func AuthMiddleware() echo.HandlerFunc {
return func(c *echo.Context) (err error) {
mdb, err := getDatabase()
userInfo, _ := cookie.Get(c.Request(), "SESSION")
username, ok := userInfo.Values["username"].(string)
password, ok := userInfo.Values["password"].(string)
defer mdb.Session.Close()
authorized := db.AuthorizeUser(mdb, username, password)
ipValid := db.ValidUserIP(mdb, username, getClientIP(c.Request()))
if (!ok || !authorized || !ipValid) && CheckProtected(c.Request().RequestURI) {
return c.Redirect(http.StatusTemporaryRedirect, "/login")
}
// TODO(elct9620): This should move into login handler
if (authorized && ipValid) && c.Request().RequestURI == "/login" {
return c.Redirect(http.StatusFound, "/")
}
return
}
}
func verifyLogin(c *echo.Context) (err error) {
mdb, err := getDatabase()
defer mdb.Session.Close()
username := c.Request().FormValue("username")
password := c.Request().FormValue("password")
encryptedPassword := db.EncryptPassword(password)
if db.AuthorizeUser(mdb, username, encryptedPassword) {
userInfo, _ := cookie.Get(c.Request(), "SESSION")
userInfo.Values["username"] = username
userInfo.Values["password"] = encryptedPassword
err = userInfo.Save(c.Request(), c.Response())
err = db.RefreshUserIP(mdb, &db.User{username, encryptedPassword, ""}, getClientIP(c.Request()))
} else {
// TODO(elct9620): Show error message to notice user
}
return c.Redirect(http.StatusFound, "/")
}