mycorrhiza/web/auth.go

package web

import (
	"errors"
	"fmt"
	"io"
	"log"
	"mime"
	"net/http"
	"strings"

	"github.com/gorilla/mux"

	"github.com/bouncepaw/mycorrhiza/cfg"
	"github.com/bouncepaw/mycorrhiza/l18n"
	"github.com/bouncepaw/mycorrhiza/user"
	"github.com/bouncepaw/mycorrhiza/util"
	"github.com/bouncepaw/mycorrhiza/views"
)

func initAuth(r *mux.Router) {
	r.HandleFunc("/lock", handlerLock)
	// The check below saves a lot of extra checks and lines of codes in other places in this file.
	if !cfg.UseAuth {
		return
	}
	if cfg.AllowRegistration {
		r.HandleFunc("/register", handlerRegister)
	}
	if cfg.TelegramEnabled {
		r.HandleFunc("/telegram-login", handlerTelegramLogin)
	}
	r.HandleFunc("/login", handlerLogin)
	r.HandleFunc("/logout", handlerLogout)
}

func handlerLock(w http.ResponseWriter, rq *http.Request) {
	_, _ = io.WriteString(w, views.LockHTML(l18n.FromRequest(rq)))
}

// handlerRegister displays the register form (GET) or registers the user (POST).
func handlerRegister(w http.ResponseWriter, rq *http.Request) {
	lc := l18n.FromRequest(rq)
	util.PrepareRq(rq)
	if rq.Method == http.MethodGet {
		_, _ = io.WriteString(
			w,
			views.BaseHTML(
				lc.Get("auth.register_title"),
				views.RegisterHTML(rq),
				lc,
				user.FromRequest(rq),
			),
		)
	} else if rq.Method == http.MethodPost {
		var (
			username = rq.PostFormValue("username")
			password = rq.PostFormValue("password")
			err      = user.Register(username, password, "editor", "local", false)
		)
		if err != nil {
			log.Printf("Failed to register ‘%s’: %s", username, err.Error())
			w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
			w.WriteHeader(http.StatusBadRequest)
			_, _ = io.WriteString(
				w,
				views.BaseHTML(
					lc.Get("auth.register_title"),
					fmt.Sprintf(
						`<main class="main-width"><p>%s</p><p><a href="/register">%s<a></p></main>`,
						err.Error(),
						lc.Get("auth.try_again"),
					),
					lc,
					user.FromRequest(rq),
				),
			)
		} else {
			log.Printf("Successfully registered ‘%s’", username)
			user.LoginDataHTTP(w, rq, username, password)
			http.Redirect(w, rq, "/"+rq.URL.RawQuery, http.StatusSeeOther)
		}
	}
}

// handlerLogout shows the logout form (GET) or logs the user out (POST).
func handlerLogout(w http.ResponseWriter, rq *http.Request) {
	if rq.Method == http.MethodGet {
		var (
			u   = user.FromRequest(rq)
			can = u != nil
			lc  = l18n.FromRequest(rq)
		)
		w.Header().Set("Content-Type", "text/html;charset=utf-8")
		if can {
			log.Println("User", u.Name, "tries to log out")
			w.WriteHeader(http.StatusOK)
		} else {
			log.Println("Unknown user tries to log out")
			w.WriteHeader(http.StatusForbidden)
		}
		_, _ = io.WriteString(
			w,
			views.BaseHTML(lc.Get("auth.logout_title"), views.LogoutHTML(can, lc), lc, u),
		)
	} else if rq.Method == http.MethodPost {
		user.LogoutFromRequest(w, rq)
		http.Redirect(w, rq, "/", http.StatusSeeOther)
	}
}

// handlerLogin shows the login form (GET) or logs the user in (POST).
func handlerLogin(w http.ResponseWriter, rq *http.Request) {
	lc := l18n.FromRequest(rq)
	if rq.Method == http.MethodGet {
		w.Header().Set("Content-Type", "text/html;charset=utf-8")
		w.WriteHeader(http.StatusOK)
		_, _ = io.WriteString(
			w,
			views.BaseHTML(
				lc.Get("auth.login_title"),
				views.LoginHTML(lc),
				lc,
				user.EmptyUser(),
			),
		)
	} else if rq.Method == http.MethodPost {
		var (
			username = util.CanonicalName(rq.PostFormValue("username"))
			password = rq.PostFormValue("password")
			err      = user.LoginDataHTTP(w, rq, username, password)
		)
		if err != "" {
			w.Header().Set("Content-Type", "text/html;charset=utf-8")
			w.WriteHeader(http.StatusInternalServerError)
			_, _ = io.WriteString(w, views.BaseHTML(err, views.LoginErrorHTML(err, lc), lc, user.EmptyUser()))
			return
		}
		http.Redirect(w, rq, "/", http.StatusSeeOther)
	}
}

func handlerTelegramLogin(w http.ResponseWriter, rq *http.Request) {
	// Note there is no lock here.
	lc := l18n.FromRequest(rq)
	w.Header().Set("Content-Type", "text/html;charset=utf-8")
	rq.ParseForm()
	var (
		values     = rq.URL.Query()
		username   = strings.ToLower(values.Get("username"))
		seemsValid = user.TelegramAuthParamsAreValid(values)
		err        = user.Register(
			username,
			"", // Password matters not
			"editor",
			"telegram",
			false,
		)
	)
	if user.HasUsername(username) && user.ByName(username).Source == "telegram" {
		// Problems is something we put blankets on.
		err = nil
	}

	if !seemsValid {
		err = errors.New("Wrong parameters")
	}

	if err != nil {
		log.Printf("Failed to register ‘%s’ using Telegram: %s", username, err.Error())
		w.WriteHeader(http.StatusBadRequest)
		_, _ = io.WriteString(
			w,
			views.BaseHTML(
				lc.Get("ui.error"),
				fmt.Sprintf(
					`<main class="main-width"><p>%s</p><p>%s</p><p><a href="/login">%s<a></p></main>`,
					lc.Get("auth.error_telegram"),
					err.Error(),
					lc.Get("auth.go_login"),
				),
				lc,
				user.FromRequest(rq),
			),
		)
		return
	}

	errmsg := user.LoginDataHTTP(w, rq, username, "")
	if errmsg != "" {
		log.Printf("Failed to login ‘%s’ using Telegram: %s", username, err.Error())
		w.WriteHeader(http.StatusBadRequest)
		_, _ = io.WriteString(
			w,
			views.BaseHTML(
				"Error",
				fmt.Sprintf(
					`<main class="main-width"><p>%s</p><p>%s</p><p><a href="/login">%s<a></p></main>`,
					lc.Get("auth.error_telegram"),
					err.Error(),
					lc.Get("auth.go_login"),
				),
				lc,
				user.FromRequest(rq),
			),
		)
		return
	}
	log.Printf("Authorize ‘%s’ from Telegram", username)
	http.Redirect(w, rq, "/", http.StatusSeeOther)
}
-												Move all web-related stuff to a new module

											
										
										
											2021-05-09 10:42:12 +00:00
+								package web
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
 								import (
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+									"errors"
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+									"fmt"
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+									"io"
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+									"log"
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+									"mime"
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+									"net/http"
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+									"strings"
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+									"github.com/gorilla/mux"
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+									"github.com/bouncepaw/mycorrhiza/cfg"
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+									"github.com/bouncepaw/mycorrhiza/l18n"
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+									"github.com/bouncepaw/mycorrhiza/user"
-												Start the Great Refactoring

											
										
										
											2021-02-17 18:41:35 +00:00
+									"github.com/bouncepaw/mycorrhiza/util"
-												Move mutators.qtpl and auth.qtpl to the views

											
										
										
											2021-02-23 14:25:07 +00:00
+									"github.com/bouncepaw/mycorrhiza/views"
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+								)
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+								func initAuth(r *mux.Router) {
 									r.HandleFunc("/lock", handlerLock)
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+									// The check below saves a lot of extra checks and lines of codes in other places in this file.
-												Drop fixed authorization

Important changes:
- UseFixedAuth is now UseAuth and toggles all kinds of authorization and
  registration
- UseRegistration is now AllowRegistration to better reflect the meaning
- LimitRegistration is now RegistrationLimit because it's not a boolean,
  it's a value (not "limit registration?", but "registration limit is
  ...")
- registered-users.json is now users.json, because all users are stored
  there
- user.AuthUsed is dropped in favor of new cfg.UseAuth which has the
  same meaning

I hope I have not forgotten anything.

											
										
										
											2021-07-02 08:20:03 +00:00
+									if !cfg.UseAuth {
-												Reorganise and document the web stuff a little

											
										
										
											2021-05-09 11:09:27 +00:00
+										return
 									}
-												Drop fixed authorization

Important changes:
- UseFixedAuth is now UseAuth and toggles all kinds of authorization and
  registration
- UseRegistration is now AllowRegistration to better reflect the meaning
- LimitRegistration is now RegistrationLimit because it's not a boolean,
  it's a value (not "limit registration?", but "registration limit is
  ...")
- registered-users.json is now users.json, because all users are stored
  there
- user.AuthUsed is dropped in favor of new cfg.UseAuth which has the
  same meaning

I hope I have not forgotten anything.

											
										
										
											2021-07-02 08:20:03 +00:00
+									if cfg.AllowRegistration {
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+										r.HandleFunc("/register", handlerRegister)
-												Reorganise and document the web stuff a little

											
										
										
											2021-05-09 11:09:27 +00:00
+									}
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+									if cfg.TelegramEnabled {
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+										r.HandleFunc("/telegram-login", handlerTelegramLogin)
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+									}
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+									r.HandleFunc("/login", handlerLogin)
 									r.HandleFunc("/logout", handlerLogout)
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+								}
-												Implement the lock page

It is unused now, you can take a look at it on /lock

											
										
										
											2021-07-09 11:47:50 +00:00
+								func handlerLock(w http.ResponseWriter, rq *http.Request) {
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+									_, _ = io.WriteString(w, views.LockHTML(l18n.FromRequest(rq)))
-												Implement the lock page

It is unused now, you can take a look at it on /lock

											
										
										
											2021-07-09 11:47:50 +00:00
+								}
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+								// handlerRegister displays the register form (GET) or registers the user (POST).
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+								func handlerRegister(w http.ResponseWriter, rq *http.Request) {
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+									lc := l18n.FromRequest(rq)
-												Move all web-related stuff to a new module

											
										
										
											2021-05-09 10:42:12 +00:00
+									util.PrepareRq(rq)
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+									if rq.Method == http.MethodGet {
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+										_, _ = io.WriteString(
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+											w,
-												Move all web-related stuff to a new module

											
										
										
											2021-05-09 10:42:12 +00:00
+											views.BaseHTML(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+												lc.Get("auth.register_title"),
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+												views.RegisterHTML(rq),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+												lc,
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+												user.FromRequest(rq),
 											),
 										)
 									} else if rq.Method == http.MethodPost {
-												You can now register, but the new account is not saved on disk

											
										
										
											2021-04-19 16:39:25 +00:00
+										var (
 											username = rq.PostFormValue("username")
 											password = rq.PostFormValue("password")
-												Mark user's source: local or telegram

											
										
										
											2021-07-14 21:00:35 +00:00
+											err      = user.Register(username, password, "editor", "local", false)
-												You can now register, but the new account is not saved on disk

											
										
										
											2021-04-19 16:39:25 +00:00
+										)
 										if err != nil {
-												Get rid of " in some places

Violently

											
										
										
											2021-08-12 12:12:53 +00:00
+											log.Printf("Failed to register ‘%s’: %s", username, err.Error())
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+											w.Header().Set("Content-Type", mime.TypeByExtension(".html"))
 											w.WriteHeader(http.StatusBadRequest)
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+											_, _ = io.WriteString(
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+												w,
 												views.BaseHTML(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													lc.Get("auth.register_title"),
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+													fmt.Sprintf(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+														`<main class="main-width"><p>%s</p><p><a href="/register">%s<a></p></main>`,
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+														err.Error(),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+														lc.Get("auth.try_again"),
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+													),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													lc,
-												Actually check for illegal username, pretty errors

											
										
										
											2021-07-01 08:45:03 +00:00
+													user.FromRequest(rq),
 												),
 											)
-												You can now register, but the new account is not saved on disk

											
										
										
											2021-04-19 16:39:25 +00:00
+										} else {
-												Get rid of " in some places

Violently

											
										
										
											2021-08-12 12:12:53 +00:00
+											log.Printf("Successfully registered ‘%s’", username)
-												You can now register, but the new account is not saved on disk

											
										
										
											2021-04-19 16:39:25 +00:00
+											user.LoginDataHTTP(w, rq, username, password)
 											http.Redirect(w, rq, "/"+rq.URL.RawQuery, http.StatusSeeOther)
 										}
-												Implement register form and some registration-related code

											
										
										
											2021-04-12 17:40:43 +00:00
+									}
 								}
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+								// handlerLogout shows the logout form (GET) or logs the user out (POST).
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+								func handlerLogout(w http.ResponseWriter, rq *http.Request) {
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+									if rq.Method == http.MethodGet {
 										var (
 											u   = user.FromRequest(rq)
 											can = u != nil
 											lc  = l18n.FromRequest(rq)
 										)
 										w.Header().Set("Content-Type", "text/html;charset=utf-8")
 										if can {
 											log.Println("User", u.Name, "tries to log out")
 											w.WriteHeader(http.StatusOK)
 										} else {
 											log.Println("Unknown user tries to log out")
 											w.WriteHeader(http.StatusForbidden)
 										}
 										_, _ = io.WriteString(
 											w,
 											views.BaseHTML(lc.Get("auth.logout_title"), views.LogoutHTML(can, lc), lc, u),
 										)
 									} else if rq.Method == http.MethodPost {
 										user.LogoutFromRequest(w, rq)
 										http.Redirect(w, rq, "/", http.StatusSeeOther)
-												Implement logging out

											
										
										
											2020-11-14 13:03:06 +00:00
+									}
 								}
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+								// handlerLogin shows the login form (GET) or logs the user in (POST).
-												Reorganise and document the web stuff a little

											
										
										
											2021-05-09 11:09:27 +00:00
+								func handlerLogin(w http.ResponseWriter, rq *http.Request) {
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+									lc := l18n.FromRequest(rq)
 									if rq.Method == http.MethodGet {
 										w.Header().Set("Content-Type", "text/html;charset=utf-8")
-												Reorganise and document the web stuff a little

											
										
										
											2021-05-09 11:09:27 +00:00
+										w.WriteHeader(http.StatusOK)
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+										_, _ = io.WriteString(
 											w,
 											views.BaseHTML(
 												lc.Get("auth.login_title"),
 												views.LoginHTML(lc),
 												lc,
 												user.EmptyUser(),
 											),
 										)
 									} else if rq.Method == http.MethodPost {
 										var (
 											username = util.CanonicalName(rq.PostFormValue("username"))
 											password = rq.PostFormValue("password")
 											err      = user.LoginDataHTTP(w, rq, username, password)
 										)
 										if err != "" {
 											w.Header().Set("Content-Type", "text/html;charset=utf-8")
 											w.WriteHeader(http.StatusInternalServerError)
 											_, _ = io.WriteString(w, views.BaseHTML(err, views.LoginErrorHTML(err, lc), lc, user.EmptyUser()))
 											return
 										}
 										http.Redirect(w, rq, "/", http.StatusSeeOther)
-												Reorganise and document the web stuff a little

											
										
										
											2021-05-09 11:09:27 +00:00
+									}
 								}
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+								func handlerTelegramLogin(w http.ResponseWriter, rq *http.Request) {
 									// Note there is no lock here.
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+									lc := l18n.FromRequest(rq)
-												Improve some forms

											
										
										
											2021-07-14 20:04:52 +00:00
+									w.Header().Set("Content-Type", "text/html;charset=utf-8")
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+									rq.ParseForm()
 									var (
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+										values     = rq.URL.Query()
 										username   = strings.ToLower(values.Get("username"))
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+										seemsValid = user.TelegramAuthParamsAreValid(values)
-												Migrate to gorilla/mux for web needs

What a wonderful package!

											
										
										
											2021-07-15 17:46:35 +00:00
+										err        = user.Register(
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+											username,
 											"", // Password matters not
-												Mark user's source: local or telegram

											
										
										
											2021-07-14 21:00:35 +00:00
+											"editor",
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+											"telegram",
 											false,
 										)
 									)
-												Housekeeping with linter

'I do as the golint guides'

											
										
										
											2021-10-01 17:12:16 +00:00
+									if user.HasUsername(username) && user.ByName(username).Source == "telegram" {
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+										// Problems is something we put blankets on.
 										err = nil
 									}
 									if !seemsValid {
 										err = errors.New("Wrong parameters")
 									}
 									if err != nil {
 										log.Printf("Failed to register ‘%s’ using Telegram: %s", username, err.Error())
 										w.WriteHeader(http.StatusBadRequest)
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+										_, _ = io.WriteString(
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+											w,
 											views.BaseHTML(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+												lc.Get("ui.error"),
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+												fmt.Sprintf(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													`<main class="main-width"><p>%s</p><p>%s</p><p><a href="/login">%s<a></p></main>`,
 													lc.Get("auth.error_telegram"),
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+													err.Error(),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													lc.Get("auth.go_login"),
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+												),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+												lc,
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+												user.FromRequest(rq),
 											),
 										)
 										return
 									}
 									errmsg := user.LoginDataHTTP(w, rq, username, "")
 									if errmsg != "" {
 										log.Printf("Failed to login ‘%s’ using Telegram: %s", username, err.Error())
 										w.WriteHeader(http.StatusBadRequest)
-												Auth: Refactor login and logout

GET /login and POST /login-data are merged into /login.

GET /logout and POST /logout-confirm are merged into /logout.

The logout form now looks more consistent with other forms.

Used io.WriteString instead of Fprint where it wasn't like that for some reason.

											
										
										
											2021-12-30 21:07:39 +00:00
+										_, _ = io.WriteString(
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+											w,
 											views.BaseHTML(
 												"Error",
 												fmt.Sprintf(
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													`<main class="main-width"><p>%s</p><p>%s</p><p><a href="/login">%s<a></p></main>`,
 													lc.Get("auth.error_telegram"),
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+													err.Error(),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+													lc.Get("auth.go_login"),
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+												),
-												Initial l18n support

											
										
										
											2021-09-06 17:46:34 +00:00
+												lc,
-												Implement initial Telegram integration

											
										
										
											2021-07-14 19:51:55 +00:00
+												user.FromRequest(rq),
 											),
 										)
 										return
 									}
 									log.Printf("Authorize ‘%s’ from Telegram", username)
 									http.Redirect(w, rq, "/", http.StatusSeeOther)
 								}