aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/db/db.go30
-rw-r--r--src/main.go4
-rw-r--r--src/server/server.go31
-rw-r--r--src/server/session.go9
-rw-r--r--src/user/routes.go56
-rw-r--r--src/user/user.go63
6 files changed, 171 insertions, 22 deletions
diff --git a/src/db/db.go b/src/db/db.go
index 2b72382..6f617c2 100644
--- a/src/db/db.go
+++ b/src/db/db.go
@@ -2,8 +2,11 @@ package db
import (
"context"
+ "fmt"
"log"
+ "strings"
+ "github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgxpool"
"gitlab.com/alexkavon/newsstand/src/conf"
@@ -18,7 +21,6 @@ func NewDb(config *conf.Conf) *Database {
if err != nil {
log.Fatal(err)
}
- defer pool.Close()
var testquery string
err = pool.QueryRow(context.Background(), "select 'Hello, PostgreSQL!'").Scan(&testquery)
@@ -30,3 +32,29 @@ func NewDb(config *conf.Conf) *Database {
p: pool,
}
}
+
+func (d *Database) InsertTable(table string, columns []string, values pgx.NamedArgs) error {
+ columnstr := stringifyColumns(columns, "")
+ valuesstr := stringifyColumns(columns, "@")
+ query := fmt.Sprintf("INSERT INTO %s (%s) VALUES (%s) RETURNING *", table, columnstr, valuesstr)
+ log.Println(query, values)
+ ctx := context.Background()
+ row, err := d.p.Exec(ctx, query, values)
+ if err != nil {
+ return err
+ }
+ log.Println("Row", row)
+ return nil
+}
+
+func (d *Database) Close() {
+ d.p.Close()
+}
+
+func stringifyColumns(columns []string, prefix string) string {
+ ncolumns := []string{}
+ for _, v := range columns {
+ ncolumns = append(ncolumns, fmt.Sprintf("%s%s", prefix, v))
+ }
+ return strings.Join(ncolumns, ", ")
+}
diff --git a/src/main.go b/src/main.go
index 0687aae..4dc2caf 100644
--- a/src/main.go
+++ b/src/main.go
@@ -12,7 +12,9 @@ func main() {
config := conf.NewConf()
// connect database
// start server
- s := server.NewServer(config, db.NewDb(config))
+ database := db.NewDb(config)
+ defer database.Close()
+ s := server.NewServer(config, database)
s.BuildUi()
routers := []server.Routes{
user.Routes,
diff --git a/src/server/server.go b/src/server/server.go
index 9cb2a3f..c483069 100644
--- a/src/server/server.go
+++ b/src/server/server.go
@@ -4,23 +4,26 @@ import (
"net/http"
"github.com/go-chi/chi/v5"
+ "github.com/google/uuid"
"gitlab.com/alexkavon/newsstand/src/conf"
"gitlab.com/alexkavon/newsstand/src/db"
)
type Server struct {
- Router *chi.Mux
- Db *db.Database
- Config *conf.Conf
- Ui Ui
+ Router *chi.Mux
+ Db *db.Database
+ Config *conf.Conf
+ Ui Ui
+ Sessions map[string]session
}
func NewServer(config *conf.Conf, database *db.Database) *Server {
return &Server{
- Router: NewRouter(config),
- Db: database,
- Config: config,
- Ui: NewUi(config),
+ Router: NewRouter(config),
+ Db: database,
+ Config: config,
+ Ui: NewUi(config),
+ Sessions: map[string]session{},
}
}
@@ -37,3 +40,15 @@ func (s *Server) RegisterRoutes(routes Routes) {
func (s *Server) Serve() {
http.ListenAndServe(":"+s.Config.Server.Port, s.Router)
}
+
+func (s *Server) NewSession(w http.ResponseWriter, username string) {
+ token := uuid.NewString()
+ s.Sessions[token] = session{
+ username: username,
+ }
+
+ http.SetCookie(w, &http.Cookie{
+ Name: "session_token",
+ Value: token,
+ })
+}
diff --git a/src/server/session.go b/src/server/session.go
new file mode 100644
index 0000000..3a12215
--- /dev/null
+++ b/src/server/session.go
@@ -0,0 +1,9 @@
+package server
+
+type session struct {
+ username string
+}
+
+func (s *session) Username() string {
+ return s.username
+}
diff --git a/src/user/routes.go b/src/user/routes.go
index f826822..64018d0 100644
--- a/src/user/routes.go
+++ b/src/user/routes.go
@@ -1,9 +1,10 @@
package user
import (
- "fmt"
+ "log"
"net/http"
+ "github.com/go-playground/validator/v10"
"gitlab.com/alexkavon/newsstand/src/server"
)
@@ -11,7 +12,7 @@ var Routes = server.Routes{
server.Route{
Name: "Create",
Method: "GET",
- Path: "/user/create",
+ Path: "/u/create",
HandlerFunc: Create,
},
server.Route{
@@ -23,19 +24,19 @@ var Routes = server.Routes{
server.Route{
Name: "LoginForm",
Method: "GET",
- Path: "/user/auth",
+ Path: "/u/auth",
HandlerFunc: LoginForm,
},
server.Route{
Name: "Authenticate",
Method: "POST",
- Path: "/user/auth",
+ Path: "/u/auth",
HandlerFunc: Authenticate,
},
server.Route{
Name: "Me",
Method: "GET",
- Path: "/user/me",
+ Path: "/u/me",
AuthRequired: true,
HandlerFunc: Show,
},
@@ -50,8 +51,36 @@ func Create(s *server.Server) http.HandlerFunc {
func Store(s *server.Server) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
- fmt.Println(r.PostForm)
- s.Ui.RenderTemplate(w, "core", "messages", &struct{ Message string }{Message: "Congrats"})
+
+ user := &User{
+ Db: s.Db,
+ Username: r.PostFormValue("username"),
+ Secret: r.PostFormValue("secret"),
+ Email: r.PostFormValue("email"),
+ }
+ // Validate User Input
+ v := validator.New()
+ err := v.Struct(user)
+ if err != nil {
+ log.Println("Validator failed", err.(validator.ValidationErrors))
+ }
+
+ // Hash secret
+ err = user.HashSecret()
+ if err != nil {
+ log.Println("Hash failure", err)
+ }
+
+ // Store user
+ err = user.Insert()
+ if err != nil {
+ log.Println("Insert Error", err)
+ }
+ // Send email validation
+ // Create cookie session
+ s.NewSession(w, user.Username)
+ // Redirect to user profile
+ http.Redirect(w, r, "/u/me", http.StatusSeeOther)
}
}
@@ -66,5 +95,16 @@ func Authenticate(s *server.Server) http.HandlerFunc {
}
func Show(s *server.Server) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {}
+ return func(w http.ResponseWriter, r *http.Request) {
+ token, err := r.Cookie("session_token")
+ if err != nil {
+ s.Ui.Render(w, "user/login", &struct{ Message string }{"You are not logged in! Missing Cookie"})
+ }
+ session, ok := s.Sessions[token.Value]
+ if !ok {
+ s.Ui.Render(w, "user/login", &struct{ Message string }{"You are not logged in! With Session."})
+ }
+
+ s.Ui.Render(w, "user/me", &struct{ Message, Username string }{"Congrats on getting this far!", session.Username()})
+ }
}
diff --git a/src/user/user.go b/src/user/user.go
index 83e39e3..e35c7c5 100644
--- a/src/user/user.go
+++ b/src/user/user.go
@@ -1,18 +1,73 @@
package user
import (
- "errors"
+ "crypto/rand"
+ "encoding/base64"
+ "fmt"
"time"
+
+ "github.com/jackc/pgx/v5"
+ "gitlab.com/alexkavon/newsstand/src/db"
+ "golang.org/x/crypto/argon2"
)
type User struct {
Id int64
- Username string
+ Username string `validate:"required,max=50"`
+ Secret string `validate:"required,min=8,max=128"`
+ Email string `validate:"required,email"`
Karma uint64
UpdatedAt time.Time
CreatedAt time.Time
+ hash string
+ Db *db.Database
+}
+
+func (u *User) Insert() error {
+ err := u.Db.InsertTable(
+ "users",
+ []string{"username", "secret", "email"},
+ pgx.NamedArgs{"username": u.Username, "secret": string(u.hash), "email": u.Email},
+ )
+ if err != nil {
+ return err
+ }
+ return nil
}
-func NewUser(username, secret string) error {
- return errors.New("Not Implemented")
+func (u *User) HashSecret() error {
+ hashconf := &struct {
+ memory uint32
+ iterations uint32
+ parallelism uint8
+ keyLength uint32
+ saltLength uint32
+ }{64 * 1024, 3, 2, 12, 16}
+ salt := make([]byte, hashconf.saltLength)
+ _, err := rand.Read(salt)
+ if err != nil {
+ return err
+ }
+
+ hash := argon2.IDKey(
+ []byte(u.Secret),
+ salt,
+ hashconf.iterations,
+ hashconf.memory,
+ hashconf.parallelism,
+ hashconf.keyLength,
+ )
+ b64Salt := base64.RawStdEncoding.EncodeToString(salt)
+ b64Hash := base64.RawStdEncoding.EncodeToString(hash)
+ encodedHash := fmt.Sprintf(
+ "$argon2id$v=%d$m=%d,t=%d,p=%d$%s$%s",
+ argon2.Version,
+ hashconf.memory,
+ hashconf.iterations,
+ hashconf.parallelism,
+ b64Salt,
+ b64Hash,
+ )
+ u.hash = encodedHash
+ return nil
}
generated by cgit v1.2.3 (git 2.51.0) at 2026-01-10 21:06:54 +0000