site/zedshaw.games
1
0
Fork 0
Code Issues 7 Pull requests Projects Releases Packages Wiki Activity Actions

Now have a basic auth library for doing bcrypt auth.

Browse source
This commit is contained in:
Zed A. Shaw 2025-06-27 12:02:05 -04:00
parent b0c4144987
commit eaaf309260
4 changed files with 69 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

55
api/auth.go Normal file
View file

@ -0,0 +1,55 @@
package api
import (
"golang.org/x/crypto/bcrypt"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session"
"zedshaw.games/webapp/data"
)
func CheckAuthed(c *fiber.Ctx) (bool, *session.Session, error) {
sess, err := STORE.Get(c)
if err != nil { return false, sess, err }
authed := sess.Get("authenticated") == true
return authed, sess, nil
}
func NotAuthed(err error, authed bool) bool {
return err != nil || authed == false
}
func LogoutUser(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return err }
sess.Set("authenticated", false)
err = sess.Save()
return err
}
func LoginUser(result *data.User, login *data.Login) (bool, error) {
sql, args, err := sq.Select("username, password").
From("user").Where("username=?", login.Username).ToSql()
if err != nil { return false, err }
err = data.DB.Get(result, sql, args...)
if err != nil { return false, err }
pass_good := bcrypt.CompareHashAndPassword([]byte(result.Password), []byte(login.Password))
if pass_good != nil { return false, pass_good }
return login.Username == result.Username && pass_good == nil, nil
}
func SetUserPassword(password string, user *data.User) error {
hashed, err := bcrypt.GenerateFromPassword([]byte(password), 12)
if err == nil { return err }
user.Password = string(hashed)
return nil
}

34
api/controllers.go
View file

@ -2,8 +2,8 @@ package api
import ( import (
"log" "log"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
sq "github.com/Masterminds/squirrel" sq "github.com/Masterminds/squirrel"
"github.com/gofiber/fiber/v2/middleware/session" "github.com/gofiber/fiber/v2/middleware/session"
@ -13,25 +13,17 @@ import (
var STORE *session.Store var STORE *session.Store
func Logout(c *fiber.Ctx) error {
sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) }
sess.Set("authenticated", false) func GetApiLogout(c *fiber.Ctx) error {
err = sess.Save() err := LogoutUser(c)
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
return c.Redirect("/") return c.Redirect("/")
} }
func GetApiStream(c *fiber.Ctx) error { func GetApiStream(c *fiber.Ctx) error {
sess, err := STORE.Get(c) authed, _, err := CheckAuthed(c)
if err != nil { return IfErrNil(err, c) } if NotAuthed(err, authed) { return IfErrNil(err, c) }
if sess.Get("authenticated") != true {
// NOTE: need my own error thing
return IfErrNil(err, c)
}
sql, args, err := sq.Select("*").From("stream").ToSql() sql, args, err := sq.Select("*").From("stream").ToSql()
err = data.SelectJson[data.Stream](c, err, sql, args...) err = data.SelectJson[data.Stream](c, err, sql, args...)
@ -58,20 +50,15 @@ func GetApiStreamIdLinks(c *fiber.Ctx) error {
} }
func PostApiLogin(c *fiber.Ctx) error { func PostApiLogin(c *fiber.Ctx) error {
var result data.User var user data.User
login, err := ReceivePost[data.Login](c) login, err := ReceivePost[data.Login](c)
if(err != nil) { return IfErrNil(err, c) } if(err != nil) { return IfErrNil(err, c) }
sql, args, err := sq.Select("username, password"). pass_good, err := LoginUser(&user, login)
From("user").Where("username=?", login.Username).ToSql()
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
err = data.DB.Get(&result, sql, args...) if pass_good {
if err != nil { return IfErrNil(err, c) }
if login.Username == result.Username && login.Password == result.Password {
sess, err := STORE.Get(c) sess, err := STORE.Get(c)
if err != nil { return IfErrNil(err, c) } if err != nil { return IfErrNil(err, c) }
@ -103,12 +90,11 @@ func PostApiLink(c *fiber.Ctx) error {
return IfErrNil(err, c) return IfErrNil(err, c)
} }
func Setup(app *fiber.App) { func Setup(app *fiber.App) {
STORE = session.New() STORE = session.New()
app.Get("/api/stream/", GetApiStream) app.Get("/api/stream", GetApiStream)
app.Get("/api/logout/", Logout) app.Get("/api/logout", GetApiLogout)
app.Get("/api/stream/:id", GetApiStreamId) app.Get("/api/stream/:id", GetApiStreamId)
app.Get("/api/stream/:id/links", GetApiStreamIdLinks) app.Get("/api/stream/:id/links", GetApiStreamIdLinks)
app.Post("/api/login", PostApiLogin) app.Post("/api/login", PostApiLogin)

2
go.mod
View file

@ -11,6 +11,7 @@ require (
github.com/jmoiron/sqlx v1.4.0 github.com/jmoiron/sqlx v1.4.0
github.com/mattn/go-sqlite3 v1.14.28 github.com/mattn/go-sqlite3 v1.14.28
github.com/stretchr/testify v1.10.0 github.com/stretchr/testify v1.10.0
golang.org/x/crypto v0.39.0
) )
require ( require (
@ -95,7 +96,6 @@ require (
go.opentelemetry.io/otel v1.35.0 // indirect go.opentelemetry.io/otel v1.35.0 // indirect
go.opentelemetry.io/otel/trace v1.35.0 // indirect go.opentelemetry.io/otel/trace v1.35.0 // indirect
go.uber.org/multierr v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b // indirect golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b // indirect
golang.org/x/mod v0.25.0 // indirect golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.41.0 // indirect golang.org/x/net v0.41.0 // indirect

1
public/login/index.html
View file

@ -8,7 +8,6 @@
<title>ZedShaw's Game Thing</title> <title>ZedShaw's Game Thing</title>
</head> </head>
<body data-testid="login-page"> <body data-testid="login-page">
<header> <header>
<a href="/">🏡</a> <span>Zed's Game Dev Website Yay</span> <a href="/">🏡</a> <span>Zed's Game Dev Website Yay</span>