/clans", controllers.GetAllClans)
-	router.GET("/clans_html", controllers.GetAllClansHTML)
-	router.GET("/clan/:id", controllers.GetClanByID)
-	router.POST("/clan", controllers.AddClan)
-	router.PATCH("/clan/:id", controllers.UpdateClanByID)
-	router.DELETE("/clan/:id", controllers.DeleteClanByID)
-
-	router.GET("/players", controllers.GetAllPlayers)
-	router.GET("/players_html", controllers.GetPlayersByClanHTML)
-	router.GET("/player/:id", controllers.GetPlayerByID)
-	router.GET("/playerid/:name", controllers.GetPlayerIDByName)
-	router.POST("/player", controllers.AddPlayer)
-	router.PATCH("/player/:id", controllers.UpdatePlayerByID)
-	router.DELETE("/player/:id", controllers.DeletePlayerByID)
-
-	log.Println("Running on 8000...")
-	log.Fatal(router.Run(":8000"))
+}
+
+func loginPage(c *gin.Context) {
+	session, _ := store.Get(c.Request, "session-name")
+
+	if auth, ok := session.Values["authenticated"].(bool); ok && auth {
+		c.Redirect(http.StatusFound, "/")
+		return
+	}
+
+	tmpl, err := template.ParseFiles([]string{"./templates/login.html", "./templates/components/header.html"}...)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	err = tmpl.Execute(c.Writer, nil)
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func loginPost(c *gin.Context) {
+	username := c.PostForm("username")
+	password := c.PostForm("password")
+
+	if !checkUserCredentials(username, password) {
+		c.HTML(http.StatusOK, "login_error.html", gin.H{"message": "Ungültige Logindaten!"})
+		return
+	}
+
+	session, _ := store.Get(c.Request, "session-name")
+	session.Values["authenticated"] = true
+	session.Values["username"] = username
+	err := session.Save(c.Request, c.Writer)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, nil)
+		return
+	}
+
+	c.Header("HX-Redirect", "/")
+	c.String(http.StatusOK, "")
+}
+
+func checkUserCredentials(username, password string) bool {
+	var hashedPassword string
+
+	hashedPassword, err := getUserPassword(username)
+	if err != nil {
+		return false
+	}
+
+	err = bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password))
+	return err == nil
+}
+
+func getUserPassword(username string) (string, error) {
+	var user models.User
+
+	if err := models.DB.Where("username = ?", username).First(&user).Error; err != nil {
+		log.Fatal(err)
+		return "", err
+	}
+
+	var hashedPW string
+	hashedPW, err := hashPassword(user.Password)
+	if err != nil {
+		log.Fatal(err)
+		return "", err
+	}
+
+	return hashedPW, nil
+}
+
+func logout(c *gin.Context) {
+	session, _ := store.Get(c.Request, "session-name")
+	session.Values["authenticated"] = false
+	err := session.Save(c.Request, c.Writer)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, nil)
+		return
+	}
+
+	c.Redirect(http.StatusFound, "/login")
+}
+
+func hashPassword(password string) (string, error) {
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	if err != nil {
+		return "", fmt.Errorf("failed to hash password: %w", err)
+	}
+	return string(hashedPassword), nil
+}
+
+func AuthRequired() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		session, _ := store.Get(c.Request, "session-name")
+		if auth, ok := session.Values["authenticated"].(bool); !ok || !auth {
+			c.Redirect(http.StatusFound, "/login")
+			c.Abort()
+			return
+		}
+		c.Next()
+	}
 }
--- a/models/user.go
+++ b/models/user.go
@@ -0,0 +1,7 @@
+package models
+
+type User struct {
+	Username string `json:"username" gorm:"primary_key"`
+	Password string `json:"password"`
+	Enabled  bool   `json:"enabled" default:"1"`
+}
--- a/templates/components/login_error.html
+++ b/templates/components/login_error.html
@@ -0,0 +1,3 @@
+<div class="text-danger">
+    {{ .message }}
+</div>
--- a/templates/login.html
+++ b/templates/login.html
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html lang="de">
+<head>
+    {{ template "header" . }}
+</head>
+<body data-bs-theme="dark" class="h-auto">
+    <div class="container-fluid bg-dark mt-5 p-4 rounded-3 text-light text-center" style="max-width: 500px;">
+        <h3>Login</h3>
+        <hr>
+        <form hx-post="/login" hx-target="#login-result">
+            <div class="form-floating mb-3">
+                <input class="form-control form-control-lg" type="text" id="username" name="username" placeholder="Username" required>
+                <label for="username">Username</label>
+            </div>
+            <div class="form-floating">
+                <input class="form-control form-control-lg" type="password" id="password" name="password" placeholder="Passwort" required>
+                <label for="password">Passwort</label>
+            </div>
+            <button class="btn btn-lg btn-primary mt-3" type="submit">Anmelden</button>
+        </form>
+        <div id="login-result" class="mt-4 fs-4"></div>
+    </div>
+</body>
+</html>