lets-go:11.6 authz again
This commit is contained in:
parent
8a854768a0
commit
7db05bca1d
@ -13,12 +13,12 @@ import (
|
||||
)
|
||||
|
||||
// newTemplateData ...
|
||||
func (app *application )newTemplateData(r *http.Request) templateData {
|
||||
func (app *application) newTemplateData(r *http.Request) templateData {
|
||||
return templateData{
|
||||
CurrentYear: time.Now().Year(),
|
||||
Flash: app.sessionManager.PopString(r.Context(), "flash"),
|
||||
CurrentYear: time.Now().Year(),
|
||||
Flash: app.sessionManager.PopString(r.Context(), "flash"),
|
||||
IsAuthenticated: app.isAuthenticated(r),
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// render ...
|
||||
@ -81,3 +81,7 @@ func (app *application) decodePostForm(r *http.Request, dst any) error {
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (app *application) isAuthenticated(r *http.Request) bool {
|
||||
return app.sessionManager.Exists(r.Context(), "authenticatedUserID")
|
||||
}
|
||||
|
@ -46,3 +46,16 @@ func secureHeaders(next http.Handler) http.Handler {
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
||||
func (app *application) requireAuthentication(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
if !app.isAuthenticated(r) {
|
||||
http.Redirect(w, r, "/user/login", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
w.Header().Add("Cache-Control", "no-store")
|
||||
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
|
@ -27,13 +27,16 @@ func (app *application) routes() http.Handler {
|
||||
|
||||
router.Handler(http.MethodGet, "/", dynamic.ThenFunc(app.home))
|
||||
router.Handler(http.MethodGet, "/snippet/view/:id", dynamic.ThenFunc(app.snippetView))
|
||||
router.Handler(http.MethodGet, "/snippet/create", dynamic.ThenFunc(app.snippetCreate))
|
||||
router.Handler(http.MethodPost, "/snippet/create", dynamic.ThenFunc(app.snippetCreatePost))
|
||||
router.Handler(http.MethodGet, "/user/signup", dynamic.ThenFunc(app.userSignup))
|
||||
router.Handler(http.MethodPost, "/user/signup", dynamic.ThenFunc(app.userSignupPost))
|
||||
router.Handler(http.MethodGet, "/user/login", dynamic.ThenFunc(app.userLogin))
|
||||
router.Handler(http.MethodPost, "/user/login", dynamic.ThenFunc(app.userLoginPost))
|
||||
router.Handler(http.MethodPost, "/user/logout", dynamic.ThenFunc(app.userLogoutPost))
|
||||
|
||||
protected := dynamic.Append(app.requireAuthentication)
|
||||
|
||||
router.Handler(http.MethodGet, "/snippet/create", protected.ThenFunc(app.snippetCreate))
|
||||
router.Handler(http.MethodPost, "/snippet/create", protected.ThenFunc(app.snippetCreatePost))
|
||||
router.Handler(http.MethodPost, "/user/logout", protected.ThenFunc(app.userLogoutPost))
|
||||
|
||||
standard := alice.New(app.recoverPanic, app.logRequest, secureHeaders)
|
||||
|
||||
|
@ -9,11 +9,12 @@ import (
|
||||
)
|
||||
|
||||
type templateData struct {
|
||||
CurrentYear int
|
||||
Snippet models.Snippet
|
||||
Snippets []models.Snippet
|
||||
Form any
|
||||
Flash string
|
||||
CurrentYear int
|
||||
Snippet models.Snippet
|
||||
Snippets []models.Snippet
|
||||
Form any
|
||||
Flash string
|
||||
IsAuthenticated bool
|
||||
}
|
||||
|
||||
// humanDate ...
|
||||
|
@ -2,14 +2,19 @@
|
||||
<nav>
|
||||
<div>
|
||||
<a href="/">Home</a>
|
||||
{{if .IsAuthenticated}}
|
||||
<a href="/snippet/create">Create Snippet</a>
|
||||
{{end}}
|
||||
</div>
|
||||
<div>
|
||||
<a href="/user/signup">Signup</a>
|
||||
<a href="/user/login">Login</a>
|
||||
{{if .IsAuthenticated}}
|
||||
<form action="/user/logout" method="POST">
|
||||
<button>Logout</button>
|
||||
</form>
|
||||
{{else}}
|
||||
<a href="/user/signup">Signup</a>
|
||||
<a href="/user/login">Login</a>
|
||||
{{end}}
|
||||
</div>
|
||||
</nav>
|
||||
{{end}}
|
||||
{{end}}
|
||||
|
Loading…
Reference in New Issue
Block a user