Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Working on Session Creation, Added Login.html
- Loading branch information
1 parent
fc7d3dd
commit 5c138c7
Showing
4 changed files
with
162 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<title>Login to Pogo Admin Page</title> | ||
<link rel="stylesheet" href="/assets/setup.css"> | ||
</head> | ||
<body> | ||
<h1>Login</h1> | ||
|
||
<form action="login" method="post" class="setupform"> | ||
|
||
<label for="username">Username</label> | ||
<input type="text" id="podcastname" name="username"> | ||
|
||
<label for="userpassword">Password</label> | ||
<input type="password" id="podcasthost" name="password"> | ||
|
||
|
||
<input type="submit" value="Submit"> | ||
|
||
</form> | ||
|
||
</body> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,90 @@ | ||
package auth | ||
|
||
import ( | ||
"crypto/aes" | ||
"crypto/cipher" | ||
"crypto/rand" | ||
"encoding/hex" | ||
"encoding/json" | ||
"fmt" | ||
"log" | ||
"net/http" | ||
"strings" | ||
|
||
"github.com/ishanjain28/pogo/common" | ||
) | ||
|
||
func RequireAuthorization() common.Handler { | ||
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError { | ||
if usr := DecryptSession(r); usr != nil { | ||
if usr := decryptSession(r); usr != nil { | ||
rc.User = usr | ||
return nil | ||
} | ||
|
||
if strings.Contains(r.Header.Get("Accept"), "html") || r.Method == "GET" { | ||
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect) | ||
return nil | ||
} else { | ||
return &common.HTTPError{ | ||
Message: "Unauthorized!", | ||
StatusCode: http.StatusUnauthorized, | ||
} | ||
} | ||
|
||
return &common.HTTPError{ | ||
Message: "Unauthorized!", | ||
StatusCode: http.StatusUnauthorized, | ||
} | ||
} | ||
} | ||
|
||
func CreateSession() common.Handler { | ||
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError { | ||
return nil | ||
func CreateSession(u *common.User, w http.ResponseWriter) error { | ||
|
||
// n_J6vaKjmmw4WB95DMorjQ.UMYdBLfttwPgQw9T0u0wdK7bGwDT9vwxoPAKWhjSAcpoiMsjh4eSfBkA4WB2deSoQu_cjCaJrcp77rvG67xkOeXsYpiclx2b-Oi7MHM3Kms.1507140277977.604800000.2CdxwiKAJT4SYJTVK-Du5jokr-CCnxo1ukdaVBkLRJg | ||
|
||
iv, err := generateRandomString(16) | ||
if err != nil { | ||
return err | ||
} | ||
userJSON, err := json.Marshal(u) | ||
if err != nil { | ||
return err | ||
|
||
} | ||
var hexedJSON []byte | ||
hex.Encode(hexedJSON, userJSON) | ||
|
||
fmt.Println(iv, string(userJSON), hexedJSON) | ||
|
||
block, err := aes.NewCipher(hexedJSON) | ||
if err != nil { | ||
return err | ||
} | ||
mode := cipher.NewCBCEncrypter(block, iv) | ||
|
||
return nil | ||
} | ||
|
||
func DecryptSession(r *http.Request) *common.User { | ||
func decryptSession(r *http.Request) *common.User { | ||
|
||
c, err := r.Cookie("POGO_SESSION") | ||
if err != nil { | ||
if err != http.ErrNoCookie { | ||
log.Printf("error in reading Cookie: %v", err) | ||
} | ||
return nil | ||
} | ||
fmt.Println(c) | ||
|
||
return nil | ||
} | ||
|
||
func generateRandomString(l int) ([]byte, error) { | ||
rBytes := make([]byte, l) | ||
|
||
_, err := rand.Read(rBytes) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return rBytes, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters