mirror of
https://github.com/adanrsantos/ThePlaceHolders.git
synced 2024-12-16 14:20:39 -06:00
Fixed requirements with email
This commit is contained in:
commit
efa4e233a8
31
README.md
31
README.md
|
@ -1,11 +1,24 @@
|
||||||
# ThePlaceHolders
|
# ThePlaceHolders
|
||||||
"UTSA Place" Collaborate website canvas that allows students to place a pixel within a restrcited amount of time to make art.
|
"UTSA Place" Collaborate website canvas that allows students to place a pixel
|
||||||
|
within a restricted amount of time to make art.
|
||||||
|
|
||||||
Users Connected (testing if working):
|
## How to run
|
||||||
Adan Santos
|
1. Install [Go](https://go.dev/dl/)
|
||||||
Jackson Sovilay
|
2. Run the command `go run .` inside this folder
|
||||||
Hello
|
3. View the website at [127.0.0.1:8080](http://127.0.0.1:8080/)
|
||||||
Alex Rivera
|
|
||||||
Hello
|
## Go project structure
|
||||||
Testing
|
* [go.mod](go.mod) Go version and library dependencies
|
||||||
Test push
|
* [go.sum](go.sum) Checksums for libraries
|
||||||
|
|
||||||
|
## Backend Source
|
||||||
|
Our back-end is written in [Go](https://go.dev/) using the standard library.
|
||||||
|
* [Request handling](server.go)
|
||||||
|
* [User registration/login](users.go)
|
||||||
|
|
||||||
|
## Frontend Source
|
||||||
|
Our front-end is written in vanilla JavaScript, using the [Bootstrap](https://getbootstrap.com/)
|
||||||
|
CSS framework.
|
||||||
|
* [Main page](static/index.html)
|
||||||
|
* [Login page](static/login.html)
|
||||||
|
* [Registration page](static/register.html)
|
||||||
|
|
BIN
ThePlaceHolders
BIN
ThePlaceHolders
Binary file not shown.
9
go.mod
9
go.mod
|
@ -1,3 +1,10 @@
|
||||||
module github.com/adanrsantos/ThePlaceHolders
|
module github.com/adanrsantos/ThePlaceHolders
|
||||||
|
|
||||||
go 1.23.1
|
go 1.23
|
||||||
|
|
||||||
|
require (
|
||||||
|
github.com/gorilla/sessions v1.4.0
|
||||||
|
golang.org/x/crypto v0.27.0
|
||||||
|
)
|
||||||
|
|
||||||
|
require github.com/gorilla/securecookie v1.1.2 // indirect
|
||||||
|
|
8
go.sum
Normal file
8
go.sum
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
|
||||||
|
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
|
github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
|
||||||
|
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
|
||||||
|
github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
|
||||||
|
github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
|
||||||
|
golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
|
||||||
|
golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
|
67
server.go
67
server.go
|
@ -2,57 +2,48 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/gorilla/sessions"
|
||||||
)
|
)
|
||||||
|
|
||||||
const ADDRESS = "127.0.0.1"
|
const ADDRESS = "127.0.0.1"
|
||||||
const PORT = "8080"
|
const PORT = "8080"
|
||||||
|
|
||||||
type UserForm struct {
|
type Server struct {
|
||||||
Email string
|
// Registered user information
|
||||||
Password string
|
Users map[string]UserData
|
||||||
}
|
// Login sessions
|
||||||
|
Sessions *sessions.CookieStore
|
||||||
func extract_user_data(r *http.Request) UserForm {
|
|
||||||
return UserForm{
|
|
||||||
Email: r.FormValue("email"),
|
|
||||||
Password: r.FormValue("password"),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func handle_login(w http.ResponseWriter, r *http.Request) {
|
|
||||||
if r.Method != http.MethodPost {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
data := extract_user_data(r)
|
|
||||||
fmt.Fprintln(w, data.Email)
|
|
||||||
fmt.Fprintln(w, data.Password)
|
|
||||||
}
|
|
||||||
|
|
||||||
func handle_register(w http.ResponseWriter, r *http.Request) {
|
|
||||||
if r.Method != http.MethodPost {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
data := extract_user_data(r)
|
|
||||||
fmt.Fprintln(w, data.Email)
|
|
||||||
fmt.Fprintln(w, data.Password)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
// Create server object
|
||||||
|
secret := []byte("super-secret-key")
|
||||||
|
server := Server{
|
||||||
|
Users: make(map[string]UserData),
|
||||||
|
Sessions: sessions.NewCookieStore(secret),
|
||||||
|
}
|
||||||
// Host static files
|
// Host static files
|
||||||
static_files := http.FileServer(http.Dir("static/"))
|
static_files := http.FileServer(http.Dir("static/"))
|
||||||
http.Handle("/", static_files)
|
http.Handle("/", static_files)
|
||||||
|
// Redirect .html to clean URL
|
||||||
// Response generated by code
|
http.Handle("/register.html", http.RedirectHandler("/register", 301))
|
||||||
http.HandleFunc("/handle-register", handle_register)
|
http.Handle("/login.html", http.RedirectHandler("/login", 301))
|
||||||
http.HandleFunc("/handle-login", handle_login)
|
// Handle user authentication
|
||||||
|
http.HandleFunc("/register", server.handle_register)
|
||||||
|
http.HandleFunc("/login", server.handle_login)
|
||||||
|
http.HandleFunc("/logout", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
server.handle_logout(w, r)
|
||||||
|
http.Redirect(w, r, "/", http.StatusFound)
|
||||||
|
})
|
||||||
// Start web server at 127.0.0.1:8080
|
// Start web server at 127.0.0.1:8080
|
||||||
e := http.ListenAndServe(ADDRESS+":"+PORT, nil)
|
fmt.Printf("Listening to %s on port %s...\n", ADDRESS, PORT)
|
||||||
|
err := http.ListenAndServe(ADDRESS+":"+PORT, nil)
|
||||||
// Print any errors
|
// Print any errors
|
||||||
if e != nil {
|
if err != nil {
|
||||||
fmt.Println(e)
|
fmt.Println("Error starting server:")
|
||||||
} else {
|
log.Fatal(err)
|
||||||
fmt.Println("Started server successfully")
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,11 +14,14 @@
|
||||||
</h1>
|
</h1>
|
||||||
<ul>
|
<ul>
|
||||||
<li>
|
<li>
|
||||||
<a href="/register.html"> Register </a>
|
<a href="/register.html"> Register </a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li>
|
<li>
|
||||||
<a href="/login.html"> Login </a>
|
<a href="/login.html"> Login </a>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<a href="/logout"> Log Out </a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</body>
|
</body>
|
||||||
|
|
|
@ -9,5 +9,26 @@
|
||||||
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
|
<div class="d-flex p-2 justify-content-center">
|
||||||
|
<form method = "post">
|
||||||
|
<div class="mb-3">
|
||||||
|
<label for="exampleInputEmail1" class="form-label">Email address</label>
|
||||||
|
<input type="email" name="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp">
|
||||||
|
<div id="emailHelp" class="form-text">We'll never share your email with anyone else.</div>
|
||||||
|
</div>
|
||||||
|
<div class="mb-3">
|
||||||
|
<label for="exampleInputPassword1" class="form-label">Password</label>
|
||||||
|
<input type="password" name="password" class="form-control" id="exampleInputPassword1">
|
||||||
|
</div>
|
||||||
|
<div class="mb-3 form-check">
|
||||||
|
<input type="checkbox" class="form-check-input" id="exampleCheck1">
|
||||||
|
<label class="form-check-label" for="exampleCheck1">Show Password</label>
|
||||||
|
</div>
|
||||||
|
<input type="submit" class="btn btn-primary" value="Submit">
|
||||||
|
<div class="fs-6">
|
||||||
|
Don't have an account? Register <a href="register.html">here</a>.
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -10,15 +10,20 @@
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div class="d-flex p-2 justify-content-center align-items-center">
|
<div class="d-flex p-2 justify-content-center align-items-center">
|
||||||
<form action="/handle-register" method="post">
|
<form method="post">
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
|
<<<<<<< HEAD
|
||||||
<label for="exampleInputEmail1" class="form-label">Email address</label>
|
<label for="exampleInputEmail1" class="form-label">Email address</label>
|
||||||
<input type="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" required>
|
<input type="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" required>
|
||||||
|
=======
|
||||||
|
<label for="email" class="form-label">Email address</label>
|
||||||
|
<input type="email" class="form-control" id="email" name="email" aria-describedby="emailHelp">
|
||||||
|
>>>>>>> c160c57da5e2a70b406ce21fd0d3b48efdc62b36
|
||||||
<div id="emailHelp" class="form-text">We'll never share your email with anyone else.</div>
|
<div id="emailHelp" class="form-text">We'll never share your email with anyone else.</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3">
|
<div class="mb-3">
|
||||||
<label for="exampleInputPassword1" class="form-label">Password</label>
|
<label for="password" class="form-label">Password</label>
|
||||||
<input type="password" class="form-control" id="exampleInputPassword1" required>
|
<input type="password" class="form-control" id="password" name="password" required>
|
||||||
</div>
|
</div>
|
||||||
<div class="mb-3 form-check">
|
<div class="mb-3 form-check">
|
||||||
<input type="checkbox" class="form-check-input" id="exampleCheck1">
|
<input type="checkbox" class="form-check-input" id="exampleCheck1">
|
||||||
|
|
152
users.go
Normal file
152
users.go
Normal file
|
@ -0,0 +1,152 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"regexp"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"golang.org/x/crypto/bcrypt"
|
||||||
|
)
|
||||||
|
|
||||||
|
const SESSION_COOKIE_NAME = "utsa-place-session"
|
||||||
|
const SESSION_AUTH = "auth"
|
||||||
|
const SESSION_STARTED = "age"
|
||||||
|
|
||||||
|
const ENCRYPTION_STRENGTH = 14
|
||||||
|
|
||||||
|
type UserData struct {
|
||||||
|
Email string
|
||||||
|
Password string
|
||||||
|
AccountCreated time.Time
|
||||||
|
LastLogin time.Time
|
||||||
|
}
|
||||||
|
|
||||||
|
func validate_email(email string) (string, bool) {
|
||||||
|
email = strings.ToLower(email)
|
||||||
|
regex := regexp.MustCompile("^[a-z]+.[a-z]+@(my.)?utsa.edu")
|
||||||
|
ok := regex.MatchString(email)
|
||||||
|
return email, ok
|
||||||
|
}
|
||||||
|
|
||||||
|
// Encrypts a password
|
||||||
|
func hash_password(password string) string {
|
||||||
|
bytes, _ := bcrypt.GenerateFromPassword([]byte(password), ENCRYPTION_STRENGTH)
|
||||||
|
return string(bytes)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares an unencrpyted password to an encrypted password
|
||||||
|
func check_password_hash(password string, hash string) bool {
|
||||||
|
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||||||
|
return err == nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Handles requests to /login.html
|
||||||
|
func (s *Server) handle_login(w http.ResponseWriter, r *http.Request) {
|
||||||
|
switch r.Method {
|
||||||
|
case http.MethodGet:
|
||||||
|
http.ServeFile(w, r, "./static/login.html")
|
||||||
|
case http.MethodPost:
|
||||||
|
// Get data from form
|
||||||
|
email := r.FormValue("email")
|
||||||
|
password := r.FormValue("password")
|
||||||
|
// Get user from database
|
||||||
|
user, ok := s.Users[email]
|
||||||
|
// If user does not exist
|
||||||
|
if !ok {
|
||||||
|
http.Error(w, "User not found", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
// If password does not match
|
||||||
|
if !check_password_hash(password, user.Password) {
|
||||||
|
http.Error(w, "Passwords dont match", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
// Generate session
|
||||||
|
session, err := s.Sessions.Get(r, SESSION_COOKIE_NAME)
|
||||||
|
if err != nil {
|
||||||
|
s.handle_logout(w, r)
|
||||||
|
http.Error(w, "Invalid session", http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
now := time.Now()
|
||||||
|
session.Values[SESSION_AUTH] = true
|
||||||
|
session.Values[SESSION_STARTED] = now
|
||||||
|
session.Save(r, w)
|
||||||
|
// Update last-login on DB
|
||||||
|
user.LastLogin = now
|
||||||
|
s.Users[email] = user
|
||||||
|
// Redirect to index.html
|
||||||
|
fmt.Println("Logged in user: ", email)
|
||||||
|
http.Redirect(w, r, "/", http.StatusFound)
|
||||||
|
default:
|
||||||
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Handles requests to /register.html
|
||||||
|
func (s *Server) handle_register(w http.ResponseWriter, r *http.Request) {
|
||||||
|
switch r.Method {
|
||||||
|
case http.MethodGet:
|
||||||
|
http.ServeFile(w, r, "./static/register.html")
|
||||||
|
case http.MethodPost:
|
||||||
|
// Get data from form
|
||||||
|
email, ok := validate_email(r.FormValue("email"))
|
||||||
|
if !ok {
|
||||||
|
http.Error(w, "Invalid email address", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
password := r.FormValue("password")
|
||||||
|
if len(password) < 8 || len(password) >= 70 {
|
||||||
|
http.Error(w, "Invalid password length", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
// Check that this email is not already registered
|
||||||
|
if _, ok := s.Users[email]; ok {
|
||||||
|
http.Error(w, "Already registered", http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
// Generate session
|
||||||
|
session, err := s.Sessions.Get(r, SESSION_COOKIE_NAME)
|
||||||
|
// If session cookie invalid
|
||||||
|
if err != nil {
|
||||||
|
s.handle_logout(w, r)
|
||||||
|
http.Error(w, "Invalid session", http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
now := time.Now()
|
||||||
|
// Save user information to DB
|
||||||
|
s.Users[email] = UserData{
|
||||||
|
Email: email,
|
||||||
|
Password: hash_password(password),
|
||||||
|
AccountCreated: now,
|
||||||
|
LastLogin: now,
|
||||||
|
}
|
||||||
|
// Make session valid
|
||||||
|
session.Values[SESSION_AUTH] = true
|
||||||
|
session.Values[SESSION_STARTED] = now
|
||||||
|
// Send session token to browser
|
||||||
|
session.Save(r, w)
|
||||||
|
// Redirect to index.html
|
||||||
|
fmt.Println("Registered user: ", email)
|
||||||
|
http.Redirect(w, r, "/", http.StatusFound)
|
||||||
|
default:
|
||||||
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *Server) handle_logout(w http.ResponseWriter, r *http.Request) {
|
||||||
|
// If session exists
|
||||||
|
if session, err := s.Sessions.Get(r, SESSION_COOKIE_NAME); err == nil {
|
||||||
|
// Remove authorization
|
||||||
|
session.Values[SESSION_AUTH] = false
|
||||||
|
session.Save(r, w)
|
||||||
|
}
|
||||||
|
// Remove session cookie
|
||||||
|
http.SetCookie(w, &http.Cookie{
|
||||||
|
Name: SESSION_COOKIE_NAME,
|
||||||
|
// Negative max age immediately removes the cookie
|
||||||
|
MaxAge: -1,
|
||||||
|
})
|
||||||
|
}
|
Loading…
Reference in a new issue