server: rewrite login

This commit is contained in:
nkanaev
2026-06-29 20:54:07 +01:00
parent c0ae30e5c8
commit a14519b055
2 changed files with 36 additions and 32 deletions

View File

@@ -4,7 +4,6 @@ import (
"net/http" "net/http"
"strings" "strings"
"github.com/nkanaev/yarr/src/assets"
"github.com/nkanaev/yarr/src/server/router" "github.com/nkanaev/yarr/src/server/router"
"github.com/nkanaev/yarr/src/storage" "github.com/nkanaev/yarr/src/storage"
) )
@@ -26,34 +25,7 @@ func (m *Middleware) Handler(c *router.Context) {
} }
if IsAuthenticated(c.Req, m.Username, m.Password) { if IsAuthenticated(c.Req, m.Username, m.Password) {
c.Next() c.Next()
return } else {
}
rootUrl := m.BasePath + "/"
if c.Req.URL.Path != rootUrl {
c.Out.WriteHeader(http.StatusUnauthorized) c.Out.WriteHeader(http.StatusUnauthorized)
return
} }
if c.Req.Method == "POST" {
username := c.Req.FormValue("username")
password := c.Req.FormValue("password")
if StringsEqual(username, m.Username) && StringsEqual(password, m.Password) {
Authenticate(c.Out, m.Username, m.Password, m.BasePath)
c.Redirect(rootUrl)
return
} else {
c.HTML(http.StatusOK, assets.Templates().Lookup("login.html"), map[string]any{
"username": username,
"hasError": true,
"settings": m.DB.GetSettings().Map(),
})
return
}
}
c.HTML(http.StatusOK, assets.Templates().Lookup("login.html"), map[string]any{
"hasError": false,
"settings": m.DB.GetSettings().Map(),
})
} }

View File

@@ -34,7 +34,7 @@ func (s *Server) handler() http.Handler {
BasePath: s.BasePath, BasePath: s.BasePath,
Username: s.Username, Username: s.Username,
Password: s.Password, Password: s.Password,
Public: []string{"/static", "/fever", "/manifest.json"}, Public: []string{"/", "/login", "/static", "/fever", "/manifest.json"},
DB: s.db, DB: s.db,
} }
r.Use(a.Handler) r.Use(a.Handler)
@@ -57,6 +57,7 @@ func (s *Server) handler() http.Handler {
r.For("/opml/import", s.handleOPMLImport) r.For("/opml/import", s.handleOPMLImport)
r.For("/opml/export", s.handleOPMLExport) r.For("/opml/export", s.handleOPMLExport)
r.For("/page", s.handlePageCrawl) r.For("/page", s.handlePageCrawl)
r.For("/login", s.handleLogin)
r.For("/logout", s.handleLogout) r.For("/logout", s.handleLogout)
r.For("/fever/", s.handleFever) r.For("/fever/", s.handleFever)
@@ -64,9 +65,24 @@ func (s *Server) handler() http.Handler {
} }
func (s *Server) handleIndex(c *router.Context) { func (s *Server) handleIndex(c *router.Context) {
isAuthenticated := false
if s.Username == "" && s.Password == "" {
isAuthenticated = true
} else {
isAuthenticated = auth.IsAuthenticated(c.Req, s.Username, s.Password)
}
settings := s.db.GetSettings()
if !isAuthenticated {
settings = model.Settings{
Language: settings.Language,
ThemeName: settings.ThemeName,
}
}
c.HTML(http.StatusOK, assets.Templates().Lookup("index.html"), map[string]any{ c.HTML(http.StatusOK, assets.Templates().Lookup("index.html"), map[string]any{
"settings": s.db.GetSettings().Map(), "settings": settings.Map(),
"authenticated": s.Username != "" && s.Password != "", "authenticated": isAuthenticated,
}) })
} }
@@ -555,6 +571,22 @@ func (s *Server) handlePageCrawl(c *router.Context) {
}) })
} }
func (s *Server) handleLogin(c *router.Context) {
if c.Req.Method == "POST" {
username := c.Req.FormValue("username")
password := c.Req.FormValue("password")
if auth.StringsEqual(username, s.Username) && auth.StringsEqual(password, s.Password) {
auth.Authenticate(c.Out, s.Username, s.Password, s.BasePath)
return
} else {
c.Out.WriteHeader(http.StatusUnauthorized)
return
}
} else {
c.Out.WriteHeader(http.StatusMethodNotAllowed)
}
}
func (s *Server) handleLogout(c *router.Context) { func (s *Server) handleLogout(c *router.Context) {
auth.Logout(c.Out, s.BasePath) auth.Logout(c.Out, s.BasePath)
c.Out.WriteHeader(http.StatusNoContent) c.Out.WriteHeader(http.StatusNoContent)