transmet/route_handlers.go

package main

import (
	"github.com/gorilla/mux"
	"github.com/gorilla/sessions"
	"net/http"
	"github.com/dballard/transmet/user"
	"fmt"
	"time"
)

func GetFlashes(session *sessions.Session) map[string]interface{} {
	var flashes = make(map[string]interface{})
	flashes["error"] = session.Flashes(flash_err)
	flashes["info"] = session.Flashes(flash_info)
	return flashes
}

func sessionWipe(session *sessions.Session) {
	session.Values = make(map[interface{}]interface{})
}

func initSessionUser(r *http.Request) (*user.User, *sessions.Session) {
	session, _ := store.Get(r, "c_user")
	if session.Values["username"] == nil {
		return nil, session
	}

	return user.NewUserFromUsername(db, session.Values["username"].(string)), session
}

// wrapper for handlers requiring a User
func userHandler(next func(http.ResponseWriter, *http.Request, *user.User)) func(http.ResponseWriter, *http.Request) {
	return func(w http.ResponseWriter, r *http.Request) {
		user, _ := initSessionUser(r)
		if user == nil {
			http.Redirect(w, r, "/", http.StatusFound)
		} else {
			next(w, r, user)
		}
	}
}

// wrapper for handlers forking on GET and POST
//   r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
func getPostHandler(getFn, postFn func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
	return func(w http.ResponseWriter, r *http.Request) {
		if r.Method == "GET" {
			getFn(w, r)
		} else { // POST
			postFn(w, r)
		}
	}
}

// Log in page handler
func LoginFormHandler(w http.ResponseWriter, r *http.Request) {
	session, _ := store.Get(r, "c_user")
	flashes := GetFlashes(session)
	session.Save(r, w)
	err := templates["login"].Execute(w, map[string]interface{}{"flashes": flashes})
	if err != nil {
		fmt.Println("Exec err: ", err)
	}
}

// handler for login POST
//  TODO: proper per account and client flood control rate limiting
//    currently weak per call slow down is by-passable at scale
func LoginPostHandler(w http.ResponseWriter, r *http.Request) {
	time.Sleep(500 * time.Millisecond) // WEAK poor mans rate limiting for logins
	r.ParseForm()
	username := r.PostFormValue("username")
	// lookup user
	password := r.PostFormValue("password")
	user := user.NewUserFromAuth(db, username, password)
	if user != nil {
		session, _ := store.Get(r, "c_user")
		session.Values["username"] = user.Username
		session.Save(r, w)
		http.Redirect(w, r, "/home", http.StatusFound)
	} else {
		time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins
		session, _ := store.Get(r, "c_user")
		session.AddFlash("Username or password", flash_err)
		session.Save(r, w)
		http.Redirect(w, r, "/login", http.StatusFound)
	}
}


func addFormHandler( ) {
	
}


func init_route_handlers() {
    http.Handle("/js/", http.StripPrefix("/js/", http.FileServer(http.Dir("js/"))))
	http.Handle("/css/", http.StripPrefix("/css/", http.FileServer(http.Dir("css/"))))
	http.Handle("/fonts/", http.StripPrefix("/fonts", http.FileServer(http.Dir("fonts/"))))

	r := mux.NewRouter()
	
	r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))
	r.HandleFunc("/add", getPostHandler(userHandler(addFormHandler), userHandler(addPostHandler)))
	r.HandleFunc("/", getPostHandler(userHandler(templateFormHandler), userHandler(templatePostHandler)))
	
	
	http.Handle("/", r)
}
fonts, routing setup 2015-04-29 17:25:48 +02:00			`package main`

			`import (`
			`"github.com/gorilla/mux"`
routing, user handling 2015-04-30 06:32:39 +02:00			`"github.com/gorilla/sessions"`
fonts, routing setup 2015-04-29 17:25:48 +02:00			`"net/http"`
routing, user handling 2015-04-30 06:32:39 +02:00			`"github.com/dballard/transmet/user"`
			`"fmt"`
			`"time"`
fonts, routing setup 2015-04-29 17:25:48 +02:00			`)`

routing, user handling 2015-04-30 06:32:39 +02:00			`func GetFlashes(session *sessions.Session) map[string]interface{} {`
			`var flashes = make(map[string]interface{})`
			`flashes["error"] = session.Flashes(flash_err)`
			`flashes["info"] = session.Flashes(flash_info)`
			`return flashes`
			`}`

			`func sessionWipe(session *sessions.Session) {`
			`session.Values = make(map[interface{}]interface{})`
			`}`

			`func initSessionUser(r http.Request) (user.User, *sessions.Session) {`
			`session, _ := store.Get(r, "c_user")`
			`if session.Values["username"] == nil {`
			`return nil, session`
			`}`

			`return user.NewUserFromUsername(db, session.Values["username"].(string)), session`
			`}`

			`// wrapper for handlers requiring a User`
			`func userHandler(next func(http.ResponseWriter, http.Request, user.User)) func(http.ResponseWriter, *http.Request) {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`user, _ := initSessionUser(r)`
			`if user == nil {`
			`http.Redirect(w, r, "/", http.StatusFound)`
			`} else {`
			`next(w, r, user)`
			`}`
			`}`
			`}`

			`// wrapper for handlers forking on GET and POST`
			`// r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))`
			`func getPostHandler(getFn, postFn func(http.ResponseWriter, http.Request)) func(http.ResponseWriter, http.Request) {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`if r.Method == "GET" {`
			`getFn(w, r)`
			`} else { // POST`
			`postFn(w, r)`
			`}`
			`}`
			`}`

			`// Log in page handler`
			`func LoginFormHandler(w http.ResponseWriter, r *http.Request) {`
			`session, _ := store.Get(r, "c_user")`
			`flashes := GetFlashes(session)`
			`session.Save(r, w)`
			`err := templates["login"].Execute(w, map[string]interface{}{"flashes": flashes})`
			`if err != nil {`
			`fmt.Println("Exec err: ", err)`
			`}`
			`}`

			`// handler for login POST`
			`// TODO: proper per account and client flood control rate limiting`
			`// currently weak per call slow down is by-passable at scale`
			`func LoginPostHandler(w http.ResponseWriter, r *http.Request) {`
			`time.Sleep(500 * time.Millisecond) // WEAK poor mans rate limiting for logins`
			`r.ParseForm()`
			`username := r.PostFormValue("username")`
			`// lookup user`
			`password := r.PostFormValue("password")`
			`user := user.NewUserFromAuth(db, username, password)`
			`if user != nil {`
			`session, _ := store.Get(r, "c_user")`
			`session.Values["username"] = user.Username`
			`session.Save(r, w)`
			`http.Redirect(w, r, "/home", http.StatusFound)`
			`} else {`
			`time.Sleep(500 * time.Millisecond) // WEAK bypassable poor mans rate limiting for failed logins`
			`session, _ := store.Get(r, "c_user")`
			`session.AddFlash("Username or password", flash_err)`
			`session.Save(r, w)`
			`http.Redirect(w, r, "/login", http.StatusFound)`
			`}`
			`}`


			`func addFormHandler( ) {`

			`}`


fonts, routing setup 2015-04-29 17:25:48 +02:00			`func init_route_handlers() {`
			`http.Handle("/js/", http.StripPrefix("/js/", http.FileServer(http.Dir("js/"))))`
			`http.Handle("/css/", http.StripPrefix("/css/", http.FileServer(http.Dir("css/"))))`
			`http.Handle("/fonts/", http.StripPrefix("/fonts", http.FileServer(http.Dir("fonts/"))))`

			`r := mux.NewRouter()`

routing, user handling 2015-04-30 06:32:39 +02:00			`r.HandleFunc("/login", getPostHandler(LoginFormHandler, LoginPostHandler))`
			`r.HandleFunc("/add", getPostHandler(userHandler(addFormHandler), userHandler(addPostHandler)))`
			`r.HandleFunc("/", getPostHandler(userHandler(templateFormHandler), userHandler(templatePostHandler)))`
fonts, routing setup 2015-04-29 17:25:48 +02:00

			`http.Handle("/", r)`
			`}`