-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
105 lines (88 loc) · 2.45 KB
/
main.go
File metadata and controls
105 lines (88 loc) · 2.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package main
import (
"fmt"
"html/template"
"log"
"log/slog"
"net/http"
"os"
"testingSSO/api"
"testingSSO/env"
"testingSSO/middleware"
"github.com/gorilla/mux"
)
var (
logger *slog.Logger
)
var index = template.Must(template.ParseFiles("templates/layout.tmpl.html", "templates/index.tmpl.html"))
var login = template.Must((template.ParseFiles("templates/login.tmpl.html")))
func main() {
port := env.GetAsString("PORT", "8080")
appEnv := env.GetAsString("ENV", "dev")
opts := &slog.HandlerOptions{
AddSource: true,
Level: slog.LevelDebug, // we should toggle this if we're in prod
}
var handler slog.Handler = slog.NewTextHandler(os.Stdout, opts)
if appEnv == "production" {
handler = slog.NewJSONHandler(os.Stdout, opts)
}
logger = slog.New(handler)
slog.SetDefault(logger) // Set the default logger
logger.Info("Starting server...", "server", fmt.Sprintf("http://localhost:%s", port))
r := mux.NewRouter()
protectedAPIRouter := r.PathPrefix("/api/").Subrouter()
protectedWebRouter := r.PathPrefix("").Subrouter()
unprotectedRouter := r.PathPrefix("/").Subrouter()
protectedAPIRouter.Use(
middleware.JSON,
middleware.NoCaching,
middleware.RequireValidJWT,
)
protectedWebRouter.Use(
middleware.WebLoggings,
middleware.RequireValidCookieJWT,
middleware.NoCaching,
)
unprotectedRouter.Use(
middleware.WebLoggings,
)
unprotectedRouter.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
index.Execute(w, nil)
})
unprotectedRouter.HandleFunc("/login", func(w http.ResponseWriter, r *http.Request) {
f := struct{ Error bool }{false}
switch r.Method {
case http.MethodGet:
// Sure, let them login again
case http.MethodPost:
username := r.FormValue("email")
// write logic for handlling login
if username != "admin" {
f.Error = true
break
}
vars := api.JWTValues{}
vars.Set("Name", "Secured")
toke := api.CreateJWTTokenForUser(vars)
cookie := http.Cookie{
Name: "secureCookie",
Value: toke,
Path: "/",
MaxAge: 3600,
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteLaxMode,
}
http.SetCookie(w, &cookie)
http.Redirect(w, r, "/", http.StatusSeeOther)
log.Println("Logging in...")
return
}
login.Execute(w, f)
})
// Setup filehandling
fs := http.FileServer(http.Dir("./static"))
unprotectedRouter.PathPrefix("/static").Handler(http.StripPrefix("/static", fs))
log.Fatal(http.ListenAndServe("0.0.0.0:"+port, r))
}