some work on sessions

api/auth.go

@@ -3,19 +3,39 @@ package api
 import (
 	"encoding/json"
 	"github.com/Sirupsen/logrus"
-	"github.com/kataras/go-sessions"
 	"github.com/simon987/task_tracker/storage"
 )
 
+const MaxUsernameLength = 16
+
 type LoginRequest struct {
-	Username []byte
-	Password []byte
+	Username string `json:"username"`
+	Password string `json:"password"`
 }
 
 type LoginResponse struct {
-	Ok      bool
-	Message string
-	Manager *storage.Manager
+	Ok      bool             `json:"ok"`
+	Message string           `json:"message,omitempty"`
+	Manager *storage.Manager `json:"manager"`
+}
+
+type RegisterRequest struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type AccountDetails struct {
+	LoggedIn bool             `json:"logged_in"`
+	Manager  *storage.Manager `json:"manager,omitempty"`
+}
+
+func (r *RegisterRequest) isValid() bool {
+	return len(r.Username) <= MaxUsernameLength
+}
+
+type RegisterResponse struct {
+	Ok      bool   `json:"ok"`
+	Message string `json:"message,omitempty"`
 }
 
 func (api *WebAPI) Login(r *Request) {
@@ -31,10 +51,10 @@ func (api *WebAPI) Login(r *Request) {
 		return
 	}
 
-	manager, err := api.Database.ValidateCredentials(req.Username, req.Password)
+	manager, err := api.Database.ValidateCredentials([]byte(req.Username), []byte(req.Password))
 	if err != nil {
 		logrus.WithError(err).WithFields(logrus.Fields{
-			"username": string(manager.Username),
+			"username": req.Username,
 		}).Warning("Login attempt")
 
 		r.Json(LoginResponse{
@@ -44,10 +64,88 @@ func (api *WebAPI) Login(r *Request) {
 		return
 	}
 
-	sess := sessions.StartFasthttp(r.Ctx)
+	sess := api.Session.StartFasthttp(r.Ctx)
 	sess.Set("manager", manager)
 
+	logrus.Debug("SET")
+	logrus.Debug(sess.ID())
+	logrus.Debug(manager)
+
+	r.OkJson(LoginResponse{
+		Manager: manager,
+		Ok:      true,
+	})
+
 	logrus.WithFields(logrus.Fields{
 		"username": string(manager.Username),
 	}).Info("Logged in")
 }
+
+func (api *WebAPI) Register(r *Request) {
+
+	req := &RegisterRequest{}
+	err := json.Unmarshal(r.Ctx.Request.Body(), req)
+
+	if err != nil {
+		r.Json(LoginResponse{
+			Ok:      false,
+			Message: "Could not parse request",
+		}, 400)
+		return
+	}
+
+	if !req.isValid() {
+		r.Json(LoginResponse{
+			Ok:      false,
+			Message: "Invalid register request",
+		}, 400)
+		return
+	}
+
+	manager := &storage.Manager{
+		Username: string(req.Username),
+	}
+
+	err = api.Database.SaveManager(manager, []byte(req.Password))
+	if err != nil {
+		logrus.WithError(err).WithFields(logrus.Fields{
+			"username": string(manager.Username),
+		}).Warning("Register attempt")
+
+		r.Json(LoginResponse{
+			Ok:      false,
+			Message: err.Error(),
+		}, 400)
+		return
+	}
+
+	sess := api.Session.StartFasthttp(r.Ctx)
+	sess.Set("manager", manager)
+
+	r.OkJson(RegisterResponse{
+		Ok: true,
+	})
+
+	logrus.WithFields(logrus.Fields{
+		"username": string(manager.Username),
+	}).Info("Registered")
+}
+
+func (api *WebAPI) AccountDetails(r *Request) {
+
+	sess := api.Session.StartFasthttp(r.Ctx)
+	manager := sess.Get("manager")
+	logrus.Debug("GET")
+	logrus.Debug(sess.ID())
+
+	if manager == nil {
+		r.OkJson(AccountDetails{
+			LoggedIn: false,
+		})
+	} else {
+		r.OkJson(AccountDetails{
+			LoggedIn: true,
+			Manager:  manager.(*storage.Manager),
+		})
+	}
+}

api/log.go

@@ -39,6 +39,10 @@ func (e *LogRequest) Time() time.Time {
 func LogRequestMiddleware(h RequestHandler) fasthttp.RequestHandler {
 	return fasthttp.RequestHandler(func(ctx *fasthttp.RequestCtx) {
 
+		ctx.Response.Header.Add("Access-Control-Allow-Headers", "Content-Type")
+		ctx.Response.Header.Add("Access-Control-Allow-Methods", "GET, POST, OPTION")
+		ctx.Response.Header.Add("Access-Control-Allow-Origin", "*")
+
 		logrus.WithFields(logrus.Fields{
 			"path":   string(ctx.Path()),
 			"header": ctx.Request.Header.String(),

api/main.go

@@ -14,7 +14,8 @@ type WebAPI struct {
 	server        *fasthttp.Server
 	router        *fasthttprouter.Router
 	Database      *storage.Database
-	SessionConfig *sessions.Config
+	SessionConfig sessions.Config
+	Session       *sessions.Sessions
 }
 
 type Info struct {
@@ -38,11 +39,15 @@ func New() *WebAPI {
 
 	api.router = &fasthttprouter.Router{}
 
-	api.SessionConfig = &sessions.Config{
-		Cookie:  config.Cfg.SessionCookieName,
-		Expires: config.Cfg.SessionCookieExpiration,
+	api.SessionConfig = sessions.Config{
+		Cookie:                      config.Cfg.SessionCookieName,
+		Expires:                     config.Cfg.SessionCookieExpiration,
+		CookieSecureTLS:             false,
+		DisableSubdomainPersistence: false,
 	}
 
+	api.Session = sessions.New(api.SessionConfig)
+
 	api.server = &fasthttp.Server{
 		Handler: api.router.Handler,
 		Name:    info.Name,
@@ -76,6 +81,10 @@ func New() *WebAPI {
 
 	api.router.POST("/logs", LogRequestMiddleware(api.GetLog))
 
+	api.router.POST("/register", LogRequestMiddleware(api.Register))
+	api.router.POST("/login", LogRequestMiddleware(api.Login))
+	api.router.GET("/account", LogRequestMiddleware(api.AccountDetails))
+
 	api.router.NotFound = func(ctx *fasthttp.RequestCtx) {
 
 		if ctx.Request.Header.IsOptions() {