search

namatoj / sociallink

0 stars 0 forks source link

feat: login functionality #12

Closed namatoj closed 7 months ago

namatoj commented 7 months ago

Added functionality to use the JWT in a session cookie as mentioned here

Added the following routes:

If sending a POST request to /login/ containing the form-data values email and password while it is served using https corresponding to a user in the user collection the cookie token will be set.

@simondmansson I'm a bit unsure about how we want to structure the routes and the middleware function. It quite fast became rather messy. :-) I'm open for suggestions. Othewise I will leave this PR for a bit and come back when I have more inspiration for structure.

simondmansson commented 7 months ago

I think we should start flat and add more folders and re-group as we go and learn more about what we are building. We could set it up like this

pkg/web/app.go

creates the pocketbase app and responsible for grouping and registering handlers register handlers, e.g

func App() {
    app := pocketbase.New()

    app.OnBeforeServe().Add(func(e *core.ServeEvent) error {
        e.Router.Use(auth.LoadAuthContextFromCookie(app))
        e.Router.GET("/*", apis.StaticDirectoryHandler(os.DirFS("./pb_public"), false))
        e.Router.POST("/login/", auth.LoginHandler)
        e.Router.GET("/logout/", auth.LogoutHandler)
        e.Router.GET("/", start.viewHandler)
    })

    return app
}

pkg/web/auth.go

have handler funcs for login, logout, cookie management e.g 

func LogoutHandler(c echo.Context) error {
    c.SetCookie(&http.Cookie{
        Name:     "token",
        Value:    "",
        Path:     "/",
        MaxAge:   -1,
        Secure:   true,
        HttpOnly: true,
    })

    return c.HTML(http.StatusOK, "logged out")
}

cmd/web/main.go

imports the app and starts it. Might do some additional flag / config parsing in the future.

simondmansson commented 7 months ago

This video gives some great tips on code structure https://www.youtube.com/watch?v=oL6JBUk6tj0

simondmansson commented 7 months ago

Also by breaking out the handlers we can setup auth_test.go and write some simple "given x is in the context the handler should do y" tests.

namatoj commented 7 months ago

This video gives some great tips on code structure https://www.youtube.com/watch?v=oL6JBUk6tj0

That was inspiring! Got me excited about the hexagonal architecture.

Also by breaking out the handlers we can setup auth_test.go and write some simple "given x is in the context the handler should do y" tests.

Agree! I'll break out the handlers to somewhere in pkg. To be continued!

namatoj commented 7 months ago

Something a bit like this maybe?

I had some troubles with some of the details in your suggestion. auth.LoginHandler suggest that auth is in another package (right?). But the directory structure that auth.go should be in the same directory as app.go which didn't vibe with the package keyword on the top row.

This lead me to take the easy way of putting auth.go and app.go in the web package. Let me know if I misunderstood anything or if you have more feedback on how to improve this.