Modified authentication to use the built in tools for it

This commit is contained in:
Johannes Loher 2017-08-07 00:54:47 +02:00
parent 576852cad5
commit 0da71540bc

View file

@ -7,79 +7,58 @@ import std.typecons : Nullable;
import vibe.vibe; import vibe.vibe;
class CalendarWebapp import vibe.web.auth;
{
private:
enum auth = before!ensureAuth("userName");
immutable fileName = Path("events.json"); struct AuthInfo
struct UserData
{ {
bool loggedIn; string userName;
string name;
string uuid;
} }
SessionVar!(UserData, "user") user; @requiresAuth class CalendarWebapp
Entry[] getEntriesFromFile(in Path fileName)
{ {
Entry[] entries; @noRoute AuthInfo authenticate(scope HTTPServerRequest req, scope HTTPServerResponse res)
if (fileName.existsFile)
{ {
deserializeJson(entries, fileName.readFileUTF8.parseJsonString); if (!req.session || !req.session.isKeySet("auth"))
}
return entries;
}
string ensureAuth(HTTPServerRequest req, HTTPServerResponse res)
{ {
if (!user.loggedIn)
redirect("/login"); redirect("/login");
return user.name; throw new HTTPStatusException(HTTPStatus.forbidden, "Du musst dich erst einloggen");
}
return req.session.get!AuthInfo("auth");
} }
mixin PrivateAccessProxy;
public: public:
@auth void index(string userName) @anyAuth @errorDisplay!getLogin void index()
{ {
auto entries = getEntriesFromFile(fileName); auto entries = getEntriesFromFile(fileName);
render!("showevents.dt", entries); render!("showevents.dt", entries);
} }
void getLogin(string _error = null) @noAuth void getLogin(string _error = null)
{ {
render!("login.dt", _error); render!("login.dt", _error);
} }
@errorDisplay!getLogin void postLogin(string username, string password) @noAuth @errorDisplay!getLogin void postLogin(string username, string password)
{ {
import std.uuid : randomUUID;
enforce(username == "foo" && password == "bar", "Benutzername oder Passwort ungültig"); enforce(username == "foo" && password == "bar", "Benutzername oder Passwort ungültig");
UserData d; immutable AuthInfo authInfo = {username};
d.loggedIn = true; auth = authInfo;
d.name = username;
d.uuid = randomUUID.toString;
user = d;
redirect("/"); redirect("/");
} }
void getLogout() @anyAuth void getLogout()
{ {
terminateSession(); terminateSession();
redirect("/"); redirect("/");
} }
@auth void getCreate(string userName, ValidationErrorData _error = ValidationErrorData.init) @anyAuth void getCreate(ValidationErrorData _error = ValidationErrorData.init)
{ {
render!("create.dt", _error); render!("create.dt", _error);
} }
@auth @errorDisplay!getCreate void postCreate(Date begin, Nullable!Date end, @anyAuth @errorDisplay!getCreate void postCreate(Date begin, Nullable!Date end,
string description, string name, EventType type, bool shout, string userName) string description, string name, EventType type, bool shout)
{ {
import std.array : split, replace; import std.array : split, replace;
@ -101,4 +80,20 @@ public:
string field; string field;
} }
private:
immutable fileName = Path("events.json");
SessionVar!(AuthInfo, "auth") auth;
Entry[] getEntriesFromFile(in Path fileName)
{
Entry[] entries;
if (fileName.existsFile)
{
deserializeJson(entries, fileName.readFileUTF8.parseJsonString);
}
return entries;
}
} }