mirror of
https://git.freecumextremist.com/grumbulon/pomme.git
synced 2024-06-02 12:36:06 +00:00
88 lines
1.8 KiB
Go
88 lines
1.8 KiB
Go
package api
|
|
|
|
import (
|
|
"log"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gorilla/sessions"
|
|
"github.com/miekg/dns"
|
|
)
|
|
|
|
type User struct {
|
|
session *sessions.Session
|
|
username string
|
|
}
|
|
|
|
// Do things that aren't auth flow here
|
|
func Ingest(w http.ResponseWriter, r *http.Request) {
|
|
|
|
request := r.URL.Query().Get("req")
|
|
|
|
zp := dns.NewZoneParser(strings.NewReader(request), "", "")
|
|
for rr, ok := zp.Next(); ok; rr, ok = zp.Next() {
|
|
log.Println(rr)
|
|
}
|
|
|
|
// todo -- add functions to apply to master zonefile if above check is OK
|
|
|
|
if err := zp.Err(); err != nil {
|
|
log.Println(err)
|
|
http.Error(w, "Unable to parse Zonefile", http.StatusBadRequest)
|
|
|
|
}
|
|
}
|
|
|
|
func NewUser(w http.ResponseWriter, r *http.Request) {
|
|
// TODO: take form input here
|
|
// TODO: store in cookie
|
|
asdf := NewSession("greg", w, r)
|
|
|
|
asdf.Secret(w, r)
|
|
asdf.Logout(w, r)
|
|
}
|
|
|
|
// basic if authenticated poc
|
|
func (user *User) Secret(w http.ResponseWriter, r *http.Request) {
|
|
log.Println(user.session.Name())
|
|
session, _ := Store.Get(r, user.session.Name())
|
|
|
|
// Check if user is authenticated
|
|
if auth, ok := session.Values["authenticated"].(bool); !ok || !auth {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
log.Println("!!!!!")
|
|
}
|
|
|
|
// take username and password, shit out user
|
|
func Login(w http.ResponseWriter, r *http.Request) User {
|
|
lookupUsername := r.URL.Query().Get("uname")
|
|
|
|
// Authentication goes here
|
|
// ...
|
|
|
|
// get session from database with username and password
|
|
// pass session ID below
|
|
|
|
session, _ := Store.Get(r, lookupUsername)
|
|
|
|
// Set user as authenticated
|
|
session.Values["authenticated"] = true
|
|
|
|
session.Save(r, w)
|
|
return User{
|
|
session: session,
|
|
}
|
|
}
|
|
|
|
func (user *User) Logout(w http.ResponseWriter, r *http.Request) {
|
|
session, _ := Store.Get(r, user.session.Name())
|
|
|
|
// Revoke users authentication
|
|
session.Values["authenticated"] = false
|
|
|
|
session.Save(r, w)
|
|
}
|