feat: make app configurable

2025-10-28 20:55:42 +00:00 · 2025-01-19 15:04:46 +02:00
parent c0e085ea10
commit 6eccb6d835
11 changed files with 299 additions and 40 deletions
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -6,22 +6,36 @@ import (
 	"net/http"
 	"os"
 	"strings"
+	"time"
 	"tinyauth/internal/assets"
+	"tinyauth/internal/auth"
 	"tinyauth/internal/types"

 	"github.com/gin-contrib/sessions"
 	"github.com/gin-contrib/sessions/cookie"
 	"github.com/gin-gonic/gin"
 	"github.com/google/go-querystring/query"
+	"github.com/rs/zerolog/log"
 )

-func Run() {
-	router := gin.Default()
-	dist, _ := fs.Sub(assets.Assets, "dist")
+func Run(config types.Config, users types.UserList) {
+	gin.SetMode(gin.ReleaseMode)
+	router := gin.New()
+	router.Use(zerolog())
+	dist, distErr := fs.Sub(assets.Assets, "dist")
+
+	if distErr != nil {
+		log.Fatal().Err(distErr).Msg("Failed to get UI assets")
+		os.Exit(1)
+	}
+
 	fileServer := http.FileServer(http.FS(dist))
-	store := cookie.NewStore([]byte("secret"))
+	store := cookie.NewStore([]byte(config.Secret))
+
+	domain := strings.Split(config.RootURL, "://")[1]
+
 	store.Options(sessions.Options{
-		Domain: ".dev.local",
+		Domain: fmt.Sprintf(".%s", domain),
 		Path: "/",
 	})
  	router.Use(sessions.Sessions("tinyauth", store))
@@ -40,22 +54,36 @@ func Run() {
 	router.GET("/api/auth", func (c *gin.Context) {
 		session := sessions.Default(c)
 		value := session.Get("tinyauth")
-		
-		if value == nil || value != "true" {
-			uri := c.Request.Header.Get("X-Forwarded-Uri")
-			proto := c.Request.Header.Get("X-Forwarded-Proto")
-			host := c.Request.Header.Get("X-Forwarded-Host")
-			queries := types.LoginQuery{
-				RedirectURI: fmt.Sprintf("%s://%s%s", proto, host, uri),
+
+		if value != nil {
+			usernameString, ok := value.(string)
+			if ok {
+				if auth.FindUser(users, usernameString) != nil {
+					c.JSON(200, gin.H{
+						"status": 200,
+						"message": "Authorized",
+					})
+					return
+				}
 			}
-			values, _ := query.Values(queries)
-			c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("http://tinyauth.dev.local?%s", values.Encode()))
 		}

-		c.JSON(200, gin.H{
-			"status": 200,
-			"message": "Authorized",
+		uri := c.Request.Header.Get("X-Forwarded-Uri")
+		proto := c.Request.Header.Get("X-Forwarded-Proto")
+		host := c.Request.Header.Get("X-Forwarded-Host")
+		queries, queryErr := query.Values(types.LoginQuery{
+			RedirectURI: fmt.Sprintf("%s://%s%s", proto, host, uri),
 		})
+
+		if queryErr != nil {
+			c.JSON(501, gin.H{
+				"status": 501,
+				"message": "Internal Server Error",
+			})
+			return
+		}
+
+		c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/?%s", config.AppURL, queries.Encode()))
 	})

 	router.POST("/api/login", func (c *gin.Context) {
@@ -71,7 +99,17 @@ func Run() {
 			return
 		}

-		if login.Email != "user@example.com" || login.Password != "password" {
+		user := auth.FindUser(users, login.Username)
+
+		if user == nil {
+			c.JSON(401, gin.H{
+				"status": 401,
+				"message": "Unauthorized",
+			})
+			return
+		}
+
+		if !auth.CheckPassword(*user, login.Password) {
 			c.JSON(401, gin.H{
 				"status": 401,
 				"message": "Unauthorized",
@@ -80,7 +118,7 @@ func Run() {
 		}

 		session := sessions.Default(c)
-		session.Set("tinyauth", "true")
+		session.Set("tinyauth", user.Username)
 		session.Save()

 		c.JSON(200, gin.H{
@@ -104,19 +142,50 @@ func Run() {
 		session := sessions.Default(c)
 		value := session.Get("tinyauth")

-		if value == nil || value != "true" {
-			c.JSON(200, gin.H{
-				"status": 200,
-				"isLoggedIn": false,
-			})
-			return
+		if value != nil {
+			usernameString, ok := value.(string)
+			if ok {
+				if auth.FindUser(users, usernameString) != nil {
+					c.JSON(200, gin.H{
+						"status": 200,
+						"isLoggedIn": true,
+						"username": usernameString,
+					})
+					return
+				}
+			}
 		}

 		c.JSON(200, gin.H{
 			"status": 200,
-			"isLoggedIn": true,
+			"isLoggedIn": false,
+			"username": "",
 		})
 	})

-	router.Run(":3000")
+	router.Run(fmt.Sprintf("%s:%d", config.Address, config.Port))
+}
+
+func zerolog() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		tStart := time.Now()
+
+		c.Next()
+
+		code := c.Writer.Status()
+		address := c.Request.RemoteAddr
+		method := c.Request.Method
+		path := c.Request.URL.Path
+		
+		latency := time.Since(tStart).String()
+
+		switch {
+			case code >= 200 && code < 300:
+				log.Info().Str("method", method).Str("path", path).Str("address", address).Int("status", code).Str("latency", latency).Msg("Request")
+			case code >= 300 && code < 400:
+				log.Warn().Str("method", method).Str("path", path).Str("address", address).Int("status", code).Str("latency", latency).Msg("Request")
+			case code >= 400:
+				log.Error().Str("method", method).Str("path", path).Str("address", address).Int("status", code).Str("latency", latency).Msg("Request")
+		}
+	}
 }