nahakubuilder/crowdsec-dashy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

base dashboard and login

Browse Source
This commit is contained in:
BlobTheBuilder
2026-05-17 08:28:16 +00:00
parent 64f4f3c5d4
commit 7066415af5
39 changed files with 3327 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/handlers/auth.go
+70
View File
@@ -0,0 +1,70 @@
package handlers
import (
"net/http"
"strings"
"crowdsec-dashy/internal/middleware"
)
// AuthHandler handles login and logout.
type AuthHandler struct {
renderer *Renderer
secret string
uiUsername string
verifyPassword func(string) bool
}
// NewAuthHandler constructs an AuthHandler.
func NewAuthHandler(renderer *Renderer, secret, uiUsername string, verifyPassword func(string) bool) *AuthHandler {
return &AuthHandler{
renderer: renderer,
secret: secret,
uiUsername: uiUsername,
verifyPassword: verifyPassword,
}
}
// LoginData is passed to the login template.
type LoginData struct {
Title string
Error string
}
// Login handles GET (render form) and POST (verify credentials, set cookie).
func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case http.MethodGet:
if _, err := r.Cookie("cs_session"); err == nil {
http.Redirect(w, r, "/", http.StatusSeeOther)
return
}
h.renderer.Render(w, "login", LoginData{Title: "Login"})
case http.MethodPost:
r.Body = http.MaxBytesReader(w, r.Body, 2048)
if err := r.ParseForm(); err != nil {
h.renderer.Render(w, "login", LoginData{Title: "Login", Error: "Invalid request."})
return
}
username := strings.TrimSpace(r.FormValue("username"))
password := r.FormValue("password")
if username != h.uiUsername || !h.verifyPassword(password) {
h.renderer.Render(w, "login", LoginData{Title: "Login", Error: "Invalid credentials."})
return
}
http.SetCookie(w, middleware.NewSessionCookie(h.secret, username))
http.Redirect(w, r, "/", http.StatusSeeOther)
default:
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
}
}
// Logout clears the session cookie and redirects to /login.
func (h *AuthHandler) Logout(w http.ResponseWriter, r *http.Request) {
http.SetCookie(w, middleware.ClearSessionCookie())
http.Redirect(w, r, "/login", http.StatusSeeOther)
}