Set token cookies on user login
This commit is contained in:
@@ -2,13 +2,17 @@ package cookies
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"projectreshoot/config"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"projectreshoot/config"
|
||||||
|
"projectreshoot/db"
|
||||||
|
"projectreshoot/jwt"
|
||||||
|
|
||||||
|
"github.com/pkg/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Get the value of the access and refresh tokens
|
// Get the value of the access and refresh tokens
|
||||||
func GetTokens(
|
func GetTokenStrings(
|
||||||
w http.ResponseWriter,
|
|
||||||
r *http.Request,
|
r *http.Request,
|
||||||
) (acc string, ref string) {
|
) (acc string, ref string) {
|
||||||
accCookie, accErr := r.Cookie("access")
|
accCookie, accErr := r.Cookie("access")
|
||||||
@@ -27,22 +31,46 @@ func GetTokens(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Set a token with the provided details
|
// Set a token with the provided details
|
||||||
func SetToken(
|
func setToken(
|
||||||
w http.ResponseWriter,
|
w http.ResponseWriter,
|
||||||
r *http.Request,
|
|
||||||
config *config.Config,
|
config *config.Config,
|
||||||
token string,
|
token string,
|
||||||
scope string,
|
scope string,
|
||||||
exp int64,
|
exp int64,
|
||||||
|
rememberme bool,
|
||||||
) {
|
) {
|
||||||
tokenCookie := &http.Cookie{
|
tokenCookie := &http.Cookie{
|
||||||
Name: scope,
|
Name: scope,
|
||||||
Value: token,
|
Value: token,
|
||||||
Path: "/",
|
Path: "/",
|
||||||
Expires: time.Unix(exp, 0),
|
|
||||||
HttpOnly: true,
|
HttpOnly: true,
|
||||||
SameSite: http.SameSiteLaxMode,
|
SameSite: http.SameSiteLaxMode,
|
||||||
Secure: config.SSL,
|
Secure: config.SSL,
|
||||||
}
|
}
|
||||||
|
if rememberme {
|
||||||
|
tokenCookie.Expires = time.Unix(exp, 0)
|
||||||
|
}
|
||||||
http.SetCookie(w, tokenCookie)
|
http.SetCookie(w, tokenCookie)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Generate new tokens for the user and set them as cookies
|
||||||
|
func SetTokenCookies(
|
||||||
|
w http.ResponseWriter,
|
||||||
|
r *http.Request,
|
||||||
|
config *config.Config,
|
||||||
|
user *db.User,
|
||||||
|
rememberMe bool,
|
||||||
|
) error {
|
||||||
|
at, atexp, err := jwt.GenerateAccessToken(config, user, true, rememberMe)
|
||||||
|
if err != nil {
|
||||||
|
return errors.Wrap(err, "jwt.GenerateAccessToken")
|
||||||
|
}
|
||||||
|
rt, rtexp, err := jwt.GenerateRefreshToken(config, user, rememberMe)
|
||||||
|
if err != nil {
|
||||||
|
return errors.Wrap(err, "jwt.GenerateRefreshToken")
|
||||||
|
}
|
||||||
|
// Don't set the cookies until we know no errors occured
|
||||||
|
setToken(w, config, at, "access", atexp, rememberMe)
|
||||||
|
setToken(w, config, rt, "refresh", rtexp, rememberMe)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|||||||
@@ -2,9 +2,9 @@ package handlers
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"database/sql"
|
"database/sql"
|
||||||
"fmt"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
"projectreshoot/config"
|
||||||
"projectreshoot/cookies"
|
"projectreshoot/cookies"
|
||||||
"projectreshoot/db"
|
"projectreshoot/db"
|
||||||
"projectreshoot/view/component/form"
|
"projectreshoot/view/component/form"
|
||||||
@@ -45,6 +45,7 @@ func checkRememberMe(r *http.Request) bool {
|
|||||||
// and on fail will return the login form again, passing the error to the
|
// and on fail will return the login form again, passing the error to the
|
||||||
// template for user feedback
|
// template for user feedback
|
||||||
func HandleLoginRequest(
|
func HandleLoginRequest(
|
||||||
|
config *config.Config,
|
||||||
logger *zerolog.Logger,
|
logger *zerolog.Logger,
|
||||||
conn *sql.DB,
|
conn *sql.DB,
|
||||||
secretKey string,
|
secretKey string,
|
||||||
@@ -61,13 +62,12 @@ func HandleLoginRequest(
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: login success, use the userID to set the session
|
|
||||||
rememberMe := checkRememberMe(r)
|
rememberMe := checkRememberMe(r)
|
||||||
fmt.Printf(
|
err = cookies.SetTokenCookies(w, r, config, &user, rememberMe)
|
||||||
"Login success, user: %v - remember me?: %t\n",
|
if err != nil {
|
||||||
user.Username,
|
form.LoginForm(err.Error()).Render(r.Context(), w)
|
||||||
rememberMe,
|
logger.Warn().Caller().Err(err).Msg("Failed to set token cookies")
|
||||||
)
|
}
|
||||||
|
|
||||||
pageFrom := cookies.CheckPageFrom(w, r)
|
pageFrom := cookies.CheckPageFrom(w, r)
|
||||||
w.Header().Set("HX-Redirect", pageFrom)
|
w.Header().Set("HX-Redirect", pageFrom)
|
||||||
|
|||||||
@@ -30,6 +30,7 @@ func addRoutes(
|
|||||||
// Login page and handlers
|
// Login page and handlers
|
||||||
mux.Handle("GET /login", handlers.HandleLoginPage(config.TrustedHost))
|
mux.Handle("GET /login", handlers.HandleLoginPage(config.TrustedHost))
|
||||||
mux.Handle("POST /login", handlers.HandleLoginRequest(
|
mux.Handle("POST /login", handlers.HandleLoginRequest(
|
||||||
|
config,
|
||||||
logger,
|
logger,
|
||||||
conn,
|
conn,
|
||||||
config.SecretKey,
|
config.SecretKey,
|
||||||
|
|||||||
Reference in New Issue
Block a user