func TwitchLoginHandler(w http.ResponseWriter, r *http.Request) {
token, err := controllerhelpers.GetToken(r)
if err == http.ErrNoCookie {
http.Error(w, "You are not logged in.", http.StatusUnauthorized)
return
} else if err != nil {
http.Error(w, "Invalid jwt", http.StatusBadRequest)
return
}
id := token.Claims.(*controllerhelpers.TF2StadiumClaims).PlayerID
player, _ := player.GetPlayerByID(id)
loginURL := url.URL{
Scheme: "https",
Host: "api.twitch.tv",
Path: "kraken/oauth2/authorize",
}
//twitchRedirectURL := config.Constants.PublicAddress + "/" + "twitchAuth"
twitchRedirectURL, _ := url.Parse(config.Constants.PublicAddress)
twitchRedirectURL.Path = "twitchAuth"
values := loginURL.Query()
values.Set("response_type", "code")
values.Set("client_id", config.Constants.TwitchClientID)
values.Set("redirect_uri", twitchRedirectURL.String())
values.Set("scope", "channel_check_subscription user_subscriptions channel_subscriptions user_read")
values.Set("state", xsrftoken.Generate(config.Constants.CookieStoreSecret, player.SteamID, "GET"))
loginURL.RawQuery = values.Encode()
http.Redirect(w, r, loginURL.String(), http.StatusTemporaryRedirect)
}
// Generate generates a new token
func (d *DefaultCSRFGenerator) Generate(actionID string) string {
if _, ok := d.Session.Get(CsrfSessionKey).(string); !d.Session.Has(CsrfSessionKey) || !ok {
d.Session.Set(CsrfSessionKey, base64.StdEncoding.EncodeToString(securecookie.GenerateRandomKey(16)))
}
t := xsrftoken.Generate(d.Secret, d.Session.Get(CsrfSessionKey).(string), actionID)
return t
}
func ViewServerPage(w http.ResponseWriter, r *http.Request) {
err := serverPage.Execute(w, map[string]interface{}{
"XSRFToken": xsrftoken.Generate(config.Constants.CookieStoreSecret, "admin", "POST"),
"Servers": gameserver.GetAllStoredServers(),
})
if err != nil {
logrus.Error(err)
}
}
func ServeAdminPage(w http.ResponseWriter, r *http.Request) {
err := adminPageTempl.Execute(w, map[string]interface{}{
"BanForms": banForm,
"RoleForms": roleForm,
"XSRFToken": xsrftoken.Generate(config.Constants.CookieStoreSecret, "admin", "POST"),
})
if err != nil {
logrus.Error(err)
}
}
func confirmReq(w http.ResponseWriter, r *http.Request, method, title string) {
templ, err := template.ParseFiles("views/admin/templates/confirm.html")
if err != nil {
logrus.Error(err.Error())
return
}
session, _ := controllerhelpers.GetSessionHTTP(r)
admin, _ := models.GetPlayerBySteamID(session.Values["steam_id"].(string))
token := xsrftoken.Generate(config.Constants.CookieStoreSecret, admin.SteamID, method)
templ.Execute(w, struct {
URL string
Title string
XSRFToken string
}{r.URL.String(), title, token})
}