mirror of
https://github.com/OpenFactorioServerManager/factorio-server-manager.git
synced 2025-01-14 04:35:58 +02:00
added error output and error response
This commit is contained in:
knoxfighter
parent
63186c61dc
commit
f3f4d76e18
@ -71,19 +71,21 @@ func (a *Auth) checkPassword(username, password string) error {
|
||||
var user User
|
||||
result := a.db.Where(&User{Username: username}).Take(&user)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error reading user from database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
|
||||
decodedHashPw, err := base64.StdEncoding.DecodeString(user.Password)
|
||||
if err != nil {
|
||||
// TODO
|
||||
log.Printf("Error decoding base64 password: %s", err)
|
||||
return err
|
||||
}
|
||||
|
||||
err = bcrypt.CompareHashAndPassword(decodedHashPw, []byte(password))
|
||||
if err != nil {
|
||||
// TODO
|
||||
if err != bcrypt.ErrMismatchedHashAndPassword {
|
||||
log.Printf("Unexpected error comparing hash and pw: %s", err)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
@ -94,7 +96,7 @@ func (a *Auth) checkPassword(username, password string) error {
|
||||
func (a *Auth) deleteUser(username string) error {
|
||||
result := a.db.Model(&User{}).Where(&User{Username: username}).Delete(&User{})
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error deleting user from database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
return nil
|
||||
@ -104,7 +106,7 @@ func (a *Auth) hasUser(username string) (bool, error) {
|
||||
var count int64
|
||||
result := a.db.Model(&User{}).Where(&User{Username: username}).Count(&count)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error cheking user exisits in database: %s", result.Error)
|
||||
return false, result.Error
|
||||
}
|
||||
return count == 1, nil
|
||||
@ -114,7 +116,7 @@ func (a *Auth) getUser(username string) (User, error) {
|
||||
var user User
|
||||
result := a.db.Model(&User{}).Where(&User{Username: username}).Take(&user)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error reading user from database: %s", result.Error)
|
||||
return User{}, result.Error
|
||||
}
|
||||
|
||||
@ -125,7 +127,7 @@ func (a *Auth) listUsers() ([]User, error) {
|
||||
var users []User
|
||||
result := a.db.Find(&users)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error listing all users in database: %s", result.Error)
|
||||
return nil, result.Error
|
||||
}
|
||||
return users, nil
|
||||
@ -135,7 +137,7 @@ func (a *Auth) addUser(user User) error {
|
||||
// encrypt password
|
||||
pwHash, err := bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
// TODO
|
||||
log.Printf("Error generating bcrypt hash from password: %s", err)
|
||||
return err
|
||||
}
|
||||
|
||||
@ -144,7 +146,7 @@ func (a *Auth) addUser(user User) error {
|
||||
// add user to db
|
||||
result := a.db.Create(&user)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error creating user in database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
|
||||
@ -155,32 +157,24 @@ func (a *Auth) addUserWithHash(user User) error {
|
||||
// add user to db
|
||||
result := a.db.Create(&user)
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
log.Printf("Error creating user in database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a *Auth) removeUser(username string) error {
|
||||
result := a.db.Model(&User{}).Where(&User{Username: username}).Delete(&User{})
|
||||
if result.Error != nil {
|
||||
// TODO
|
||||
return result.Error
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a *Auth) changePassword(username, password string) error {
|
||||
var user User
|
||||
result := a.db.Model(&User{}).Where(&User{Username: username}).Take(&user)
|
||||
if result.Error != nil {
|
||||
log.Printf("Error reading user from database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
|
||||
hashPW, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
// TODO
|
||||
log.Printf("Error generatig bcrypt hash from new password: %s", err)
|
||||
return err
|
||||
}
|
||||
|
||||
@ -188,6 +182,7 @@ func (a *Auth) changePassword(username, password string) error {
|
||||
|
||||
result = a.db.Save(&user)
|
||||
if result.Error != nil {
|
||||
log.Printf("Error resaving user in database: %s", result.Error)
|
||||
return result.Error
|
||||
}
|
||||
|
||||
|
||||
@ -4,6 +4,7 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/gorilla/sessions"
|
||||
"github.com/mroote/factorio-server-manager/bootstrap"
|
||||
"github.com/mroote/factorio-server-manager/factorio"
|
||||
"io"
|
||||
@ -52,6 +53,26 @@ func ReadRequestBody(w http.ResponseWriter, r *http.Request, resp *interface{})
|
||||
return
|
||||
}
|
||||
|
||||
func ReadSessionStore(w http.ResponseWriter, r *http.Request, resp *interface{}, name string) (session *sessions.Session, err error) {
|
||||
session, err = sessionStore.Get(r, name)
|
||||
if err != nil {
|
||||
*resp = fmt.Sprintf("Error reading session cookie [%s]: %s", name, err)
|
||||
log.Println(*resp)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func SaveSession(w http.ResponseWriter, r *http.Request, resp *interface{}, session *sessions.Session) (err error) {
|
||||
err = session.Save(r, w)
|
||||
if err != nil {
|
||||
*resp = fmt.Sprintf("Error saving session cookie: %s", err)
|
||||
log.Println(*resp)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// Lists all save files in the factorio/saves directory
|
||||
func ListSaves(w http.ResponseWriter, r *http.Request) {
|
||||
var resp interface{}
|
||||
@ -430,13 +451,11 @@ func LoginUser(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
body, err := ReadRequestBody(w, r, &resp)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := UnmarshallUserJson(body, &resp, w)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
@ -444,17 +463,21 @@ func LoginUser(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
err = auth.checkPassword(user.Username, user.Password)
|
||||
if err != nil {
|
||||
// TODO
|
||||
resp = fmt.Sprintf("Password for use %s wrong", user.Username)
|
||||
log.Println(resp)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
session, _ := sessionStore.Get(r, "authentication")
|
||||
session.Values["username"] = user.Username
|
||||
err = session.Save(r, w)
|
||||
session, err := ReadSessionStore(w, r, &resp, "authentication")
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
session.Values["username"] = user.Username
|
||||
|
||||
err = SaveSession(w, r, &resp, session)
|
||||
if err != nil {
|
||||
// TODO
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
@ -474,16 +497,15 @@ func LogoutUser(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
w.Header().Set("Content-Type", "application/json;charset=UTF-8")
|
||||
|
||||
session, err := sessionStore.Get(r, "authentication")
|
||||
session, err := ReadSessionStore(w, r, &resp, "authentication")
|
||||
if err != nil {
|
||||
// TODO
|
||||
return
|
||||
}
|
||||
|
||||
delete(session.Values, "username")
|
||||
err = session.Save(r, w)
|
||||
|
||||
err = SaveSession(w, r, &resp, session)
|
||||
if err != nil {
|
||||
// TODO
|
||||
return
|
||||
}
|
||||
|
||||
@ -501,16 +523,18 @@ func GetCurrentLogin(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
w.Header().Set("Content-Type", "application/json;charset=UTF-8")
|
||||
|
||||
session, err := sessionStore.Get(r, "authentication")
|
||||
session, err := ReadSessionStore(w, r, &resp, "authentication")
|
||||
if err != nil {
|
||||
// TODO
|
||||
return
|
||||
}
|
||||
|
||||
username := session.Values["username"].(string)
|
||||
|
||||
user, err := auth.getUser(username)
|
||||
if err != nil {
|
||||
// TODO
|
||||
resp = fmt.Sprintf("Error getting user: %s", err)
|
||||
log.Println(resp)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
@ -587,7 +611,7 @@ func RemoveUser(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
err = auth.removeUser(user.Username)
|
||||
err = auth.deleteUser(user.Username)
|
||||
if err != nil {
|
||||
resp = fmt.Sprintf("Error in removing user {%s}, error: %s", user.Username, err)
|
||||
log.Println(resp)
|
||||
@ -626,9 +650,8 @@ func ChangePassword(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
// only allow to change its own password
|
||||
// get username from session cookie
|
||||
session, err := sessionStore.Get(r, "authentication")
|
||||
session, err := ReadSessionStore(w, r, &resp, "authentication")
|
||||
if err != nil {
|
||||
// TODO
|
||||
return
|
||||
}
|
||||
|
||||
@ -637,21 +660,24 @@ func ChangePassword(w http.ResponseWriter, r *http.Request) {
|
||||
// check if password for user is correct
|
||||
err = auth.checkPassword(username, user.OldPassword)
|
||||
if err != nil {
|
||||
// TODO
|
||||
resp = fmt.Sprintf("Password for use %s wrong", username)
|
||||
log.Println(resp)
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
// only run, when confirmation correct
|
||||
if user.NewPassword != user.NewPasswordConfirm {
|
||||
// TODO
|
||||
resp = fmt.Sprintf("Password confirmation incorrect")
|
||||
log.Println(resp)
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
err = auth.changePassword(username, user.NewPassword)
|
||||
if err != nil {
|
||||
// TODO
|
||||
resp = fmt.Sprintf("Error changing password: %s", err)
|
||||
log.Println(resp)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user