Refactor routing and handlers

We were building a new gorilla mux on each connection, change that to an *http.ServeMux and build it once for the lifetime of the application. Tell redis to only cache GET requests.
author: Mitchell Riedstra <mitch@riedstra.dev> 2023-01-06 01:22:38 -0500
committer: Mitchell Riedstra <mitch@riedstra.dev> 2023-01-06 01:27:48 -0500
commit: 97dd660925434be537cd9a49a1d0c893b223e357 (patch)
tree: 21d521b08f3a08eb2398a47893eb1543000387b8 /cmd/server/middleware.go
parent: 1d01acca36b78eeba99da1adb10e72d186433b39 (diff)
download: go-website-97dd660925434be537cd9a49a1d0c893b223e357.tar.gz
go-website-97dd660925434be537cd9a49a1d0c893b223e357.tar.xz
1 files changed, 70 insertions, 66 deletions
diff --git a/cmd/server/middleware.go b/cmd/server/middleware.go
index 7ba34cf..d0957fd 100644
--- a/cmd/server/middleware.go
+++ b/cmd/server/middleware.go
@@ -25,96 +25,100 @@ func (a *App) Err500Default(w http.ResponseWriter, r *http.Request) {
 		"Internal server error.")
 }
 
-func (a *App) LogoutHandler(w http.ResponseWriter, r *http.Request) {
-	http.SetCookie(w, &http.Cookie{
-		Name:     "Auth",
-		HttpOnly: a.auth.HTTPOnly,
-		SameSite: a.auth.SameSiteStrict,
-		Secure:   a.auth.Secure,
-		Value:    "logout",
-		Expires:  time.Now().Add(time.Second), //nolint
+func (a *App) LogoutHandler() http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		http.SetCookie(w, &http.Cookie{
+			Name:     "Auth",
+			HttpOnly: a.auth.HTTPOnly,
+			SameSite: a.auth.SameSiteStrict,
+			Secure:   a.auth.Secure,
+			Value:    "logout",
+			Expires:  time.Now().Add(time.Second), //nolint
+		})
+
+		http.Redirect(w, r, "/", http.StatusFound)
 	})
-
-	http.Redirect(w, r, "/", http.StatusFound)
 }
 
-func (a *App) LoginHandler(w http.ResponseWriter, r *http.Request) { //nolint
-	loggedIn := a.IsLoggedIn(r)
+func (a *App) LoginHandler() http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { //nolint
+		loggedIn := a.IsLoggedIn(r)
 
-	next, _ := url.Parse(r.URL.Query().Get("next"))
+		next, _ := url.Parse(r.URL.Query().Get("next"))
 
-	if r.Method == "GET" && !loggedIn {
-		page.RenderForPath(w, r, "login")
+		if r.Method == "GET" && !loggedIn {
+			page.RenderForPath(w, r, "login")
 
-		return
-	}
+			return
+		}
+
+		if r.Method == "GET" && loggedIn {
+			if next.Path != "" {
+				http.Redirect(w, r, next.Path, http.StatusFound)
+
+				return
+			}
 
-	if r.Method == "GET" && loggedIn {
-		if next.Path != "" {
-			http.Redirect(w, r, next.Path, http.StatusFound)
+			http.Redirect(w, r, "/dashboard", http.StatusFound)
 
 			return
 		}
 
-		http.Redirect(w, r, "/dashboard", http.StatusFound)
+		if r.Method != "POST" {
+			a.Err500Default(w, r)
 
-		return
-	}
+			return
+		}
 
-	if r.Method != "POST" {
-		a.Err500Default(w, r)
+		username := r.FormValue("username")
+		password := r.FormValue("password")
 
-		return
-	}
+		var (
+			err   error = nil
+			u     *users.SiteUser
+			found = false
+		)
 
-	username := r.FormValue("username")
-	password := r.FormValue("password")
+		for _, u = range a.auth.Users {
+			if u.Username == username {
+				err = u.CheckPassword(password)
+				found = true
+			}
+		}
 
-	var (
-		err   error = nil
-		u     *users.SiteUser
-		found = false
-	)
+		if err != nil || !found {
+			page.Render(w, r, "login", map[string]interface{}{
+				"Error":    "Invalid username or password",
+				"Username": username,
+			}, http.StatusUnauthorized)
 
-	for _, u = range a.auth.Users {
-		if u.Username == username {
-			err = u.CheckPassword(password)
-			found = true
+			return
 		}
-	}
-
-	if err != nil || !found {
-		page.Render(w, r, "login", map[string]interface{}{
-			"Error":    "Invalid username or password",
-			"Username": username,
-		}, http.StatusUnauthorized)
 
-		return
-	}
+		token := jwt.NewWithClaims(jwt.SigningMethodHS512, &jwt.StandardClaims{
+			ExpiresAt: time.Now().Add(
+				time.Hour * time.Duration(a.auth.LoginHours)).Unix(),
+			Id: u.Username,
+		})
 
-	token := jwt.NewWithClaims(jwt.SigningMethodHS512, &jwt.StandardClaims{
-		ExpiresAt: time.Now().Add(
-			time.Hour * time.Duration(a.auth.LoginHours)).Unix(),
-		Id: u.Username,
-	})
+		ss, err := token.SignedString([]byte(a.auth.TokenKey))
+		if err != nil {
+			log.Println("login: encountered while setting up JWT: ", err)
+			a.Err500Default(w, r)
 
-	ss, err := token.SignedString([]byte(a.auth.TokenKey))
-	if err != nil {
-		log.Println("login: encountered while setting up JWT: ", err)
-		a.Err500Default(w, r)
+			return
+		}
 
-		return
-	}
+		http.SetCookie(w, &http.Cookie{
+			Name:     "Auth",
+			HttpOnly: a.auth.HTTPOnly,
+			SameSite: a.auth.SameSiteStrict,
+			Secure:   a.auth.Secure,
+			Value:    ss,
+		})
 
-	http.SetCookie(w, &http.Cookie{
-		Name:     "Auth",
-		HttpOnly: a.auth.HTTPOnly,
-		SameSite: a.auth.SameSiteStrict,
-		Secure:   a.auth.Secure,
-		Value:    ss,
+		http.Redirect(w, r, "/login", http.StatusFound)
 	})
-
-	http.Redirect(w, r, "/login", http.StatusFound)
 }
 
 func (a *App) IsLoggedIn(r *http.Request) bool {
author	Mitchell Riedstra <mitch@riedstra.dev>	2023-01-06 01:22:38 -0500
committer	Mitchell Riedstra <mitch@riedstra.dev>	2023-01-06 01:27:48 -0500
commit	97dd660925434be537cd9a49a1d0c893b223e357 (patch)
tree	21d521b08f3a08eb2398a47893eb1543000387b8 /cmd/server/middleware.go
parent	1d01acca36b78eeba99da1adb10e72d186433b39 (diff)
download	go-website-97dd660925434be537cd9a49a1d0c893b223e357.tar.gz go-website-97dd660925434be537cd9a49a1d0c893b223e357.tar.xz