williamp/chatservice_concept
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: williamp:14c78536de7af8c9e4ca1f93d3e49b6fda5a5753
Branches Tags
williamp:master williamp:simple_client
...
compare: williamp:4b3d64c5cd1d6e2261c010b5f4acb07b6f331725
Branches Tags
williamp:master williamp:simple_client

2 Commits
14c78536de ... 4b3d64c5cd

Author SHA1 Message Date
William P
4b3d64c5cd add logout method 2025-04-08 21:30:42 -04:00
William P
799bf784aa allow LoginCtx to handle anonymous users 2025-04-08 21:00:33 -04:00
3 changed files with 50 additions and 12 deletions
Expand all files Collapse all files

6
api/api.go
View File

@@ -72,6 +72,12 @@ func Start() {
r.Post("/", Login) r.Post("/", Login)
}) })
r.Route("/logout", func(r chi.Router) {
r.Use(SessionAuthMiddleware)
r.Post("/", Logout)
})
r.Route("/register", func(r chi.Router) { r.Route("/register", func(r chi.Router) {
r.Post("/", NewUser) r.Post("/", NewUser)
}) })

31
api/auth.go
View File

@@ -3,6 +3,7 @@ package api
import ( import (
"context" "context"
"net/http" "net/http"
"time"
"github.com/google/uuid" "github.com/google/uuid"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
@@ -47,6 +48,29 @@ func Login(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("Login successful")) w.Write([]byte("Login successful"))
} }
func Logout(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("session_token")
if err != nil {
http.Error(w, "No session cookie found. You are already logged out", http.StatusBadRequest)
return
}
sessionToken := cookie.Value
username, valid := ValidateSession(sessionToken)
if !valid {
http.Error(w, "Session cookie could not be validated. You are already logged out", http.StatusBadRequest)
return
}
DeleteSession(sessionToken)
cookie.Expires = time.Now()
http.SetCookie(w, cookie)
w.Write([]byte(username + " has been logged out"))
}
var sessionStore = make(map[string]string) var sessionStore = make(map[string]string)
func CreateSession(username string) string { func CreateSession(username string) string {
@@ -60,6 +84,13 @@ func ValidateSession(sessionToken string) (string, bool) {
return username, exists return username, exists
} }
func DeleteSession(sessionToken string) (string, bool) {
username, exists := sessionStore[sessionToken]
delete(sessionStore, username)
return username, exists
}
type contextKey string type contextKey string
const usernameKey contextKey = "username" const usernameKey contextKey = "username"

25
api/user.go
View File

@@ -32,28 +32,29 @@ func UserCtx(next http.Handler) http.Handler {
func Whoami(w http.ResponseWriter, r *http.Request) { func Whoami(w http.ResponseWriter, r *http.Request) {
user, ok := r.Context().Value(userKey{}).(*User) user, ok := r.Context().Value(userKey{}).(*User)
if !ok { if !ok || user == nil {
w.Write([]byte("undefined")) // Anonymous user
return w.Write([]byte("anonymous"))
} else {
w.Write([]byte(user.Name))
return return
} }
w.Write([]byte(user.Name))
} }
func LoginCtx(next http.Handler) http.Handler { func LoginCtx(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var user *User // Try to retrieve username from context
var err error username, ok := r.Context().Value(usernameKey).(string)
if !ok || username == "" {
if username := r.Context().Value(usernameKey).(string); username != "" { // No username provided, assume it's an anonymous user
user, err = dbGetUserByName(username) next.ServeHTTP(w, r)
} else {
render.Render(w, r, ErrNotFound)
return return
} }
// Lookup user in the database
user, err := dbGetUserByName(username)
if err != nil { if err != nil {
// If user is specified and not found, throw an error
render.Render(w, r, ErrNotFound) render.Render(w, r, ErrNotFound)
return return
} }