Authentification with cookies

.gitignore

@@ -60,3 +60,4 @@ tpl-ex3/tpl-ex3
 form-ex1/form-ex1
 form-ex2/form-ex2
 webcounter/webcounter
+authcookie/authcookie

authcookie/main.go

@@ -0,0 +1,76 @@
+package main
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+
+	"github.com/gorilla/sessions"
+)
+
+type AuthCookie struct {
+	templates *template.Template
+	store     *sessions.CookieStore
+}
+
+func (app *AuthCookie) HomePage(res http.ResponseWriter, req *http.Request) {
+	app.templates.ExecuteTemplate(res, "home.html", app.CurrentSession(res, req).Values)
+}
+func (app *AuthCookie) LoginPage(res http.ResponseWriter, req *http.Request) {
+	formErr := make(map[string]string)
+	switch req.Method {
+	case "POST":
+		username := req.FormValue("username")
+		if username == "" {
+			formErr["username"] = "Empty username"
+		}
+		password := req.FormValue("password")
+		if password == "" {
+			formErr["password"] = "Empty password"
+		}
+		if len(formErr) == 0 {
+			app.SaveUsername(username, res, req)
+			RedirectHome(res, req)
+			return
+		}
+		fallthrough
+	case "GET":
+		app.templates.ExecuteTemplate(res, "login.html", formErr)
+	}
+}
+func (app *AuthCookie) LogoutPage(res http.ResponseWriter, req *http.Request) {
+	app.SaveUsername("", res, req)
+	RedirectHome(res, req)
+}
+func (app *AuthCookie) CurrentSession(res http.ResponseWriter, req *http.Request) *sessions.Session {
+	session, _ := app.store.Get(req, "session")
+	return session
+}
+func (app *AuthCookie) SaveUsername(username string, res http.ResponseWriter, req *http.Request) {
+	session := app.CurrentSession(res, req)
+	session.Values["username"] = username
+	session.Save(req, res)
+}
+func RedirectHome(res http.ResponseWriter, req *http.Request) {
+	http.Redirect(res, req, "/", http.StatusSeeOther)
+}
+
+/*
+Create an http application that supports at least 2 endpoints:
+login and logout. login should accept a form and save a cookie.
+(with at least the username) logout should clear the cookie.
+*/
+func main() {
+	tpl, err := template.ParseGlob("templates/*.html")
+	if err != nil {
+		log.Fatalln(err)
+	}
+	app := AuthCookie{
+		templates: tpl,
+		store:     sessions.NewCookieStore([]byte("flQ6QzM/c3Jtdl9ycDx6OXRIfFgK")),
+	}
+	http.HandleFunc("/", app.HomePage)
+	http.HandleFunc("/login", app.LoginPage)
+	http.HandleFunc("/logout", app.LogoutPage)
+	http.ListenAndServe(":9000", nil)
+}

authcookie/templates/footer.html

@@ -0,0 +1,2 @@
+  </body>
+</html>

authcookie/templates/header.html

@@ -0,0 +1,4 @@
+<!DOCTYPE html>
+<html>
+  <head><title>Auth cookie</title></head>
+  <body>

authcookie/templates/home.html

@@ -0,0 +1,10 @@
+{{ template "header.html" }}
+<div>
+{{ if .username }}
+<a href="/logout">Logout</a>
+{{ else }}
+<a href="/login">Login</a>
+{{ end }}
+</div>
+<h1>Hello {{ .username }}</h1>
+{{ template "footer.html" }}

authcookie/templates/login.html

@@ -0,0 +1,16 @@
+{{ template "header.html" }}
+<h1>Authentification</h1>
+<form action="/login" method="POST">
+  <label>
+    Username: {{ if .username }}<b>{{ .username }}</b>{{ end }}
+    <input type="text" name="username">
+  </label>
+  <br>
+  <label>
+    Password: {{ if .password }}<b>{{ .password }}</b>{{ end }}
+    <input type="password" name="password">
+  </label>
+  <br>
+  <input type="submit">
+</form>
+{{ template "footer.html" }}