authboss/auth/auth.go

// Package auth implements password based user logins.
package auth

import (
	"errors"
	"fmt"
	"net/http"

	"golang.org/x/crypto/bcrypt"
	"gopkg.in/authboss.v0"
	"gopkg.in/authboss.v0/internal/response"
)

const (
	methodGET  = "GET"
	methodPOST = "POST"

	tplLogin = "login.html.tpl"
)

func init() {
	authboss.RegisterModule("auth", &Auth{})
}

// Auth module
type Auth struct {
	*authboss.Authboss
	templates response.Templates
}

// Initialize module
func (a *Auth) Initialize(ab *authboss.Authboss) (err error) {
	a.Authboss = ab

	if a.Storer == nil {
		return errors.New("auth: Need a Storer")
	}

	if len(a.XSRFName) == 0 {
		return errors.New("auth: XSRFName must be set")
	}

	if a.XSRFMaker == nil {
		return errors.New("auth: XSRFMaker must be defined")
	}

	a.templates, err = response.LoadTemplates(a.Authboss, a.Layout, a.ViewsPath, tplLogin)
	if err != nil {
		return err
	}

	return nil
}

// Routes for the module
func (a *Auth) Routes() authboss.RouteTable {
	return authboss.RouteTable{
		"/login":  a.loginHandlerFunc,
		"/logout": a.logoutHandlerFunc,
	}
}

// Storage requirements
func (a *Auth) Storage() authboss.StorageOptions {
	return authboss.StorageOptions{
		a.PrimaryID:            authboss.String,
		authboss.StorePassword: authboss.String,
	}
}

func (a *Auth) loginHandlerFunc(ctx *authboss.Context, w http.ResponseWriter, r *http.Request) error {
	switch r.Method {
	case methodGET:
		if _, ok := ctx.SessionStorer.Get(authboss.SessionKey); ok {
			if halfAuthed, ok := ctx.SessionStorer.Get(authboss.SessionHalfAuthKey); !ok || halfAuthed == "false" {
				//http.Redirect(w, r, a.AuthLoginOKPath, http.StatusFound, true)
				response.Redirect(ctx, w, r, a.AuthLoginOKPath, "", "", true)
				return nil
			}
		}

		data := authboss.NewHTMLData(
			"showRemember", a.IsLoaded("remember"),
			"showRecover", a.IsLoaded("recover"),
			"primaryID", a.PrimaryID,
			"primaryIDValue", "",
		)
		return a.templates.Render(ctx, w, r, tplLogin, data)
	case methodPOST:
		key, _ := ctx.FirstPostFormValue(a.PrimaryID)
		password, _ := ctx.FirstPostFormValue("password")

		errData := authboss.NewHTMLData(
			"error", fmt.Sprintf("invalid %s and/or password", a.PrimaryID),
			"primaryID", a.PrimaryID,
			"primaryIDValue", key,
			"showRemember", a.IsLoaded("remember"),
			"showRecover", a.IsLoaded("recover"),
		)

		policies := authboss.FilterValidators(a.Policies, a.PrimaryID, authboss.StorePassword)
		if validationErrs := ctx.Validate(policies); len(validationErrs) > 0 {
			return a.templates.Render(ctx, w, r, tplLogin, errData)
		}

		if err := validateCredentials(ctx, key, password); err != nil {
			return a.templates.Render(ctx, w, r, tplLogin, errData)
		}

		interrupted, err := a.Callbacks.FireBefore(authboss.EventAuth, ctx)
		if err != nil {
			return err
		} else if interrupted != authboss.InterruptNone {
			var reason string
			switch interrupted {
			case authboss.InterruptAccountLocked:
				reason = "Your account has been locked."
			case authboss.InterruptAccountNotConfirmed:
				reason = "Your account has not been confirmed."
			}
			response.Redirect(ctx, w, r, a.AuthLoginFailPath, "", reason, false)
			return nil
		}

		ctx.SessionStorer.Put(authboss.SessionKey, key)
		ctx.SessionStorer.Del(authboss.SessionHalfAuthKey)

		if err := a.Callbacks.FireAfter(authboss.EventAuth, ctx); err != nil {
			return err
		}
		response.Redirect(ctx, w, r, a.AuthLoginOKPath, "", "", true)
	default:
		w.WriteHeader(http.StatusMethodNotAllowed)
	}

	return nil
}

func validateCredentials(ctx *authboss.Context, key, password string) error {
	if err := ctx.LoadUser(key); err != nil {
		return err
	}

	actualPassword, err := ctx.User.StringErr(authboss.StorePassword)
	if err != nil {
		return err
	}

	if err := bcrypt.CompareHashAndPassword([]byte(actualPassword), []byte(password)); err != nil {
		return err
	}

	return nil
}

func (a *Auth) logoutHandlerFunc(ctx *authboss.Context, w http.ResponseWriter, r *http.Request) error {
	switch r.Method {
	case methodGET:
		ctx.SessionStorer.Del(authboss.SessionKey)
		ctx.CookieStorer.Del(authboss.CookieRemember)
		ctx.SessionStorer.Del(authboss.SessionLastAction)

		response.Redirect(ctx, w, r, a.AuthLogoutOKPath, "You have logged out", "", true)
	default:
		w.WriteHeader(http.StatusMethodNotAllowed)
	}

	return nil
}
Change documentation a little bit, and fix one bug. 2015-03-15 08:06:08 -07:00			`// Package auth implements password based user logins.`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`package auth`

			`import (`
Rework recover 2015-02-23 15:51:42 -08:00			`"errors"`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 13:24:12 -08:00			`"fmt"`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`"net/http"`

Fix bad hg dependencies :D 2015-01-12 23:51:25 -08:00			`"golang.org/x/crypto/bcrypt"`
Fixed auth to work with root changes 2015-01-09 22:51:02 -08:00			`"gopkg.in/authboss.v0"`
Rename internal/render to internal/response 2015-03-28 09:08:05 -07:00			`"gopkg.in/authboss.v0/internal/response"`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`)`

			`const (`
			`methodGET = "GET"`
			`methodPOST = "POST"`

Proper naming of all templates. Rebuild bindata. 2015-02-26 12:52:45 -08:00			`tplLogin = "login.html.tpl"`
Cleaned up auth module and tests 2015-01-12 21:08:52 -08:00			`)`
Added auth endpoint POST 2015-01-10 22:49:06 -08:00
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`func init() {`
Move create from Storer to RegisterStorer - Fixed the qq tests - Removed all module singletons 2015-02-26 23:09:37 -08:00			`authboss.RegisterModule("auth", &Auth{})`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`

Destroy a list of go lint errors. 2015-03-16 14:42:45 -07:00			`// Auth module`
Rework recover 2015-02-23 15:51:42 -08:00			`type Auth struct {`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`*authboss.Authboss`
Rename internal/render to internal/response 2015-03-28 09:08:05 -07:00			`templates response.Templates`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`

Destroy a list of go lint errors. 2015-03-16 14:42:45 -07:00			`// Initialize module`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`func (a Auth) Initialize(ab authboss.Authboss) (err error) {`
			`a.Authboss = ab`

			`if a.Storer == nil {`
Destroy a list of go lint errors. 2015-03-16 14:42:45 -07:00			`return errors.New("auth: Need a Storer")`
Rework recover 2015-02-23 15:51:42 -08:00			`}`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`if len(a.XSRFName) == 0 {`
Add new auth testing and tempaltes 2015-02-24 15:01:56 -08:00			`return errors.New("auth: XSRFName must be set")`
			`}`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`if a.XSRFMaker == nil {`
Add new auth testing and tempaltes 2015-02-24 15:01:56 -08:00			`return errors.New("auth: XSRFMaker must be defined")`
			`}`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`a.templates, err = response.LoadTemplates(a.Authboss, a.Layout, a.ViewsPath, tplLogin)`
Reworking auth 2015-02-20 23:33:35 -08:00			`if err != nil {`
Move all html to internal packge views 2015-01-18 14:24:20 -08:00			`return err`
Added styles to modules. Stylized login module. Added tester 2015-01-04 20:41:20 -08:00			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00
			`return nil`
			`}`

Destroy a list of go lint errors. 2015-03-16 14:42:45 -07:00			`// Routes for the module`
Rework recover 2015-02-23 15:51:42 -08:00			`func (a *Auth) Routes() authboss.RouteTable {`
Reworking auth 2015-02-20 23:33:35 -08:00			`return authboss.RouteTable{`
Recover now builds. Start adding tests. 2015-02-25 10:22:55 -08:00			`"/login": a.loginHandlerFunc,`
			`"/logout": a.logoutHandlerFunc,`
Reworking auth 2015-02-20 23:33:35 -08:00			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`

Destroy a list of go lint errors. 2015-03-16 14:42:45 -07:00			`// Storage requirements`
Rework recover 2015-02-23 15:51:42 -08:00			`func (a *Auth) Storage() authboss.StorageOptions {`
Reworking auth 2015-02-20 23:33:35 -08:00			`return authboss.StorageOptions{`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`a.PrimaryID: authboss.String,`
Add PrimaryID to the system. - Fix #17 2015-02-22 13:16:11 -08:00			`authboss.StorePassword: authboss.String,`
Reworking auth 2015-02-20 23:33:35 -08:00			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`

Rework recover 2015-02-23 15:51:42 -08:00			`func (a Auth) loginHandlerFunc(ctx authboss.Context, w http.ResponseWriter, r *http.Request) error {`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`switch r.Method {`
			`case methodGET:`
Implement auth logout - Add del to client storer interface 2015-01-15 16:04:33 -08:00			`if _, ok := ctx.SessionStorer.Get(authboss.SessionKey); ok {`
Add PrimaryID to the system. - Fix #17 2015-02-22 13:16:11 -08:00			`if halfAuthed, ok := ctx.SessionStorer.Get(authboss.SessionHalfAuthKey); !ok \|\| halfAuthed == "false" {`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`//http.Redirect(w, r, a.AuthLoginOKPath, http.StatusFound, true)`
			`response.Redirect(ctx, w, r, a.AuthLoginOKPath, "", "", true)`
Add new auth testing and tempaltes 2015-02-24 15:01:56 -08:00			`return nil`
Implement auth logout - Add del to client storer interface 2015-01-15 16:04:33 -08:00			`}`
			`}`

Rework recover 2015-02-23 15:51:42 -08:00			`data := authboss.NewHTMLData(`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`"showRemember", a.IsLoaded("remember"),`
			`"showRecover", a.IsLoaded("recover"),`
			`"primaryID", a.PrimaryID,`
Rework recover 2015-02-23 15:51:42 -08:00			`"primaryIDValue", "",`
			`)`
Reworking auth 2015-02-20 23:33:35 -08:00			`return a.templates.Render(ctx, w, r, tplLogin, data)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`case methodPOST:`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`key, _ := ctx.FirstPostFormValue(a.PrimaryID)`
Reworking auth 2015-02-20 23:33:35 -08:00			`password, _ := ctx.FirstPostFormValue("password")`
Add response writer to client storer 2015-01-15 14:01:01 -08:00
Reworking auth 2015-02-20 23:33:35 -08:00			`errData := authboss.NewHTMLData(`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`"error", fmt.Sprintf("invalid %s and/or password", a.PrimaryID),`
			`"primaryID", a.PrimaryID,`
Rework recover 2015-02-23 15:51:42 -08:00			`"primaryIDValue", key,`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`"showRemember", a.IsLoaded("remember"),`
			`"showRecover", a.IsLoaded("recover"),`
Reworking auth 2015-02-20 23:33:35 -08:00			`)`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`policies := authboss.FilterValidators(a.Policies, a.PrimaryID, authboss.StorePassword)`
Working auth and recover 2015-02-24 10:12:23 -08:00			`if validationErrs := ctx.Validate(policies); len(validationErrs) > 0 {`
Reworking auth 2015-02-20 23:33:35 -08:00			`return a.templates.Render(ctx, w, r, tplLogin, errData)`
Add response writer to client storer 2015-01-15 14:01:01 -08:00			`}`
Cleaned up auth module and tests 2015-01-12 21:08:52 -08:00
Add PrimaryID to the system. - Fix #17 2015-02-22 13:16:11 -08:00			`if err := validateCredentials(ctx, key, password); err != nil {`
Reworking auth 2015-02-20 23:33:35 -08:00			`return a.templates.Render(ctx, w, r, tplLogin, errData)`
Made things work with other things. 2015-01-10 23:12:40 -08:00			`}`
Changed remember and auth to work together. 2015-01-15 15:10:47 -08:00
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`interrupted, err := a.Callbacks.FireBefore(authboss.EventAuth, ctx)`
Add mountedpath so forms work on mounted paths. - Refactor naming for config "redirect" variables. - Removed flash messages from config, Fix #19 2015-02-25 23:05:14 -08:00			`if err != nil {`
			`return err`
			`} else if interrupted != authboss.InterruptNone {`
			`var reason string`
			`switch interrupted {`
			`case authboss.InterruptAccountLocked:`
			`reason = "Your account has been locked."`
			`case authboss.InterruptAccountNotConfirmed:`
			`reason = "Your account has not been confirmed."`
			`}`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`response.Redirect(ctx, w, r, a.AuthLoginFailPath, "", reason, false)`
Add mountedpath so forms work on mounted paths. - Refactor naming for config "redirect" variables. - Removed flash messages from config, Fix #19 2015-02-25 23:05:14 -08:00			`return nil`
			`}`

			`ctx.SessionStorer.Put(authboss.SessionKey, key)`
			`ctx.SessionStorer.Del(authboss.SessionHalfAuthKey)`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`if err := a.Callbacks.FireAfter(authboss.EventAuth, ctx); err != nil {`
Fix confirm fields. 2015-02-25 23:20:02 -08:00			`return err`
			`}`
Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`response.Redirect(ctx, w, r, a.AuthLoginOKPath, "", "", true)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`default:`
			`w.WriteHeader(http.StatusMethodNotAllowed)`
			`}`
Reworking auth 2015-02-20 23:33:35 -08:00
			`return nil`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`

Add PrimaryID to the system. - Fix #17 2015-02-22 13:16:11 -08:00			`func validateCredentials(ctx *authboss.Context, key, password string) error {`
			`if err := ctx.LoadUser(key); err != nil {`
Cleaned up auth module and tests 2015-01-12 21:08:52 -08:00			`return err`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 13:24:12 -08:00			`}`

Add PrimaryID to the system. - Fix #17 2015-02-22 13:16:11 -08:00			`actualPassword, err := ctx.User.StringErr(authboss.StorePassword)`
Reworking auth 2015-02-20 23:33:35 -08:00			`if err != nil {`
			`return err`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 13:24:12 -08:00			`}`

Reworking auth 2015-02-20 23:33:35 -08:00			`if err := bcrypt.CompareHashAndPassword([]byte(actualPassword), []byte(password)); err != nil {`
			`return err`
Added auth endpoint POST 2015-01-10 22:49:06 -08:00			`}`

			`return nil`
			`}`

Rework recover 2015-02-23 15:51:42 -08:00			`func (a Auth) logoutHandlerFunc(ctx authboss.Context, w http.ResponseWriter, r *http.Request) error {`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`switch r.Method {`
			`case methodGET:`
Implement auth logout - Add del to client storer interface 2015-01-15 16:04:33 -08:00			`ctx.SessionStorer.Del(authboss.SessionKey)`
Fix expire token shenanigans - Add session and cookie cleanup on logout 2015-03-02 22:09:32 -08:00			`ctx.CookieStorer.Del(authboss.CookieRemember)`
			`ctx.SessionStorer.Del(authboss.SessionLastAction)`

Fix modules after refactor. 2015-03-31 15:27:47 -07:00			`response.Redirect(ctx, w, r, a.AuthLogoutOKPath, "You have logged out", "", true)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`default:`
			`w.WriteHeader(http.StatusMethodNotAllowed)`
			`}`
Reworking auth 2015-02-20 23:33:35 -08:00
			`return nil`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 10:33:53 -08:00			`}`