skeleton/internal/web/handlers.go
2019-08-22 00:49:23 +02:00

55 lines
1.2 KiB
Go

package web
import (
"net/http"
"bitmask.me/skeleton/internal/app"
"github.com/alexedwards/scs"
"github.com/gorilla/csrf"
)
type Config struct {
CSRFSecret string `env:"CSRF_TOKEN"`
}
type Handlers struct {
*app.App
session *scs.Session
Config *Config
}
func NewHandlers(app *app.App) *Handlers {
h := &Handlers{App: app}
h.session = scs.NewSession()
h.session.Cookie.Persist = false
h.session.Cookie.Secure = false
return h
}
func (h *Handlers) Session() *scs.Session {
return h.session
}
func (h *Handlers) commonRenderContext(r *http.Request) map[string]interface{} {
return map[string]interface{}{
csrf.TemplateTag: csrf.TemplateField(r),
"Username": h.Session().GetString(r.Context(), SessKeyUserName),
"UserID": h.Session().GetString(r.Context(), SessKeyUserID),
}
}
func (h *Handlers) CSRF() func(http.Handler) http.Handler {
if h.Config.CSRFSecret == "" {
// TODO FIXME: generate random
h.Config.CSRFSecret = "12345678901234567890123456789012"
}
return csrf.Protect(
[]byte(h.Config.CSRFSecret),
csrf.FieldName("authenticity_token"),
csrf.Secure(h.session.Cookie.Secure),
)
}
func (h *Handlers) LandingPageHandler(w http.ResponseWriter, r *http.Request) {
h.Templates().Get("landing.tmpl").Execute(w, nil)
}