func ExampleRouter() {
// A simple "static" route.
loginForm := func(g *gas.Gas) (int, gas.Outputter) {
return 200, out.HTML("example/login-form", nil)
}
// JSON REST? Sure.
login := func(g *gas.Gas) (int, gas.Outputter) {
u := new(myUser).byUsername(g.FormValue("user"))
if err := auth.SignIn(g, u, g.FormValue("pass")); err != nil {
return 403, out.JSON(M{"error": err.Error()})
} else {
return 204, nil
}
}
// Reroute users (+ a cookie with the path data) if not logged in
checkLogin := func(path string) func(g *gas.Gas) (int, gas.Outputter) {
return func(g *gas.Gas) (int, gas.Outputter) {
if sess, err := auth.GetSession(g); sess == nil || err != nil {
return 303, out.Reroute(path, map[string]string{"path": g.URL.Path})
} else {
g.SetData("user", new(myUser).byUsername(sess.Username))
}
return 0, nil
}
}
// A page behind the login wall
profile := func(g *gas.Gas) (int, gas.Outputter) {
user := g.Data("user").(*myUser)
return 200, out.HTML("example", user)
}
// The router
gas.New().
Get("/profile", checkLogin("/login"), profile).
Get("/login", loginForm).
Post("/login", login)
}
func TestAuth(t *testing.T) {
/*
runtime.GOMAXPROCS(runtime.NumCPU())
go func() {
//fmt.Println(http.ListenAndServe(":6006", nil))
}()
*/
testPass := "******"
hash, salt := auth.NewHash([]byte(testPass))
tx, err := db.DB.Begin()
if err != nil {
t.Fatal(err)
}
tx.Exec(`
CREATE TEMP TABLE gas_test_users (
id serial PRIMARY KEY,
name text NOT NULL,
pass bytea NOT NULL,
salt bytea NOT NULL
)`)
tx.Exec(`INSERT INTO gas_test_users VALUES ( DEFAULT, 'moshee', $1, $2 )`, hash, salt)
if err := tx.Commit(); err != nil {
t.Fatal(err)
}
r := gas.New().Get("/", func(g *gas.Gas) (int, gas.Outputter) {
if sess, err := auth.GetSession(g); sess == nil || err != nil {
fmt.Fprint(g, "no")
} else {
if u, err := new(MyUser).byUsername(sess.Username); err != nil {
fmt.Fprint(g, "no")
} else {
fmt.Fprintf(g, "%d", u.Id)
}
}
return -1, nil
}).Get("/hmac", func(g *gas.Gas) (int, gas.Outputter) {
_, err := auth.GetSession(g)
if err != nil {
fmt.Fprint(g, "no")
if err != auth.ErrBadMac {
t.Fatalf("Expected hmac error, got %v", err)
}
} else {
fmt.Fprint(g, "yes")
}
return -1, nil
}).Post("/login", func(g *gas.Gas) (int, gas.Outputter) {
u, err := new(MyUser).byUsername(g.FormValue("username"))
if err != nil {
fmt.Fprint(g, "no")
return -1, nil
}
if err = auth.SignIn(g, u, g.FormValue("pass")); err != nil {
fmt.Fprint(g, "no")
} else {
fmt.Fprint(g, "yes")
}
return -1, nil
}).Get("/logout", func(g *gas.Gas) (int, gas.Outputter) {
if err := auth.SignOut(g); err != nil {
fmt.Fprint(g, "no")
} else {
fmt.Fprint(g, "yes")
}
return -1, nil
})
t.Log("Testing DB session store")
dbs, err := db.NewStore("gas_sessions")
if err != nil {
t.Fatal(err)
}
auth.UseSessionStore(dbs)
testAuth(t, testPass, r)
t.Log("Testing FS session store")
fss, err := auth.NewFileStore()
if err != nil {
t.Fatal(err)
}
defer fss.Destroy()
auth.UseSessionStore(fss)
testAuth(t, testPass, r)
}