feat: HTTP login

Author: ItsNotGoodName

web/controllers/auth.go

@@ -2,14 +2,86 @@ package controllers
 
 import (
 	"github.com/ItsNotGoodName/smtpbridge/internal/core"
+	"github.com/ItsNotGoodName/smtpbridge/internal/procs"
+	"github.com/ItsNotGoodName/smtpbridge/web/helpers"
 	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/session"
 )
 
-func AuthLogin(c *fiber.Ctx, cc core.Context) error {
+type Flash struct {
+	Flash string
+}
+
+func Login(c *fiber.Ctx, cc core.Context) error {
+	return c.Render("login", Flash{})
+}
+
+func AuthLogin(c *fiber.Ctx, cc core.Context, store *session.Store) error {
 	// Request
+	username := c.FormValue("username")
+	password := c.FormValue("password")
 
 	// Execute
+	err := procs.HTTPLogin(cc, username, password)
+	if err != nil {
+		if helpers.IsHTMXRequest(c) {
+			return c.Render("login", Flash{Flash: err.Error()}, "form")
+		}
+		return c.Render("login", Flash{Flash: err.Error()})
+	}
 
 	// Response
-	return c.Render("login", fiber.Map{})
+	sess, err := store.Get(c)
+	if err != nil {
+		panic(err)
+	}
+
+	sess.Set("auth", true)
+	if err := sess.Save(); err != nil {
+		panic(err)
+	}
+
+	return redirect(c, "/")
+}
+
+func AuthLogout(c *fiber.Ctx, cc core.Context, store *session.Store) error {
+	sess, err := store.Get(c)
+	if err != nil {
+		panic(err)
+	}
+
+	sess.Delete("auth")
+	if err := sess.Save(); err != nil {
+		panic(err)
+	}
+
+	return redirect(c, "/login")
+}
+
+func AuthRequire(c *fiber.Ctx, cc core.Context, store *session.Store) error {
+	sess, err := store.Get(c)
+	if err != nil {
+		panic(err)
+	}
+
+	auth := sess.Get("auth")
+	if auth == nil {
+		return redirect(c, "/login")
+	}
+
+	return c.Next()
+}
+
+func AuthSkip(c *fiber.Ctx, cc core.Context, store *session.Store) error {
+	sess, err := store.Get(c)
+	if err != nil {
+		panic(err)
+	}
+
+	auth := sess.Get("auth")
+	if auth != nil {
+		return redirect(c, "/")
+	}
+
+	return c.Next()
 }

web/controllers/utils.go

@@ -1,6 +1,9 @@
 package controllers
 
-import "github.com/gofiber/fiber/v2"
+import (
+	"github.com/ItsNotGoodName/smtpbridge/web/helpers"
+	"github.com/gofiber/fiber/v2"
+)
 
 func checkbox(c *fiber.Ctx, key string) bool {
 	isSet := c.Query("-"+key) != ""
@@ -10,3 +13,11 @@ func checkbox(c *fiber.Ctx, key string) bool {
 
 	return true
 }
+func redirect(c *fiber.Ctx, path string) error {
+	if helpers.IsHTMXRequest(c) {
+		c.Set("HX-Location", path)
+		return nil
+	} else {
+		return c.Redirect(path)
+	}
+}

web/http/http.go

@@ -11,6 +11,7 @@ import (
 	"github.com/gofiber/fiber/v2/middleware/csrf"
 	"github.com/gofiber/fiber/v2/middleware/logger"
 	"github.com/gofiber/fiber/v2/middleware/recover"
+	"github.com/gofiber/fiber/v2/middleware/session"
 	"github.com/rs/zerolog/log"
 )
 
@@ -21,6 +22,8 @@ type HTTP struct {
 }
 
 func New(app core.App, shutdown context.CancelFunc, address string, bodyLimit int) HTTP {
+	store := session.New()
+
 	// Fiber
 	views := web.Engine()
 	views.AddFuncMap(helpers.Map)
@@ -43,12 +46,13 @@ func New(app core.App, shutdown context.CancelFunc, address string, bodyLimit in
 	http.Use(csrf.New(csrf.Config{
 		KeyLookup: "cookie:csrf_",
 	}))
+	web.UseAssets(http)
 
-	// Routes
-	routes(http, app)
+	route(app,
+		store,
+		http,
+	)
 
-	// Middleware
-	web.UseAssets(http)
 	http.Use(helpers.NotFound)
 
 	return HTTP{

web/http/routes.go

@@ -3,52 +3,59 @@ package http
 import (
 	"github.com/ItsNotGoodName/smtpbridge/internal/core"
 	"github.com/ItsNotGoodName/smtpbridge/web/controllers"
-	"github.com/ItsNotGoodName/smtpbridge/web/middleware"
+	"github.com/ItsNotGoodName/smtpbridge/web/inject"
 	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/session"
 )
 
-func routes(http *fiber.App, app core.App) {
-	http.Get("/", middleware.App(app, controllers.Index))
+func route(app core.App, store *session.Store, http fiber.Router) {
+	authSkip := inject.AppStore(app, store, controllers.AuthSkip)
+	authRequire := inject.AppStore(app, store, controllers.AuthRequire)
+
+	http.Get("/login", authSkip, inject.App(app, controllers.Login))
+	http.Post("/auth", authSkip, inject.AppStore(app, store, controllers.AuthLogin))
+	http.Delete("/auth", authRequire, inject.AppStore(app, store, controllers.AuthLogout))
+
+	http.Get("/", authRequire, inject.App(app, controllers.Index))
 	http.Route("/index", func(http fiber.Router) {
-		http.Get("/storage-table", middleware.App(app, controllers.IndexStorageTable))
-		http.Get("/recent-envelopes-table", middleware.App(app, controllers.IndexRecentEnvelopesTable))
+		http.Get("/storage-table", authRequire, inject.App(app, controllers.IndexStorageTable))
+		http.Get("/recent-envelopes-table", authRequire, inject.App(app, controllers.IndexRecentEnvelopesTable))
 	})
 
-	http.Get("/login", middleware.App(app, controllers.AuthLogin))
-
 	http.Route("/envelopes", func(http fiber.Router) {
-		http.Get("/", middleware.App(app, controllers.Envelopes))
-		http.Delete("/", middleware.App(app, controllers.EnvelopesDelete))
-		http.Get("/new", controllers.EnvelopeNew)
-		http.Post("/new", middleware.App(app, controllers.EnvelopeNewPost))
+		http.Get("/", authRequire, inject.App(app, controllers.Envelopes))
+		http.Delete("/", authRequire, inject.App(app, controllers.EnvelopesDelete))
+		http.Get("/new", authRequire, controllers.EnvelopeNew)
+		http.Post("/new", authRequire, inject.App(app, controllers.EnvelopeNewPost))
 		http.Route("/:id", func(http fiber.Router) {
-			http.Get("/", middleware.AppID(app, controllers.Envelope))
-			http.Delete("/", middleware.AppID(app, controllers.EnvelopeDelete))
-			http.Get("/html", middleware.AppID(app, controllers.EnvelopeHTML))
+			http.Get("/", authRequire, inject.AppID(app, controllers.Envelope))
+			http.Delete("/", authRequire, inject.AppID(app, controllers.EnvelopeDelete))
+			http.Get("/html", authRequire, inject.AppID(app, controllers.EnvelopeHTML))
 		})
 	})
 
 	http.Route("/attachments", func(http fiber.Router) {
-		http.Get("/", middleware.App(app, controllers.Attachments))
+		http.Get("/", authRequire, inject.App(app, controllers.Attachments))
 	})
 
 	http.Route("/endpoints", func(http fiber.Router) {
-		http.Get("/", middleware.App(app, controllers.Endpoints))
+		http.Get("/", authRequire, inject.App(app, controllers.Endpoints))
 		http.Route("/:id", func(http fiber.Router) {
-			http.Post("/test", middleware.AppID(app, controllers.EndpointTest))
+			http.Post("/test", authRequire, inject.AppID(app, controllers.EndpointTest))
 		})
 	})
 
 	http.Route("/rules", func(http fiber.Router) {
-		http.Get("/", middleware.App(app, controllers.Rules))
+		http.Get("/", authRequire, inject.App(app, controllers.Rules))
 		http.Route("/:id", func(http fiber.Router) {
-			http.Post("/enable", middleware.AppID(app, controllers.RuleEnable))
+			http.Post("/enable", authRequire, inject.AppID(app, controllers.RuleEnable))
 		})
 	})
 
-	http.Post("/send", middleware.App(app, controllers.Send))
-	http.Post("/vacuum", middleware.App(app, controllers.Vacuum))
-	http.Post("/trim", middleware.App(app, controllers.Trim))
-	http.Group("/files", controllers.Files(app))
+	http.Post("/send", authRequire, inject.App(app, controllers.Send))
+	http.Post("/vacuum", authRequire, inject.App(app, controllers.Vacuum))
+	http.Post("/trim", authRequire, inject.App(app, controllers.Trim))
+	http.Group("/files", authRequire, controllers.Files(app))
+
 	http.Get("/something-went-wrong", controllers.SomethingWentWrong)
 }

web/middleware/middleware.go web/inject/inject.go

@@ -1,18 +1,18 @@
-package middleware
+package inject
 
 import (
-	"context"
 	"net/http"
 	"strconv"
 
 	"github.com/ItsNotGoodName/smtpbridge/internal/core"
 	"github.com/ItsNotGoodName/smtpbridge/web/helpers"
 	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/session"
 )
 
 func App(app core.App, fn func(c *fiber.Ctx, cc core.Context) error) fiber.Handler {
 	return func(c *fiber.Ctx) error {
-		return fn(c, app.Context(context.Background()))
+		return fn(c, app.Context(c.Context()))
 	}
 }
 
@@ -23,6 +23,12 @@ func AppID(app core.App, fn func(c *fiber.Ctx, cc core.Context, id int64) error)
 			return helpers.Error(c, err, http.StatusBadRequest)
 		}
 
-		return fn(c, app.Context(context.Background()), id)
+		return fn(c, app.Context(c.Context()), id)
+	}
+}
+
+func AppStore(app core.App, store *session.Store, fn func(c *fiber.Ctx, cc core.Context, store *session.Store) error) fiber.Handler {
+	return func(c *fiber.Ctx) error {
+		return fn(c, app.Context(c.Context()), store)
 	}
 }

web/views/404.html

@@ -1,7 +1,3 @@
-{{template "partials/header" .}}
-
 <main class="container">
   <div>404 Not Found</div>
 </main>
-
-{{template "partials/footer" .}}

web/views/login.html

@@ -7,19 +7,28 @@ <h1>SMTPBridge</h1>
 
   <article class="max-w-md mx-auto">
     <h2>Login</h2>
-    <form method="post">
+    {{block "form" .}}
+    <form method="post" action="/auth" hx-post="/auth" hx-swap="outerHTML">
       <label for="username">
         Username
         <input type="text" id="username" name="username" placeholder="Username" />
       </label>
 
       <label for="password">
         Password
-        <input type="text" id="password" name="password" placeholder="Password" />
+        <input type="password" id="password" name="password" placeholder="Password" />
       </label>
 
-      <button type="submit">Log in</button>
+      <button data-loading-path="/login" data-loading-disable data-loading-aria-busy>
+        Log in
+      </button>
+      {{with .Flash}}
+      <h3>
+        {{.}}
+      </h3>
+      {{end}}
     </form>
+    {{end}}
   </article>
 </main>
 

web/views/partials/header.html

@@ -8,7 +8,7 @@
         </a>
       </li>
     </ul>
-    <ul class=" block md:hidden">
+    <ul class=" block lg:hidden">
       <li class="p-0 flex flex-items-center h-full">
         <details role="list" dir="rtl">
           <summary aria-haspopup="listbox" class="block pico-no-chevron">
@@ -43,11 +43,18 @@
                 </div>
               </a>
             </li>
+            <li>
+              <a href="#" class="contrast" hx-delete="/auth">
+                <div class="flex flex-items-center flex-row-reverse gap-2">
+                  <div class="i-ri-logout-box-r-fill"></div>Log out
+                </div>
+              </a>
+            </li>
           </ul>
         </details>
       </li>
     </ul>
-    <ul class="hidden md:block">
+    <ul class="hidden lg:block">
       <li>
         <a href="/envelopes" class="contrast">
           <div class="flex flex-items-center gap-2">
@@ -76,6 +83,13 @@
           </div>
         </a>
       </li>
+      <li>
+        <a href="#" class="contrast" hx-delete="/auth">
+          <div class="flex flex-items-center gap-2">
+            <div class="i-ri-logout-box-r-fill"></div>Log out
+          </div>
+        </a>
+      </li>
     </ul>
   </nav>
 </div>

web/views/something-went-wrong.html

@@ -1,5 +1,3 @@
-{{template "partials/header" .}}
-
 <main class="container">
   <section>
     <div>Something went wrong.</div>
@@ -8,5 +6,3 @@
     {{end}}
   </section>
 </main>
-
-{{template "partials/footer" .}}