implement auth properly and add scrobble template

controllers/index.go

@@ -3,11 +3,14 @@ package controllers
 import (
 	"net/http"
 
+	"git.jamesravey.me/ravenscroftj/indiescrobble/scrobble"
 	"github.com/gin-gonic/gin"
 )
 
 func Index(c *gin.Context) {
 	c.HTML(http.StatusOK, "index.tmpl", gin.H{
 		"title": "test",
+		"user": c.GetString("user"),
+		"scrobbleTypes": scrobble.ScrobbleTypeNames,
 	})
 }

controllers/indieauth.go

@@ -50,6 +50,10 @@ func (iam *IndieAuthManager) GetCurrentUser(c *gin.Context) string {
 
 		val, present := tok.Get("user")
 
+		indietok, present := tok.Get("token")
+
+		fmt.Printf("indie token current user: %v", indietok)
+
 		if present {
 			return fmt.Sprintf("%v", val)
 		}else{
@@ -158,6 +162,24 @@ func (iam *IndieAuthManager) saveAuthInfo(w http.ResponseWriter, r *http.Request
 }
 
 
+func (iam *IndieAuthManager) Logout(c *gin.Context) {
+
+	// delete the cookie
+	cookie := &http.Cookie{
+		Name:     "jwt",
+		MaxAge:   -1,
+		Secure:   c.Request.URL.Scheme == "https",
+		HttpOnly: true,
+		Path:     "/",
+		SameSite: http.SameSiteLaxMode,
+	}
+
+	http.SetCookie(c.Writer, cookie)
+	
+	c.Redirect(http.StatusSeeOther, "/")
+
+}
+
 func (iam *IndieAuthManager) IndieAuthLoginPost(c *gin.Context) {
 
 	err := c.Request.ParseForm()
@@ -235,7 +257,17 @@ func (iam *IndieAuthManager) LoginCallbackGet(c *gin.Context) {
 		return
 	}
 
-	profile, err := iam.iac.FetchProfile(i, code)
+
+	// profile, err := iam.iac.FetchProfile(i, code)
+	// if err != nil {
+	// 	c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{
+	// 		"message": err,
+	// 	})
+	// 	return
+	// }
+
+
+	token, _, err := iam.iac.GetToken(i, code)
 	if err != nil {
 		c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{
 			"message": err,
@@ -243,7 +275,10 @@ func (iam *IndieAuthManager) LoginCallbackGet(c *gin.Context) {
 		return
 	}
 
-	if err := indieauth.IsValidProfileURL(profile.Me); err != nil {
+	me := token.Extra("me").(string)
+
+
+	if err := indieauth.IsValidProfileURL(me); err != nil {
 		err = fmt.Errorf("invalid 'me': %w", err)
 		c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{
 			"message": err,
@@ -257,7 +292,8 @@ func (iam *IndieAuthManager) LoginCallbackGet(c *gin.Context) {
 		jwt.SubjectKey:    config.GetString("indieauth.sessionSubject"),
 		jwt.IssuedAtKey:   time.Now().Unix(),
 		jwt.ExpirationKey: expiration,
-		"user":            profile.Me,
+		"user":            me,
+		"token": token.AccessToken,
 	})
 	if err != nil {
 		c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{

controllers/scrobble.go

@@ -0,0 +1,29 @@
+package controllers
+
+import (
+	"net/http"
+
+	"git.jamesravey.me/ravenscroftj/indiescrobble/scrobble"
+	"github.com/gin-gonic/gin"
+)
+
+
+func Scrobble(c *gin.Context){
+
+	err := c.Request.ParseForm()
+
+	if err != nil{
+		c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{
+			"message": err,
+		})
+	}
+
+	// TODO: add validation of type
+	scrobbleType := c.Request.Form.Get("type")
+
+	c.HTML(http.StatusOK, "scrobble.tmpl", gin.H{
+		"user": c.GetString("user"),
+		"scrobbleType": scrobble.ScrobbleTypeNames[scrobbleType],
+	})
+
+}

middlewares/auth.go

@@ -1,21 +1,26 @@
 package middlewares
 
 import (
-	"fmt"
+	"net/http"
 
 	"git.jamesravey.me/ravenscroftj/indiescrobble/controllers"
 	"github.com/gin-gonic/gin"
 )
 
-func AuthMiddleware() gin.HandlerFunc {
+func AuthMiddleware(requireValidUser bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// config := config.GetConfig()
 
 		iam := controllers.NewIndieAuthManager()
 		
+		currentUser := iam.GetCurrentUser(c)
 
+		if requireValidUser && (currentUser == "") {
+			c.SetCookie("jwt", "", -1, "/", "", c.Request.URL.Scheme == "https", true)
+			c.Redirect(http.StatusSeeOther, "/")
+		}
 
-		fmt.Printf("Current user: %v\n", iam.GetCurrentUser(c))
+		c.Set("user", currentUser)
 
 		// reqKey := c.Request.Header.Get("X-Auth-Key")
 		// reqSecret := c.Request.Header.Get("X-Auth-Secret")

scrobble/types.go

@@ -0,0 +1,8 @@
+package scrobble
+
+var ScrobbleTypeNames =  map[string]string {
+	"scrobble" : "🎧 Listen",
+	"tv" : "📺 TV Show",
+	"movie": "🎬 Movie",
+	"read": "📖 Read",
+};

server/router.go

@@ -21,14 +21,22 @@ func NewRouter() *gin.Engine {
 
 	router.GET("/health", health.Status)
 
-	router.Use(middlewares.AuthMiddleware())
+	router.Use(middlewares.AuthMiddleware(false))
 
 	router.GET("/", controllers.Index)
 
 	router.Static("/static", config.GetString("server.static_path"))
 
+	// add auth endpoints
+
 	router.POST("/indieauth", iam.IndieAuthLoginPost)
 	router.GET("/auth", iam.LoginCallbackGet)
+	router.GET("/logout", iam.Logout)
+
+	authed := router.Use(middlewares.AuthMiddleware(true))
+
+	// add scrobble endpoints
+	authed.GET("/scrobble", controllers.Scrobble)
 
 
 

templates/index.tmpl

@@ -4,11 +4,25 @@
 	<body>
 	{{ template "header.tmpl" . }}
 	<main>
+
+	{{ if .user }}
+	Logged in as {{.user}} <a href="/logout"><button>Log Out</button></a>
+
+	<h2>Add A Scrobble</h2>
+
+	I want to add a:
+	<form method="GET" action="/scrobble">
+    {{range $type, $label := .scrobbleTypes }}
+    <label><input type="radio" name="type" value="{{ $type }}"/>{{$label}}</label><br/>
+    {{end}}
+
+	<button type="submit">Next &gt;&gt;</button>
+	</form>
+
+	{{else}}
 		<p>Welcome to indiescrobble! IndieScrobble is a <a href="https://micropub.spec.indieweb.org/">MicroPub</a> compliant tool
 	for posting about your watches, reads and scrobbles directly back to your site.</p>
 
-	{{ if index . "user" }}
-	{{else}}
 	<form action="/indieauth" method="POST">
 	<p>
 		<label>Your domain: </label>

templates/scrobble.tmpl

@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html lang="en">
+	{{ template "head.tmpl" . }}
+	<body>
+	{{ template "header.tmpl" . }}
+	<main>
+
+	{{ if .user }}
+	Logged in as {{.user}} <a href="/logout"><button>Log Out</button></a>
+    {{end}}
+
+	<h2>Add A Post &gt; Add {{ .scrobbleType }}</h2>
+
+
+
+	<button type="submit">Next &gt;&gt;</button>
+	</form>
+
+	</main>
+	</body>
+</html>