Commit 4d8c2f63ef5353d4dd5ef9fc65e0cd9b3142a413 – server – lindenii/forge/

Commit info
ID	4d8c2f63ef5353d4dd5ef9fc65e0cd9b3142a413
Author	Runxi Yu<me@runxiyu.org>
Author date	Thu, 13 Feb 2025 08:46:43 +0800
Committer	Runxi Yu<me@runxiyu.org>
Committer date	Thu, 13 Feb 2025 08:46:43 +0800
Actions	Get patch

package main

import (
	"bufio"
	"context"
	"errors"
	"os"

	"github.com/jackc/pgx/v5/pgxpool"
	"go.lindenii.runxiyu.org/lindenii-common/scfg"
)

var database *pgxpool.Pool

var err_unsupported_database_type = errors.New("Unsupported database type")

var config struct {
	HTTP struct {
		Net  string `scfg:"net"`
		Addr string `scfg:"addr"`

		CookieExpiry int `scfg:"cookie_expiry"`

	} `scfg:"http"`
	SSH struct {
		Net  string `scfg:"net"`
		Addr string `scfg:"addr"`
		Key  string `scfg:"key"`
	} `scfg:"ssh"`
	Git struct {
		Root string `scfg:"root"`
	} `scfg:"git"`
	DB struct {
		Type string `scfg:"type"`
		Conn string `scfg:"conn"`
	} `scfg:"db"`
}

func load_config(path string) (err error) {
	config_file, err := os.Open(path)
	if err != nil {
		return err
	}
	defer config_file.Close()

	decoder := scfg.NewDecoder(bufio.NewReader(config_file))
	err = decoder.Decode(&config)
	if err != nil {
		return err
	}

	if config.DB.Type != "postgres" {
		return err_unsupported_database_type
	}
	database, err = pgxpool.New(context.Background(), config.DB.Conn)
	if err != nil {
		return err
	}

	return nil
}

http {
	net tcp
	addr :8080

	cookie_expiry 604800

}

ssh {
	net tcp
	addr :2222
	key /etc/ssh/ssh_host_ed25519_key
}

db {
	type postgres
	conn postgresql:///lindenii-forge?host=/var/run/postgresql
}

git {
	root /srv/git
}

package main

import (

	"crypto/rand"
	"encoding/base64"

	"errors"
	"fmt"
	"net/http"

	"time"


	"github.com/alexedwards/argon2id"
	"github.com/jackc/pgx/v5"
)

func handle_login(w http.ResponseWriter, r *http.Request, params map[string]any) {
	if r.Method != "POST" {
		err := templates.ExecuteTemplate(w, "login", params)
		if err != nil {
			fmt.Fprintln(w, "Error rendering template:", err.Error())
		}
		return
	}

	var user_id int
	username := r.PostFormValue("username")
	password := r.PostFormValue("password")

	var password_hash string
	err := database.QueryRow(r.Context(), "SELECT id, password FROM users WHERE username = $1", username).Scan(&user_id, &password_hash)
	if err != nil {
		if errors.Is(err, pgx.ErrNoRows) {
			params["login_error"] = "Unknown username"
			err := templates.ExecuteTemplate(w, "login", params)
			if err != nil {
				fmt.Fprintln(w, "Error rendering template:", err.Error())
			}
			return
		}
		fmt.Fprintln(w, "Error querying user information:", err.Error())
		return
	}

	match, err := argon2id.ComparePasswordAndHash(password, password_hash)
	if err != nil {
		fmt.Fprintln(w, "Error comparing password and hash:", err.Error())
		return
	}

	if !match {
		params["login_error"] = "Invalid password"
		err := templates.ExecuteTemplate(w, "login", params)
		if err != nil {
			fmt.Fprintln(w, "Error rendering template:", err.Error())
			return
		}
		return
	}

	cookie_value, err := random_urlsafe_string(16)
	now := time.Now()
	expiry := now.Add(time.Duration(config.HTTP.CookieExpiry) * time.Second)

	cookie := http.Cookie{
		Name:     "session",
		Value:    cookie_value,
		SameSite: http.SameSiteLaxMode,
		HttpOnly: true,
		Secure:   false, // TODO
		Expires:  expiry,
		Path:     "/",
		// TODO: Expire
	}

	http.SetCookie(w, &cookie)

	_, err = database.Exec(r.Context(), "INSERT INTO sessions (user_id, session_id) VALUES ($1, $2)", user_id, cookie_value)
	if err != nil {
		fmt.Fprintln(w, "Error inserting session:", err.Error())
		return
	}

	http.Redirect(w, r, "/", http.StatusSeeOther)
}

func random_urlsafe_string(sz int) (string, error) {
	r := make([]byte, 3*sz)
	_, err := rand.Read(r)
	if err != nil {
		return "", fmt.Errorf("error generating random string: %w", err)
	}
	return base64.RawURLEncoding.EncodeToString(r), nil