added fallback middleware

2025-05-12 09:30:38 +02:00
parent ca99d8fb87
commit 73ff28347a
6 changed files with 161 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,44 @@
 blog.db
+backend
 **/.DS_Store
+# See https://docs.github.com/get-started/getting-started-with-git/ignoring-files for more about ignoring files.
+
+# Compiled output
+web/dist
+web/tmp
+web/out-tsc
+web/bazel-out
+
+# Node
+web/node_modules
+web/npm-debug.log
+web/yarn-error.log
+
+# IDEs and editors
+web/.idea/
+web/.project
+web/.classpath
+web/.c9/
+web/*.launch
+web/.settings/
+web/*.sublime-workspace
+
+# Visual Studio Code
+web/.vscode/*
+web/!.vscode/settings.json
+web/!.vscode/tasks.json
+web/!.vscode/launch.json
+web/!.vscode/extensions.json
+web/.history/*
+
+# Miscellaneous
+web/.angular/cache
+web/.sass-cache/
+web/connect.lock
+web/coverage
+web/libpeerconnection.log
+testem.log
+web/typings
+
+# System files
+web/Thumbs.db
--- a/BIN
+++ b/BIN
--- a/internal/auth/controller.go
+++ b/internal/auth/controller.go
@ -50,6 +50,45 @@ func (s *Service) Signup(w http.ResponseWriter, r *http.Request) {
 	}
 }

+// Signup handles user signup by decoding request body, hashing the password, and saving user data to the database.
+func (s *Service) ChangePassword(w http.ResponseWriter, r *http.Request) {
+	var err error
+	var login Login
+	var password []byte
+
+	claims, ok := ExtractClaims(r.Context())
+	if !ok {
+		log.Println("Error while extracting claims")
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	if err = json.NewDecoder(r.Body).Decode(&login); err != nil {
+		w.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	if len([]byte(login.Password)) > 72 {
+		fmt.Fprint(w, "Password to long, max 72 bytes")
+		w.WriteHeader(http.StatusBadRequest)
+		return
+	}
+	if password, err = bcrypt.GenerateFromPassword([]byte(login.Password), 6); err != nil {
+		log.Println("Error: ", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	err = s.db.Model(&model.User{}).Where("id = ?", claims.UserID).Update("password", password).Error
+	if err != nil {
+
+		log.Printf("Error: %v", err)
+		w.WriteHeader(http.StatusInternalServerError)
+	}
+
+	w.WriteHeader(http.StatusOK)
+}
+
 // Login handles user login by decoding request body, verifying credentials, and returning a JWT token.
 func (s *Service) Login(w http.ResponseWriter, r *http.Request) {
 	var login Login
--- a/internal/initialize/inject.go
+++ b/internal/initialize/inject.go
@ -19,9 +19,7 @@ func CreateMux(cfg *config.Config) (r *mux.Router) {
 	r.Use(cors.HandlerForOrigin("*"))

 	app(r.PathPrefix("/api").Subrouter(), cfg)
-
-	frontend := web.Frontend
-	r.PathPrefix("/").Handler(middlewares.AddPrefix("/dist/frontend/browser", http.FileServerFS(frontend)))
+	frontend(r.PathPrefix("/"))

 	r.Methods("OPTIONS").HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// The CORS middleware should set up the headers for you
@ -31,15 +29,28 @@ func CreateMux(cfg *config.Config) (r *mux.Router) {
 	return
 }

+func frontend(r *mux.Route) {
+	frontend := web.Frontend
+	r.Handler(
+		middlewares.AddPrefix("/dist/frontend/browser",
+			middlewares.FallbackFile(
+				frontend,
+				"/dist/frontend/browser/index.html",
+				http.FileServerFS(frontend),
+			),
+		))
+}
+
 func app(r *mux.Router, cfg *config.Config) {
 	db := model.Init()
 	blg := posts.New(db)
 	auth := auth.New(&cfg.Auth, db)

 	// auth
-	r.HandleFunc("/login", auth.Login).Methods("POST")
-	r.HandleFunc("/signup", auth.Signup).Methods("POST")
-	r.Handle("/logout", auth.Authenticated(auth.Logout)).Methods("DELETE")
+	r.HandleFunc("/auth/login", auth.Login).Methods("POST")
+	r.HandleFunc("/auth/signup", auth.Signup).Methods("POST")
+	r.Handle("/auth/password", auth.Authenticated(auth.ChangePassword)).Methods("PUT")
+	r.Handle("/auth/logout", auth.Authenticated(auth.Logout)).Methods("DELETE")

 	// Posts
 	r.Handle("/posts", auth.Authenticated(blg.SavePost, model.RoleUser, model.RoleAdmin)).Methods("POST")
--- a/pkg/middlewares/fallback.go
+++ b/pkg/middlewares/fallback.go
@ -0,0 +1,61 @@
+package middlewares
+
+import (
+	"bytes"
+	"io/fs"
+	"log"
+	"net/http"
+)
+
+// FallbackFile serves a fallback file if the next handler returns a 404.
+// fs: The file system to serve the fallback file from.
+// name: The name of the fallback file.
+// next: The next handler to serve.
+func FallbackFile(fs fs.FS, name string, next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		bw := &buffedResponseWriter{
+			w,
+			0,
+			bytes.NewBuffer([]byte{}),
+		}
+		next.ServeHTTP(bw, r)
+
+		if bw.statusCode == http.StatusNotFound {
+			bw.Clear()
+
+			http.ServeFileFS(bw, r, fs, name)
+			bw.WriteHeader(http.StatusOK)
+			bw.Header().Add("Content-Type", "text/html; charset=utf-8")
+		}
+		bw.Apply()
+	})
+}
+
+type buffedResponseWriter struct {
+	http.ResponseWriter
+	statusCode int
+	buff       *bytes.Buffer
+}
+
+func (b *buffedResponseWriter) WriteHeader(code int) {
+	b.statusCode = code
+}
+
+func (b *buffedResponseWriter) Write(p []byte) (int, error) {
+	return b.buff.Write(p)
+}
+
+func (b *buffedResponseWriter) Clear() {
+	b.buff.Reset()
+}
+
+func (b *buffedResponseWriter) Apply() {
+	_, err := b.ResponseWriter.Write(b.buff.Bytes())
+	if err != nil {
+		log.Println("Error while applying buffedResponseWriter: ", err)
+		b.ResponseWriter.WriteHeader(http.StatusInternalServerError)
+	}
+	if b.statusCode != 200 {
+		b.ResponseWriter.WriteHeader(b.statusCode)
+	}
+}
--- a/web/src/app/shared/services/auth.service.ts
+++ b/web/src/app/shared/services/auth.service.ts
@ -73,11 +73,11 @@ export class AuthService {

  login(user: User) {
    this.http
-      .post<LoginResponse>(`${environment.apiRoot}/login`, user)
+      .post<LoginResponse>(`${environment.apiRoot}/auth/login`, user)
      .subscribe((res) => this.jwt.set(res.token));
  }
  logout() {
-    this.http.delete(`${environment.apiRoot}/logout`).subscribe(() => {
+    this.http.delete(`${environment.apiRoot}/auth/logout`).subscribe(() => {
      this.jwt.set(null);
    });
  }