Core app

cmd/main.go

@@ -4,12 +4,11 @@ import (
 	"github.com/codegangsta/martini"
 	"github.com/codegangsta/martini-contrib/binding"
 	"github.com/codegangsta/martini-contrib/render"
-	"github.com/codegangsta/martini-contrib/sessionauth"
 	"github.com/codegangsta/martini-contrib/sessions"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/tiburon-777/OTUS_HighLoad/internal/application"
+	"github.com/tiburon-777/OTUS_HighLoad/internal/auth"
 	"github.com/tiburon-777/OTUS_HighLoad/internal/handlers"
-	"github.com/tiburon-777/OTUS_HighLoad/internal/models"
 	"log"
 	"net"
 	"net/http"
@@ -23,24 +22,23 @@ func init() {
 
 func main() {
 	log.Println("Starting...")
+	m := martini.Classic()
 	app, err := application.New("application.conf", "APP")
 	if err != nil {
-		panic(err.Error())
+		log.Fatalf("cn't configure app")
 	}
 
-	m := martini.Classic()
-
 	m.Map(log.New(os.Stdout, "[app]", log.Lshortfile))
 	m.Map(app)
 	m.Use(sessions.Sessions("app", sessions.NewCookieStore([]byte("BfyfgIyngIOUgmOIUgt87thrg5RHn78b"))))
-	m.Use(sessionauth.SessionUser(models.GenerateAnonymousUser))
+	m.Use(auth.SessionUser(auth.GenerateAnonymousUser))
 	m.Use(render.Renderer(render.Options{
 		Directory: "templates",
 		Extensions: []string{".tmpl"},
 	}))
 
-	sessionauth.RedirectUrl = "/login"
+	auth.RedirectUrl = "/login"
-	sessionauth.RedirectParam = "next"
+	auth.RedirectParam = "next"
 
 	m.Get("/404", func(r render.Render) {
 		r.HTML(200, "404", nil)
@@ -48,10 +46,10 @@ func main() {
 	m.Get("/login", func(r render.Render) {
 		r.HTML(200, "login", nil)
 	})
-	m.Post("/login", binding.Bind(models.UserModel{}), handlers.PostLogin)
+	m.Post("/login", binding.Bind(auth.UserModel{}), handlers.PostLogin)
 
-	m.Get("/logout", sessionauth.LoginRequired, func(session sessions.Session, user sessionauth.User, r render.Render) {
+	m.Get("/logout", auth.LoginRequired, func(session sessions.Session, user auth.User, r render.Render) {
-		sessionauth.Logout(session, user)
+		auth.Logout(session, user)
 		r.Redirect("/")
 	})
 
@@ -60,9 +58,9 @@ func main() {
 	m.Post("/signup", handlers.PostSigned)
 
 	//Анкета текущего пользователя
-	m.Get("/", sessionauth.LoginRequired, handlers.GetHome)
+	m.Get("/", auth.LoginRequired, handlers.GetHome)
 
-	m.Get("/list", sessionauth.LoginRequired, handlers.GetUserList)
+	m.Get("/list", auth.LoginRequired, handlers.GetUserList)
 
 	m.NotFound(func(r render.Render) {
 		r.HTML(404, "404", nil)

internal/application/application.go

@@ -3,7 +3,6 @@ package application
 import (
 	"database/sql"
 	"fmt"
-	"github.com/codegangsta/martini"
 	"github.com/tiburon-777/OTUS_HighLoad/internal/models"
 	"github.com/tiburon-777/modules/core/config"
 )
@@ -11,7 +10,6 @@ import (
 type App struct {
 	Config *models.Configuration
 	DB *sql.DB
-	martini.ClassicMartini
 }
 
 func New(configFile, envPrefix string) (App, error) {

internal/auth/login.go

@@ -0,0 +1,103 @@
+package auth
+
+import (
+	"fmt"
+"github.com/codegangsta/martini"
+"github.com/codegangsta/martini-contrib/render"
+"github.com/codegangsta/martini-contrib/sessions"
+	"github.com/tiburon-777/OTUS_HighLoad/internal/application"
+	"log"
+"net/http"
+)
+
+// These are the default configuration values for this package. They
+// can be set at anytime, probably during the initial setup of Martini.
+var (
+	// RedirectUrl should be the relative URL for your login route
+	RedirectUrl string = "/login"
+
+	// RedirectParam is the query string parameter that will be set
+	// with the page the user was trying to visit before they were
+	// intercepted.
+	RedirectParam string = "next"
+
+	// SessionKey is the key containing the unique ID in your session
+	SessionKey string = "AUTHUNIQUEID"
+)
+
+// User defines all the functions necessary to work with the user's authentication.
+// The caller should implement these functions for whatever system of authentication
+// they choose to use
+type User interface {
+	// Return whether this user is logged in or not
+	IsAuthenticated() bool
+
+	// Set any flags or extra data that should be available
+	Login()
+
+	// Clear any sensitive data out of the user
+	Logout()
+
+	// Return the unique identifier of this user object
+	UniqueId() interface{}
+
+	// Populate this user object with values
+	GetById(app application.App, id interface{}) error
+}
+
+// SessionUser will try to read a unique user ID out of the session. Then it tries
+// to populate an anonymous user object from the database based on that ID. If this
+// is successful, the valid user is mapped into the context. Otherwise the anonymous
+// user is mapped into the contact.
+// The newUser() function should provide a valid 0value structure for the caller's
+// user type.
+func SessionUser(newUser func() User) martini.Handler {
+	return func(s sessions.Session, c martini.Context, l *log.Logger, app application.App) {
+		userId := s.Get(SessionKey)
+		user := newUser()
+
+		if userId != nil {
+			err := user.GetById(app, userId)
+			if err != nil {
+				l.Printf("Login Error: %v\n", err)
+			} else {
+				user.Login()
+			}
+		}
+
+		c.MapTo(user, (*User)(nil))
+	}
+}
+
+// AuthenticateSession will mark the session and user object as authenticated. Then
+// the Login() user function will be called. This function should be called after
+// you have validated a user.
+func AuthenticateSession(s sessions.Session, user User) error {
+	user.Login()
+	return UpdateUser(s, user)
+}
+
+// Logout will clear out the session and call the Logout() user function.
+func Logout(s sessions.Session, user User) {
+	user.Logout()
+	s.Delete(SessionKey)
+}
+
+// LoginRequired verifies that the current user is authenticated. Any routes that
+// require a login should have this handler placed in the flow. If the user is not
+// authenticated, they will be redirected to /login with the "next" get parameter
+// set to the attempted URL.
+func LoginRequired(r render.Render, user User, req *http.Request) {
+	if user.IsAuthenticated() == false {
+		path := fmt.Sprintf("%s?%s=%s", RedirectUrl, RedirectParam, req.URL.Path)
+		r.Redirect(path, 302)
+	}
+}
+
+// UpdateUser updates the User object stored in the session. This is useful incase a change
+// is made to the user model that needs to persist across requests.
+func UpdateUser(s sessions.Session, user User) error {
+	s.Set(SessionKey, user.UniqueId())
+	return nil
+}
+

internal/auth/user.go

@@ -1,9 +1,9 @@
-package models
+package auth
 
 import (
 	"database/sql"
 	"fmt"
-	"github.com/codegangsta/martini-contrib/sessionauth"
+	"github.com/tiburon-777/OTUS_HighLoad/internal/application"
 	"time"
 )
 
@@ -21,7 +21,7 @@ type UserModel struct {
 	Db *sql.DB
 }
 
-func GenerateAnonymousUser() sessionauth.User {
+func GenerateAnonymousUser() User {
 	return &UserModel{}
 }
 
@@ -48,9 +48,10 @@ func (u *UserModel) UniqueId() interface{} {
 	return u.Id
 }
 
-func (u *UserModel) GetById(id interface{}) error {
+func (u *UserModel) GetById(app application.App, id interface{}) error {
 	query := fmt.Sprintf("SELECT username FROM users WHERE id=%d", id)
-	err := u.Db.QueryRow(query).Err()
+	var v []uint8
+	err := app.DB.QueryRow(query).Scan(&v)
 	if err != nil {
 		return err
 	}

internal/handlers/handlers.go

@@ -3,10 +3,9 @@ package handlers
 import (
 	"fmt"
 	"github.com/codegangsta/martini-contrib/render"
-	"github.com/codegangsta/martini-contrib/sessionauth"
 	"github.com/codegangsta/martini-contrib/sessions"
 	"github.com/tiburon-777/OTUS_HighLoad/internal/application"
-	"github.com/tiburon-777/OTUS_HighLoad/internal/models"
+	"github.com/tiburon-777/OTUS_HighLoad/internal/auth"
 	"net"
 	"net/http"
 )
@@ -37,22 +36,22 @@ func GetUserList(r render.Render) {
 	r.HTML(200, "list", doc)
 }
 
-func PostLogin(app application.App, session sessions.Session, postedUser models.UserModel, r render.Render, req *http.Request) {
+func PostLogin(app application.App, session sessions.Session, postedUser auth.UserModel, r render.Render, req *http.Request) {
-	user := models.UserModel{}
+	user := auth.UserModel{}
 	query := fmt.Sprintf("SELECT * FROM users WHERE username=\"%s\" and password =\"%s\"", postedUser.Username, postedUser.Password)
 	err := app.DB.QueryRow(query).Scan(&user.Id, &user.Username, &user.Password)
 
 	if err != nil || user.Id==0 {
-		r.Redirect(sessionauth.RedirectUrl)
+		r.Redirect(auth.RedirectUrl)
 		return
 	} else {
-		err := sessionauth.AuthenticateSession(session, &user)
+		err := auth.AuthenticateSession(session, &user)
 		if err != nil {
 			r.JSON(500, err)
 		}
 
 		params := req.URL.Query()
-		redirect := params.Get(sessionauth.RedirectParam)
+		redirect := params.Get(auth.RedirectParam)
 		r.Redirect(redirect)
 		return
 	}