authboss/auth/auth.go

package auth

import (
	"fmt"
	"net/http"

	"golang.org/x/crypto/bcrypt"
	"gopkg.in/authboss.v0"
	"gopkg.in/authboss.v0/internal/render"
)

const (
	methodGET  = "GET"
	methodPOST = "POST"

	tplLogin = "login.tpl"
)

func init() {
	a := &AuthModule{}
	authboss.RegisterModule("auth", a)
}

type AuthModule struct {
	templates        render.Templates
	policies         []authboss.Validator
	isRememberLoaded bool
	isRecoverLoaded  bool
}

func (a *AuthModule) Initialize() (err error) {
	a.templates, err = render.LoadTemplates(authboss.Cfg.Layout, authboss.Cfg.ViewsPath, tplLogin)
	if err != nil {
		return err
	}

	a.policies = authboss.FilterValidators(authboss.Cfg.Policies, authboss.Cfg.PrimaryID, authboss.StorePassword)

	a.isRememberLoaded = authboss.IsLoaded("remember")
	a.isRecoverLoaded = authboss.IsLoaded("recover")

	return nil
}

func (a *AuthModule) Routes() authboss.RouteTable {
	return authboss.RouteTable{
		"login":  a.loginHandlerFunc,
		"logout": a.logoutHandlerFunc,
	}
}

func (a *AuthModule) Storage() authboss.StorageOptions {
	return authboss.StorageOptions{
		authboss.Cfg.PrimaryID: authboss.String,
		authboss.StorePassword: authboss.String,
	}
}

func (a *AuthModule) loginHandlerFunc(ctx *authboss.Context, w http.ResponseWriter, r *http.Request) error {
	switch r.Method {
	case methodGET:
		if _, ok := ctx.SessionStorer.Get(authboss.SessionKey); ok {
			if halfAuthed, ok := ctx.SessionStorer.Get(authboss.SessionHalfAuthKey); !ok || halfAuthed == "false" {
				http.Redirect(w, r, authboss.Cfg.AuthLoginSuccessRoute, http.StatusFound)
			}
		}

		data := authboss.NewHTMLData("showRemember", a.isRememberLoaded, "showRecover", a.isRecoverLoaded)
		return a.templates.Render(ctx, w, r, tplLogin, data)
	case methodPOST:
		interrupted, err := authboss.Cfg.Callbacks.FireBefore(authboss.EventAuth, ctx)
		if err != nil {
			return err
		} else if interrupted != authboss.InterruptNone {
			var reason string
			switch interrupted {
			case authboss.InterruptAccountLocked:
				reason = "Your account has been locked."
			case authboss.InterruptAccountNotConfirmed:
				reason = "Your account has not been confirmed."
			}
			render.Redirect(ctx, w, r, "/", "", reason)
			return nil
		}

		key, _ := ctx.FirstPostFormValue(authboss.Cfg.PrimaryID)
		password, _ := ctx.FirstPostFormValue("password")

		errData := authboss.NewHTMLData(
			"error", "invalid username and/or password",
			authboss.Cfg.PrimaryID, key,
			"showRemember", a.isRememberLoaded,
			"showRecover", a.isRecoverLoaded,
		)

		if validationErrs := ctx.Validate(a.policies); len(validationErrs) > 0 {
			fmt.Fprintln(authboss.Cfg.LogWriter, "auth: form validation failed:", validationErrs.Map())
			return a.templates.Render(ctx, w, r, tplLogin, errData)
		}

		if err := validateCredentials(ctx, key, password); err != nil {
			fmt.Fprintln(authboss.Cfg.LogWriter, "auth: failed to validate credentials:", err)
			return a.templates.Render(ctx, w, r, tplLogin, errData)
		}

		ctx.SessionStorer.Put(authboss.SessionKey, key)
		authboss.Cfg.Callbacks.FireAfter(authboss.EventAuth, ctx)
		http.Redirect(w, r, authboss.Cfg.AuthLoginSuccessRoute, http.StatusFound)
	default:
		w.WriteHeader(http.StatusMethodNotAllowed)
	}

	return nil
}

func validateCredentials(ctx *authboss.Context, key, password string) error {
	if err := ctx.LoadUser(key); err != nil {
		return err
	}

	actualPassword, err := ctx.User.StringErr(authboss.StorePassword)
	if err != nil {
		return err
	}

	if err := bcrypt.CompareHashAndPassword([]byte(actualPassword), []byte(password)); err != nil {
		return err
	}

	return nil
}

func (a *AuthModule) logoutHandlerFunc(ctx *authboss.Context, w http.ResponseWriter, r *http.Request) error {
	switch r.Method {
	case methodGET:
		ctx.SessionStorer.Del(authboss.SessionKey)
		http.Redirect(w, r, authboss.Cfg.AuthLogoutRoute, http.StatusFound)
	default:
		w.WriteHeader(http.StatusMethodNotAllowed)
	}

	return nil
}
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`package auth`

			`import (`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 23:24:12 +02:00			`"fmt"`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`"net/http"`

Fix bad hg dependencies :D 2015-01-13 09:51:25 +02:00			`"golang.org/x/crypto/bcrypt"`
Fixed auth to work with root changes 2015-01-10 08:51:02 +02:00			`"gopkg.in/authboss.v0"`
Reworking auth 2015-02-21 09:33:35 +02:00			`"gopkg.in/authboss.v0/internal/render"`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`)`

			`const (`
			`methodGET = "GET"`
			`methodPOST = "POST"`

Reworking auth 2015-02-21 09:33:35 +02:00			`tplLogin = "login.tpl"`
Cleaned up auth module and tests 2015-01-13 07:08:52 +02:00			`)`
Added auth endpoint POST 2015-01-11 08:49:06 +02:00
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`func init() {`
Reworking auth 2015-02-21 09:33:35 +02:00			`a := &AuthModule{}`
Aaron broke my world. 2015-01-08 09:45:41 +02:00			`authboss.RegisterModule("auth", a)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`type AuthModule struct {`
			`templates render.Templates`
			`policies []authboss.Validator`
Changed remember and auth to work together. 2015-01-16 01:10:47 +02:00			`isRememberLoaded bool`
Recover emailing WIP 2015-01-17 07:49:23 +02:00			`isRecoverLoaded bool`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`func (a *AuthModule) Initialize() (err error) {`
			`a.templates, err = render.LoadTemplates(authboss.Cfg.Layout, authboss.Cfg.ViewsPath, tplLogin)`
			`if err != nil {`
Move all html to internal packge views 2015-01-19 00:24:20 +02:00			`return err`
Added styles to modules. Stylized login module. Added tester 2015-01-05 06:41:20 +02:00			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`a.policies = authboss.FilterValidators(authboss.Cfg.Policies, authboss.Cfg.PrimaryID, authboss.StorePassword)`
Added auth module view overriding 2015-01-05 00:50:34 +02:00
Changed remember and auth to work together. 2015-01-16 01:10:47 +02:00			`a.isRememberLoaded = authboss.IsLoaded("remember")`
Recover emailing WIP 2015-01-17 07:49:23 +02:00			`a.isRecoverLoaded = authboss.IsLoaded("recover")`
Changed remember and auth to work together. 2015-01-16 01:10:47 +02:00
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`return nil`
			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`func (a *AuthModule) Routes() authboss.RouteTable {`
			`return authboss.RouteTable{`
			`"login": a.loginHandlerFunc,`
			`"logout": a.logoutHandlerFunc,`
			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`func (a *AuthModule) Storage() authboss.StorageOptions {`
			`return authboss.StorageOptions{`
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`authboss.Cfg.PrimaryID: authboss.String,`
			`authboss.StorePassword: authboss.String,`
Reworking auth 2015-02-21 09:33:35 +02:00			`}`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`func (a AuthModule) loginHandlerFunc(ctx authboss.Context, w http.ResponseWriter, r *http.Request) error {`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`switch r.Method {`
			`case methodGET:`
Implement auth logout - Add del to client storer interface 2015-01-16 02:04:33 +02:00			`if _, ok := ctx.SessionStorer.Get(authboss.SessionKey); ok {`
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`if halfAuthed, ok := ctx.SessionStorer.Get(authboss.SessionHalfAuthKey); !ok \|\| halfAuthed == "false" {`
Change config to be global. Updated most modules and tests. 2015-02-16 06:07:36 +02:00			`http.Redirect(w, r, authboss.Cfg.AuthLoginSuccessRoute, http.StatusFound)`
Implement auth logout - Add del to client storer interface 2015-01-16 02:04:33 +02:00			`}`
			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`data := authboss.NewHTMLData("showRemember", a.isRememberLoaded, "showRecover", a.isRecoverLoaded)`
			`return a.templates.Render(ctx, w, r, tplLogin, data)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`case methodPOST:`
Reworking auth 2015-02-21 09:33:35 +02:00			`interrupted, err := authboss.Cfg.Callbacks.FireBefore(authboss.EventAuth, ctx)`
			`if err != nil {`
			`return err`
Fix auth interruption handling. 2015-02-22 22:47:02 +02:00			`} else if interrupted != authboss.InterruptNone {`
			`var reason string`
			`switch interrupted {`
			`case authboss.InterruptAccountLocked:`
			`reason = "Your account has been locked."`
			`case authboss.InterruptAccountNotConfirmed:`
			`reason = "Your account has not been confirmed."`
			`}`
			`render.Redirect(ctx, w, r, "/", "", reason)`
			`return nil`
Add response writer to client storer 2015-01-16 00:01:01 +02:00			`}`

Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`key, _ := ctx.FirstPostFormValue(authboss.Cfg.PrimaryID)`
Reworking auth 2015-02-21 09:33:35 +02:00			`password, _ := ctx.FirstPostFormValue("password")`
Add response writer to client storer 2015-01-16 00:01:01 +02:00
Reworking auth 2015-02-21 09:33:35 +02:00			`errData := authboss.NewHTMLData(`
			`"error", "invalid username and/or password",`
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`authboss.Cfg.PrimaryID, key,`
Reworking auth 2015-02-21 09:33:35 +02:00			`"showRemember", a.isRememberLoaded,`
			`"showRecover", a.isRecoverLoaded,`
			`)`

			`if validationErrs := ctx.Validate(a.policies); len(validationErrs) > 0 {`
			`fmt.Fprintln(authboss.Cfg.LogWriter, "auth: form validation failed:", validationErrs.Map())`
			`return a.templates.Render(ctx, w, r, tplLogin, errData)`
Add response writer to client storer 2015-01-16 00:01:01 +02:00			`}`
Cleaned up auth module and tests 2015-01-13 07:08:52 +02:00
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`if err := validateCredentials(ctx, key, password); err != nil {`
Reworking auth 2015-02-21 09:33:35 +02:00			`fmt.Fprintln(authboss.Cfg.LogWriter, "auth: failed to validate credentials:", err)`
			`return a.templates.Render(ctx, w, r, tplLogin, errData)`
Made things work with other things. 2015-01-11 09:12:40 +02:00			`}`
Changed remember and auth to work together. 2015-01-16 01:10:47 +02:00
Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`ctx.SessionStorer.Put(authboss.SessionKey, key)`
Change config to be global. Updated most modules and tests. 2015-02-16 06:07:36 +02:00			`authboss.Cfg.Callbacks.FireAfter(authboss.EventAuth, ctx)`
			`http.Redirect(w, r, authboss.Cfg.AuthLoginSuccessRoute, http.StatusFound)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`default:`
			`w.WriteHeader(http.StatusMethodNotAllowed)`
			`}`
Reworking auth 2015-02-21 09:33:35 +02:00
			`return nil`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`

Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`func validateCredentials(ctx *authboss.Context, key, password string) error {`
			`if err := ctx.LoadUser(key); err != nil {`
Cleaned up auth module and tests 2015-01-13 07:08:52 +02:00			`return err`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 23:24:12 +02:00			`}`

Add PrimaryID to the system. - Fix #17 2015-02-22 23:16:11 +02:00			`actualPassword, err := ctx.User.StringErr(authboss.StorePassword)`
Reworking auth 2015-02-21 09:33:35 +02:00			`if err != nil {`
			`return err`
Fixed auth and auth tests. - Added more error checking to remember module. 2015-01-15 23:24:12 +02:00			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`if err := bcrypt.CompareHashAndPassword([]byte(actualPassword), []byte(password)); err != nil {`
			`return err`
Added auth endpoint POST 2015-01-11 08:49:06 +02:00			`}`

			`return nil`
			`}`

Reworking auth 2015-02-21 09:33:35 +02:00			`func (a AuthModule) logoutHandlerFunc(ctx authboss.Context, w http.ResponseWriter, r *http.Request) error {`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`switch r.Method {`
			`case methodGET:`
Implement auth logout - Add del to client storer interface 2015-01-16 02:04:33 +02:00			`ctx.SessionStorer.Del(authboss.SessionKey)`
Change config to be global. Updated most modules and tests. 2015-02-16 06:07:36 +02:00			`http.Redirect(w, r, authboss.Cfg.AuthLogoutRoute, http.StatusFound)`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`default:`
			`w.WriteHeader(http.StatusMethodNotAllowed)`
			`}`
Reworking auth 2015-02-21 09:33:35 +02:00
			`return nil`
started work on auth module. redefined how configuration is going to work and where core is going to reside 2015-01-04 20:33:53 +02:00			`}`