Add authentication and ability to change host

author: Leonardo Bishop <me@leonardobishop.net> 2025-07-14 01:24:40 +0100
committer: Leonardo Bishop <me@leonardobishop.net> 2025-07-14 01:24:40 +0100
commit: 08a3fb8a2b0281c3c329b33215ec7f8866add606 (patch)
tree: ff8a5413449ea198bc063bf0099fc025ea49c82b /web/command/handler
parent: 684787bcb72aece2aa914597a3bc8788432e66f7 (diff)
3 files changed, 109 insertions, 4 deletions
diff --git a/web/command/handler/authenticate.go b/web/command/handler/authenticate.go
new file mode 100644
index 0000000..1c7d312
--- /dev/null
+++ b/web/command/handler/authenticate.go
@@ -0,0 +1,52 @@
+package handler
+
+import (
+	"crypto/subtle"
+	"fmt"
+	"net/http"
+
+	"github.com/LMBishop/scrapbook/pkg/auth"
+	"github.com/LMBishop/scrapbook/pkg/config"
+	"github.com/LMBishop/scrapbook/web/command/html"
+	. "maragu.dev/gomponents"
+	ghttp "maragu.dev/gomponents/http"
+)
+
+func GetAuthenticate() func(http.ResponseWriter, *http.Request) {
+	return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+		return html.AuthenticatePage(""), nil
+	})
+}
+
+func PostAuthenticate(mainConfig *config.MainConfig, authenticator *auth.Authenticator) func(http.ResponseWriter, *http.Request) {
+	return func(w http.ResponseWriter, r *http.Request) {
+		err := r.ParseForm()
+		if err != nil {
+			html.AuthenticatePage(err.Error()).Render(w)
+			return
+		}
+
+		token := r.Form.Get("token")
+
+		if len(mainConfig.Command.Secret) == 0 || subtle.ConstantTimeCompare([]byte(token), []byte(mainConfig.Command.Secret)) != 1 {
+			html.AuthenticatePage("The secret key is incorrect").Render(w)
+			return
+		}
+
+		jwt, err := authenticator.NewJwt()
+		if err != nil {
+			html.AuthenticatePage(fmt.Errorf("Failed to create jwt: %w", err).Error()).Render(w)
+			return
+		}
+
+		http.SetCookie(w, &http.Cookie{
+			Name:  "session",
+			Value: jwt,
+
+			Secure:   true,
+			SameSite: http.SameSiteStrictMode,
+			HttpOnly: true,
+		})
+		http.Redirect(w, r, "/", 302)
+	}
+}
diff --git a/web/command/handler/create.go b/web/command/handler/create.go
index 21c6b1a..46c7779 100644
--- a/web/command/handler/create.go
+++ b/web/command/handler/create.go
@@ -36,10 +36,6 @@ func PostCreate(mainConfig *config.MainConfig, index *index.SiteIndex) func(http
 			return html.CreatePage("", "A name must be specified", formValues), nil
 		}
 
-		if host == "" {
-			return html.CreatePage("", "A host must be specified", formValues), nil
-		}
-
 		site, err := site.CreateNewSite(name, path.Join(constants.SysDataDir, "sites"), host)
 
 		if err != nil {
diff --git a/web/command/handler/host.go b/web/command/handler/host.go
new file mode 100644
index 0000000..05b4ca6
--- /dev/null
+++ b/web/command/handler/host.go
@@ -0,0 +1,57 @@
+package handler
+
+import (
+	"fmt"
+	"net/http"
+	"path"
+
+	"github.com/LMBishop/scrapbook/pkg/config"
+	"github.com/LMBishop/scrapbook/pkg/index"
+	"github.com/LMBishop/scrapbook/web/command/html"
+	. "maragu.dev/gomponents"
+	ghttp "maragu.dev/gomponents/http"
+)
+
+func GetHost(index *index.SiteIndex) func(http.ResponseWriter, *http.Request) {
+	return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+		siteName := r.PathValue("site")
+		if siteName == "" {
+			return html.ErrorPage("Unknown site: " + siteName), nil
+		}
+		site := index.GetSite(siteName)
+		if site == nil {
+			return html.ErrorPage("Unknown site: " + siteName), nil
+		}
+
+		return html.HostPage("", "", siteName, site.SiteConfig.Host), nil
+	})
+}
+
+func PostHost(mainConfig *config.MainConfig, index *index.SiteIndex) func(http.ResponseWriter, *http.Request) {
+	return ghttp.Adapt(func(w http.ResponseWriter, r *http.Request) (Node, error) {
+		siteName := r.PathValue("site")
+		if siteName == "" {
+			return html.ErrorPage("Unknown site: " + siteName), nil
+		}
+		site := index.GetSite(siteName)
+		if site == nil {
+			return html.ErrorPage("Unknown site: " + siteName), nil
+		}
+
+		err := r.ParseForm()
+		if err != nil {
+			return html.HostPage("", fmt.Errorf("Could not parse form: %w", err).Error(), siteName, site.SiteConfig.Host), nil
+		}
+
+		host := r.FormValue("host")
+
+		site.SiteConfig.Host = host
+		index.UpdateSiteIndexes()
+		err = config.WriteSiteConfig(path.Join(site.Path, "site.toml"), site.SiteConfig)
+		if err != nil {
+			return html.HostPage("", fmt.Errorf("Failed to persist flags: %w", err).Error(), siteName, host), nil
+		}
+
+		return html.HostPage(fmt.Sprintf("Successfully set host for %s to '%s'", siteName, host), "", siteName, host), nil
+	})
+}
author	Leonardo Bishop <me@leonardobishop.net>	2025-07-14 01:24:40 +0100
committer	Leonardo Bishop <me@leonardobishop.net>	2025-07-14 01:24:40 +0100
commit	08a3fb8a2b0281c3c329b33215ec7f8866add606 (patch)
tree	ff8a5413449ea198bc063bf0099fc025ea49c82b /web/command/handler
parent	684787bcb72aece2aa914597a3bc8788432e66f7 (diff)