From 0da71540bce9929025a7b78686c632c189966707 Mon Sep 17 00:00:00 2001 From: Johannes Loher Date: Mon, 7 Aug 2017 00:54:47 +0200 Subject: [PATCH] Modified authentication to use the built in tools for it --- source/calendarwebapp.d | 79 +++++++++++++++++++---------------------- 1 file changed, 37 insertions(+), 42 deletions(-) diff --git a/source/calendarwebapp.d b/source/calendarwebapp.d index d31fa81..3e596d6 100644 --- a/source/calendarwebapp.d +++ b/source/calendarwebapp.d @@ -7,79 +7,58 @@ import std.typecons : Nullable; import vibe.vibe; -class CalendarWebapp +import vibe.web.auth; + +struct AuthInfo { -private: - enum auth = before!ensureAuth("userName"); + string userName; +} - immutable fileName = Path("events.json"); - - struct UserData +@requiresAuth class CalendarWebapp +{ + @noRoute AuthInfo authenticate(scope HTTPServerRequest req, scope HTTPServerResponse res) { - bool loggedIn; - string name; - string uuid; - } - - SessionVar!(UserData, "user") user; - - Entry[] getEntriesFromFile(in Path fileName) - { - Entry[] entries; - if (fileName.existsFile) + if (!req.session || !req.session.isKeySet("auth")) { - deserializeJson(entries, fileName.readFileUTF8.parseJsonString); - } - return entries; - } - - string ensureAuth(HTTPServerRequest req, HTTPServerResponse res) - { - if (!user.loggedIn) redirect("/login"); - return user.name; + throw new HTTPStatusException(HTTPStatus.forbidden, "Du musst dich erst einloggen"); + } + return req.session.get!AuthInfo("auth"); } - mixin PrivateAccessProxy; - public: - @auth void index(string userName) + @anyAuth @errorDisplay!getLogin void index() { auto entries = getEntriesFromFile(fileName); render!("showevents.dt", entries); } - void getLogin(string _error = null) + @noAuth void getLogin(string _error = null) { render!("login.dt", _error); } - @errorDisplay!getLogin void postLogin(string username, string password) + @noAuth @errorDisplay!getLogin void postLogin(string username, string password) { - import std.uuid : randomUUID; - enforce(username == "foo" && password == "bar", "Benutzername oder Passwort ungültig"); - UserData d; - d.loggedIn = true; - d.name = username; - d.uuid = randomUUID.toString; - user = d; + immutable AuthInfo authInfo = {username}; + auth = authInfo; redirect("/"); } - void getLogout() + @anyAuth void getLogout() { terminateSession(); redirect("/"); } - @auth void getCreate(string userName, ValidationErrorData _error = ValidationErrorData.init) + @anyAuth void getCreate(ValidationErrorData _error = ValidationErrorData.init) { render!("create.dt", _error); } - @auth @errorDisplay!getCreate void postCreate(Date begin, Nullable!Date end, - string description, string name, EventType type, bool shout, string userName) + @anyAuth @errorDisplay!getCreate void postCreate(Date begin, Nullable!Date end, + string description, string name, EventType type, bool shout) { import std.array : split, replace; @@ -101,4 +80,20 @@ public: string field; } +private: + + immutable fileName = Path("events.json"); + + SessionVar!(AuthInfo, "auth") auth; + + Entry[] getEntriesFromFile(in Path fileName) + { + Entry[] entries; + if (fileName.existsFile) + { + deserializeJson(entries, fileName.readFileUTF8.parseJsonString); + } + return entries; + } + }