From abfbe1ff1b153f8d629b660a04157e82eed7af78 Mon Sep 17 00:00:00 2001 From: Ruidy Date: Fri, 13 Sep 2024 17:32:18 +0200 Subject: [PATCH] refactor authentication service --- internal/server/auth.go | 16 ++-------- internal/server/handle_auth.go | 25 +++------------ internal/server/routes.go | 2 +- internal/service/auth/service.go | 53 ++++++++++++++++++++++++++++++-- 4 files changed, 60 insertions(+), 36 deletions(-) diff --git a/internal/server/auth.go b/internal/server/auth.go index 915c814..69d1bb6 100644 --- a/internal/server/auth.go +++ b/internal/server/auth.go @@ -1,35 +1,25 @@ package server import ( - "fmt" "net/http" - "github.com/labstack/echo-contrib/session" "github.com/labstack/echo/v4" "github.com/rjNemo/rentease/internal/constant" + "github.com/rjNemo/rentease/internal/service/auth" ) -func MakeAuthMiddleware() echo.MiddlewareFunc { +func MakeAuthMiddleware(as *auth.Service) echo.MiddlewareFunc { return func(next echo.HandlerFunc) echo.HandlerFunc { return func(c echo.Context) error { if c.Request().RequestURI == constant.RouteLogin { return next(c) } - s, err := readSession(c) - if s != "bar" || err != nil { + if !as.Authenticated(c) { return c.Redirect(http.StatusSeeOther, constant.RouteLogin) } return next(c) } } } - -func readSession(c echo.Context) (string, error) { - sess, err := session.Get(sessionName, c) - if err != nil { - return "", err - } - return fmt.Sprintf("%s", sess.Values["foo"]), nil -} diff --git a/internal/server/handle_auth.go b/internal/server/handle_auth.go index 3816ec5..b459af7 100644 --- a/internal/server/handle_auth.go +++ b/internal/server/handle_auth.go @@ -3,8 +3,6 @@ package server import ( "net/http" - "github.com/gorilla/sessions" - "github.com/labstack/echo-contrib/session" "github.com/labstack/echo/v4" "github.com/rjNemo/rentease/internal/constant" @@ -12,11 +10,6 @@ import ( "github.com/rjNemo/rentease/internal/view" ) -const ( - sessionName = "rentease" - sessionAge = 86400 * 7 // 7 days -) - func handleLoginPage() echo.HandlerFunc { return func(c echo.Context) error { return renderTempl(c, http.StatusOK, view.Login(view.LoginFormViewModel{})) @@ -25,19 +18,10 @@ func handleLoginPage() echo.HandlerFunc { func handleLogin(as *auth.Service) echo.HandlerFunc { return func(c echo.Context) error { - sess, err := session.Get(sessionName, c) - if err != nil { - return err - } - sess.Options = &sessions.Options{ - Path: constant.RouteLogin, - MaxAge: sessionAge, - HttpOnly: true, - } - email := c.FormValue("email") password := c.FormValue("password") - if !as.Authenticate(email, password) { + + if !as.ValidCredentials(email, password) { lfvm := view.LoginFormViewModel{ Email: email, Password: password, @@ -47,10 +31,11 @@ func handleLogin(as *auth.Service) echo.HandlerFunc { return renderTempl(c, http.StatusUnauthorized, view.LoginForm(lfvm)) } - sess.Values["foo"] = "bar" - if err := sess.Save(c.Request(), c.Response()); err != nil { + err := as.Authenticate(c, "foo") + if err != nil { return err } + return hxRedirect(c, http.StatusOK, constant.RouteBooking) } } diff --git a/internal/server/routes.go b/internal/server/routes.go index 7b61f82..b55f5a2 100644 --- a/internal/server/routes.go +++ b/internal/server/routes.go @@ -20,7 +20,7 @@ func (s Server) MountHandlers() { api.POST("/sync", handleSync(s.bs)) private := s.Router.Group("") - private.Use(MakeAuthMiddleware()) + private.Use(MakeAuthMiddleware(s.as)) private.GET("/bookings", handleBookingListPage(s.bs, s.hc)) private.GET("/bookings/new", handleBookingCreatePage(s.hc)) private.POST("/bookings/new", handleBookingCreate(s.bs)) diff --git a/internal/service/auth/service.go b/internal/service/auth/service.go index d01a0ba..89e9910 100644 --- a/internal/service/auth/service.go +++ b/internal/service/auth/service.go @@ -1,6 +1,19 @@ package auth -import "errors" +import ( + "errors" + + "github.com/gorilla/sessions" + "github.com/labstack/echo-contrib/session" + "github.com/labstack/echo/v4" + + "github.com/rjNemo/rentease/internal/constant" +) + +const ( + sessionName = "rentease" + sessionAge = 86400 * 7 // 7 days +) type Service struct { secret string @@ -18,6 +31,7 @@ func NewService(secret, admin, adminSecret, apiKey string) (*Service, error) { if secret == "" || admin == "" || adminSecret == "" || apiKey == "" { return nil, errors.New("error building Auth service. Verify your env variables") } + return &Service{ secret, admin, @@ -26,10 +40,45 @@ func NewService(secret, admin, adminSecret, apiKey string) (*Service, error) { }, nil } -func (as *Service) Authenticate(email, password string) bool { +func (as *Service) ValidCredentials(email, password string) bool { return email == as.admin && password == as.adminSecret } func (as *Service) ValidateApiKey(key string) bool { return key == as.apiKey } + +func (as *Service) getSession(c echo.Context) (*sessions.Session, error) { + sess, err := session.Get(sessionName, c) + if err != nil { + return nil, err + } + + sess.Options = &sessions.Options{ + Path: constant.RouteLogin, + MaxAge: sessionAge, + HttpOnly: true, + } + + return sess, nil +} + +func (as *Service) Authenticate(c echo.Context, key string) error { + sess, err := as.getSession(c) + if err != nil { + return err + } + + sess.Values["user"] = key + return sess.Save(c.Request(), c.Response()) +} + +func (as *Service) Authenticated(c echo.Context) bool { + sess, err := as.getSession(c) + if err != nil { + return false + } + + user, ok := sess.Values["user"] + return ok && user == "foo" +}