Add response writer to client storer

2025-02-09 13:47:09 +02:00 · 2015-01-15 14:01:01 -08:00 · 2015-01-15 14:01:01 -08:00 · 716e7dd6ba
commit 716e7dd6ba
parent 443f482b71
8 changed files with 53 additions and 8 deletions
--- a/auth/auth.go
+++ b/auth/auth.go
@ -43,6 +43,7 @@ type Auth struct {
 	loginRedirect  string
 	logger         io.Writer
 	templates      *template.Template
+	callbacks      *authboss.Callbacks
 }

 func (a *Auth) Initialize(c *authboss.Config) (err error) {
@ -69,6 +70,7 @@ func (a *Auth) Initialize(c *authboss.Config) (err error) {
 	a.logoutRedirect = c.AuthLogoutRoute
 	a.loginRedirect = c.AuthLoginSuccessRoute
 	a.logger = c.LogWriter
+	a.callbacks = c.Callbacks

 	return nil
 }
@ -86,8 +88,20 @@ func (a *Auth) loginHandlerFunc(c *authboss.Context, w http.ResponseWriter, r *h
 	case methodGET:
 		a.templates.ExecuteTemplate(w, pageLogin, nil)
 	case methodPOST:
-		u := r.PostFormValue("username")
-		p := r.PostFormValue("password")
+		u, ok := c.FirstPostFormValue("username")
+		if !ok {
+			fmt.Fprintln(a.logger, errors.New("auth: Expected postFormValue 'username' to be in the context"))
+		}
+
+		if err := a.callbacks.FireBefore(authboss.EventAuth, c); err != nil {
+			w.WriteHeader(http.StatusForbidden)
+			a.templates.ExecuteTemplate(w, pageLogin, AuthPage{err.Error(), u})
+		}
+
+		p, ok := c.FirstPostFormValue("password")
+		if !ok {
+			fmt.Fprintln(a.logger, errors.New("auth: Expected postFormValue 'password' to be in the context"))
+		}

 		if err := a.authenticate(u, p); err != nil {
 			fmt.Fprintln(a.logger, err)
--- a/auth/auth_test.go
+++ b/auth/auth_test.go
@ -166,7 +166,13 @@ func TestAuth_loginHandlerFunc_POST(t *testing.T) {
 		r.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 		w := httptest.NewRecorder()

-		a.loginHandlerFunc(nil, w, r)
+		ctx, err := authboss.ContextFromRequest(r)
+		if err != nil {
+			t.Errorf("%d> Unexpected error '%s'", i, err)
+			continue
+		}
+
+		a.loginHandlerFunc(ctx, w, r)

 		if test.StatusCode != w.Code {
 			t.Errorf("%d> Expected status code %d, got %d", i, test.StatusCode, w.Code)
--- a/authboss_test.go
+++ b/authboss_test.go
@ -42,7 +42,7 @@ func TestAuthBossRouter(t *testing.T) {
 	t.Parallel()

 	c := NewConfig()
-	c.CookieStoreMaker = func(_ *http.Request) ClientStorer {
+	c.CookieStoreMaker = func(_ http.ResponseWriter, _ *http.Request) ClientStorer {
 		return clientStoreMock{}
 	}
 	c.SessionStoreMaker = SessionStoreMaker(c.CookieStoreMaker)
--- a/client_storer.go
+++ b/client_storer.go
@ -14,10 +14,10 @@ type ClientStorer interface {

 // CookieStoreMaker is used to create a cookie storer from an http request. Keep in mind
 // security considerations for your implementation, Secure, HTTP-Only, etc flags.
-type CookieStoreMaker func(*http.Request) ClientStorer
+type CookieStoreMaker func(http.ResponseWriter, *http.Request) ClientStorer

 // SessionStoreMaker is used to create a session storer from an http request.
 // It must be implemented to satisfy certain modules (auth, remember primarily).
 // It should be a secure storage of the session. This means if it represents a cookie-based session
 // storage these cookies should be signed in order to prevent tampering, or they should be encrypted.
-type SessionStoreMaker func(*http.Request) ClientStorer
+type SessionStoreMaker func(http.ResponseWriter, *http.Request) ClientStorer
--- a/config.go
+++ b/config.go
@ -17,6 +17,7 @@ type Config struct {
 	CookieStoreMaker  CookieStoreMaker  `json:"-" xml:"-"`
 	SessionStoreMaker SessionStoreMaker `json:"-" xml:"-"`
 	LogWriter         io.Writer         `json:"-" xml:"-"`
+	Callbacks         *Callbacks        `json:"-" xml:"-"`
 }

 // NewConfig creates a new config full of default values ready to override.
@ -29,5 +30,6 @@ func NewConfig() *Config {
 		AuthLoginSuccessRoute: "http://www.google.com",

 		LogWriter: ioutil.Discard,
+		Callbacks: NewCallbacks(),
 	}
 }
--- a/context.go
+++ b/context.go
@ -56,6 +56,28 @@ func (c *Context) PostFormValue(key string) ([]string, bool) {
 	return val, ok
 }

+// FirstFormValue gets the first form value from a context created with a request.
+func (c *Context) FirstFormValue(key string) (string, bool) {
+	val, ok := c.formValues[key]
+
+	if !ok || len(val) == 0 || len(val[0]) == 0 {
+		return "", false
+	}
+
+	return val[0], ok
+}
+
+// FirstPostFormValue gets the first form value from a context created with a request.
+func (c *Context) FirstPostFormValue(key string) (string, bool) {
+	val, ok := c.postFormValues[key]
+
+	if !ok || len(val) == 0 || len(val[0]) == 0 {
+		return "", false
+	}
+
+	return val[0], ok
+}
+
 // LoadUser loads the user Attributes if they haven't already been loaded.
 func (c *Context) LoadUser(key string, storer Storer) error {
 	if c.User != nil {
--- a/remember/remember.go
+++ b/remember/remember.go
@ -54,6 +54,7 @@ func (r *Remember) Initialize(c *authboss.Config) error {
 	}

 	r.logger = c.LogWriter
+	c.Callbacks.After(authboss.EventAuth, r.AfterAuth)

 	return nil
 }
--- a/router.go
+++ b/router.go
@ -38,8 +38,8 @@ func (c contextRoute) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	ctx.CookieStorer = c.config.CookieStoreMaker(r)
-	ctx.SessionStorer = c.config.SessionStoreMaker(r)
+	ctx.CookieStorer = c.config.CookieStoreMaker(w, r)
+	ctx.SessionStorer = c.config.SessionStoreMaker(w, r)

 	c.fn(ctx, w, r)
 }