skeleton/internal/web/handlers.go

package web

import (
	"net/http"

	"bitmask.me/skeleton/internal/app"
	scs "github.com/alexedwards/scs/v2"
	"github.com/gorilla/csrf"
)

type Config struct {
	CSRFSecret string `env:"CSRF_TOKEN"`
}

type Handlers struct {
	*app.App
	session *scs.Session
	Config  *Config
}

func NewHandlers(app *app.App) *Handlers {
	h := &Handlers{App: app}
	h.session = scs.NewSession()
	h.session.Cookie.Persist = false
	h.session.Cookie.Secure = false
	return h
}

func (h *Handlers) Session() *scs.Session {
	return h.session
}

func (h *Handlers) commonRenderContext(r *http.Request) map[string]interface{} {
	return map[string]interface{}{
		csrf.TemplateTag: csrf.TemplateField(r),
		"Username":       h.Session().GetString(r.Context(), SessKeyUserName),
		"UserID":         h.Session().GetString(r.Context(), SessKeyUserID),
	}
}

func (h *Handlers) CSRF() func(http.Handler) http.Handler {
	if h.Config.CSRFSecret == "" {
		// TODO FIXME: generate random
		h.Config.CSRFSecret = "12345678901234567890123456789012"
	}
	return csrf.Protect(
		[]byte(h.Config.CSRFSecret),
		csrf.FieldName("authenticity_token"),
		csrf.Secure(h.session.Cookie.Secure),
	)
}

func (h *Handlers) LandingPageHandler(w http.ResponseWriter, r *http.Request) {
	h.Templates().Get("landing.tmpl").Execute(w, nil)
}
Initial commit 2019-05-14 14:11:03 +02:00			`package web`

			`import (`
			`"net/http"`

			`"bitmask.me/skeleton/internal/app"`
Switch to go modules 2019-12-14 07:28:33 +01:00			`scs "github.com/alexedwards/scs/v2"`
Add login view 2019-08-22 00:48:27 +02:00			`"github.com/gorilla/csrf"`
Initial commit 2019-05-14 14:11:03 +02:00			`)`

Make CSRF customizable 2019-08-22 00:49:23 +02:00			`type Config struct {`
			CSRFSecret string `env:"CSRF_TOKEN"`
			`}`

Initial commit 2019-05-14 14:11:03 +02:00			`type Handlers struct {`
			`*app.App`
			`session *scs.Session`
Make CSRF customizable 2019-08-22 00:49:23 +02:00			`Config *Config`
Initial commit 2019-05-14 14:11:03 +02:00			`}`

			`func NewHandlers(app app.App) Handlers {`
			`h := &Handlers{App: app}`
			`h.session = scs.NewSession()`
			`h.session.Cookie.Persist = false`
			`h.session.Cookie.Secure = false`
			`return h`
			`}`

			`func (h Handlers) Session() scs.Session {`
			`return h.session`
			`}`

Add login view 2019-08-22 00:48:27 +02:00			`func (h Handlers) commonRenderContext(r http.Request) map[string]interface{} {`
			`return map[string]interface{}{`
			`csrf.TemplateTag: csrf.TemplateField(r),`
			`"Username": h.Session().GetString(r.Context(), SessKeyUserName),`
			`"UserID": h.Session().GetString(r.Context(), SessKeyUserID),`
			`}`
			`}`

			`func (h *Handlers) CSRF() func(http.Handler) http.Handler {`
Make CSRF customizable 2019-08-22 00:49:23 +02:00			`if h.Config.CSRFSecret == "" {`
			`// TODO FIXME: generate random`
			`h.Config.CSRFSecret = "12345678901234567890123456789012"`
			`}`
Add login view 2019-08-22 00:48:27 +02:00			`return csrf.Protect(`
Make CSRF customizable 2019-08-22 00:49:23 +02:00			`[]byte(h.Config.CSRFSecret),`
Add login view 2019-08-22 00:48:27 +02:00			`csrf.FieldName("authenticity_token"),`
			`csrf.Secure(h.session.Cookie.Secure),`
			`)`
			`}`

Initial commit 2019-05-14 14:11:03 +02:00			`func (h Handlers) LandingPageHandler(w http.ResponseWriter, r http.Request) {`
			`h.Templates().Get("landing.tmpl").Execute(w, nil)`
			`}`