Sharkk/Dragon-Knight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update form layouts, add button styles, clean up auth routes

Browse Source
This commit is contained in:
Sky Johnson 2025-08-11 12:07:06 -05:00
parent 5ac348a2d2
commit 1af8333801
5 changed files with 211 additions and 216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
assets/dk.css
View File

@ -163,3 +163,51 @@ form#move-compass {
}
}
}
button.btn {
font-family: inherit;
font-size: 1rem;
appearance: none;
outline: none;
background-color: #808080;
background-image: url("/assets/images/overlay.png");
border: 1px solid #808080;
padding: 0.5rem 1rem;
cursor: pointer;
color: white;
box-shadow: 0px 1px 1px rgba(0, 0, 0, 0.2);
text-shadow: 0px 1px 1px rgba(0, 0, 0, 0.1);
&:hover {
background-color: #909090;
}
}
form.standard {
& > div.row {
display: flex;
flex-direction: column;
margin-bottom: 1.5rem;
label {
font-weight: bold;
}
}
span.help {
font-size: 0.8em;
color: #555;
}
& > div.actions {
margin-top: 1rem;
}
}
.mb-1 {
margin-bottom: 1rem;
}
.mb-05 {
margin-bottom: 0.5rem;
}

BIN
assets/images/overlay.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 261 KiB

251
internal/routes/auth.go
View File

@ -6,7 +6,6 @@ import (
"dk/internal/auth"
"dk/internal/csrf"
"dk/internal/database"
"dk/internal/middleware"
"dk/internal/password"
"dk/internal/router"
@ -21,174 +20,138 @@ import (
func RegisterAuthRoutes(r *router.Router) {
// Guest routes
guestGroup := r.Group("")
guestGroup.Use(middleware.RequireGuest("/"))
guestGroup.Use(middleware.RequireGuest())
guestGroup.Get("/login", showLogin)
guestGroup.Post("/login", processLogin())
guestGroup.Post("/login", processLogin)
guestGroup.Get("/register", showRegister)
guestGroup.Post("/register", processRegister())
guestGroup.Post("/register", processRegister)
// Authenticated routes
authGroup := r.Group("")
authGroup.Use(middleware.RequireAuth("/login"))
authGroup.Use(middleware.RequireAuth())
authGroup.Post("/logout", processLogout())
authGroup.Post("/logout", processLogout)
}
// showLogin displays the login form
func showLogin(ctx router.Ctx, params []string) {
loginTmpl, err := template.Cache.Load("auth/login.html")
if err != nil {
ctx.SetStatusCode(fasthttp.StatusInternalServerError)
fmt.Fprintf(ctx, "Template error: %v", err)
return
}
loginFormData := map[string]any{
func showLogin(ctx router.Ctx, _ []string) {
components.RenderPageTemplate(ctx, "Log In", "auth/login.html", map[string]any{
"csrf_token": csrf.GetToken(ctx, auth.Manager),
"csrf_field": csrf.HiddenField(ctx, auth.Manager),
"error_message": "",
}
loginContent := loginTmpl.RenderNamed(loginFormData)
pageData := components.NewPageData("Login - Dragon Knight", loginContent)
if err := components.RenderPage(ctx, pageData, nil); err != nil {
ctx.SetStatusCode(fasthttp.StatusInternalServerError)
fmt.Fprintf(ctx, "Template error: %v", err)
return
}
})
}
// processLogin handles login form submission
func processLogin() router.Handler {
return func(ctx router.Ctx, params []string) {
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
email := strings.TrimSpace(string(ctx.PostArgs().Peek("email")))
userPassword := string(ctx.PostArgs().Peek("password"))
if email == "" || userPassword == "" {
showLoginError(ctx, "Email and password are required")
return
}
user, err := auth.Manager.Authenticate(email, userPassword)
if err != nil {
showLoginError(ctx, "Invalid email or password")
return
}
middleware.Login(ctx, auth.Manager, user)
// Transfer CSRF token from cookie to session for authenticated user
if cookieToken := csrf.GetTokenFromCookie(ctx); cookieToken != "" {
if session := csrf.GetCurrentSession(ctx); session != nil {
csrf.StoreToken(session, cookieToken)
}
}
ctx.Redirect("/", fasthttp.StatusFound)
func processLogin(ctx router.Ctx, _ []string) {
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
email := strings.TrimSpace(string(ctx.PostArgs().Peek("email")))
userPassword := string(ctx.PostArgs().Peek("password"))
if email == "" || userPassword == "" {
showLoginError(ctx, "Email and password are required")
return
}
user, err := auth.Manager.Authenticate(email, userPassword)
if err != nil {
showLoginError(ctx, "Invalid email or password")
return
}
middleware.Login(ctx, auth.Manager, user)
// Transfer CSRF token from cookie to session for authenticated user
if cookieToken := csrf.GetTokenFromCookie(ctx); cookieToken != "" {
if session := csrf.GetCurrentSession(ctx); session != nil {
csrf.StoreToken(session, cookieToken)
}
}
ctx.Redirect("/", fasthttp.StatusFound)
}
// showRegister displays the registration form
func showRegister(ctx router.Ctx, _ []string) {
registerTmpl, err := template.Cache.Load("auth/register.html")
if err != nil {
ctx.SetStatusCode(fasthttp.StatusInternalServerError)
fmt.Fprintf(ctx, "Template error: %v", err)
return
}
registerContent := registerTmpl.RenderNamed(map[string]any{
components.RenderPageTemplate(ctx, "Register", "auth/register.html", map[string]any{
"csrf_token": csrf.GetToken(ctx, auth.Manager),
"csrf_field": csrf.HiddenField(ctx, auth.Manager),
"error_message": "",
"username": "",
"email": "",
})
pageData := components.NewPageData("Register - Dragon Knight", registerContent)
if err := components.RenderPage(ctx, pageData, nil); err != nil {
ctx.SetStatusCode(fasthttp.StatusInternalServerError)
fmt.Fprintf(ctx, "Template error: %v", err)
return
}
}
// processRegister handles registration form submission
func processRegister() router.Handler {
return func(ctx router.Ctx, params []string) {
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
username := strings.TrimSpace(string(ctx.PostArgs().Peek("username")))
email := strings.TrimSpace(string(ctx.PostArgs().Peek("email")))
userPassword := string(ctx.PostArgs().Peek("password"))
confirmPassword := string(ctx.PostArgs().Peek("confirm_password"))
if err := validateRegistration(username, email, userPassword, confirmPassword); err != nil {
showRegisterError(ctx, err.Error(), username, email)
return
}
if _, err := users.GetByUsername(username); err == nil {
showRegisterError(ctx, "Username already exists", username, email)
return
}
if _, err := users.GetByEmail(email); err == nil {
showRegisterError(ctx, "Email already registered", username, email)
return
}
user := users.New()
user.Username = username
user.Email = email
user.Password = password.Hash(userPassword)
user.ClassID = 1
user.Auth = 1
if err := user.Insert(); err != nil {
showRegisterError(ctx, "Failed to create account", username, email)
return
}
// Auto-login after registration
middleware.Login(ctx, auth.Manager, user)
// Transfer CSRF token from cookie to session for authenticated user
if cookieToken := csrf.GetTokenFromCookie(ctx); cookieToken != "" {
if session := csrf.GetCurrentSession(ctx); session != nil {
csrf.StoreToken(session, cookieToken)
}
}
ctx.Redirect("/", fasthttp.StatusFound)
func processRegister(ctx router.Ctx, _ []string) {
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
username := strings.TrimSpace(string(ctx.PostArgs().Peek("username")))
email := strings.TrimSpace(string(ctx.PostArgs().Peek("email")))
userPassword := string(ctx.PostArgs().Peek("password"))
confirmPassword := string(ctx.PostArgs().Peek("confirm_password"))
if err := validateRegistration(username, email, userPassword, confirmPassword); err != nil {
showRegisterError(ctx, err.Error(), username, email)
return
}
if _, err := users.GetByUsername(username); err == nil {
showRegisterError(ctx, "Username already exists", username, email)
return
}
if _, err := users.GetByEmail(email); err == nil {
showRegisterError(ctx, "Email already registered", username, email)
return
}
user := users.New()
user.Username = username
user.Email = email
user.Password = password.Hash(userPassword)
user.ClassID = 1
user.Auth = 1
if err := user.Insert(); err != nil {
showRegisterError(ctx, "Failed to create account", username, email)
return
}
// Auto-login after registration
middleware.Login(ctx, auth.Manager, user)
// Transfer CSRF token from cookie to session for authenticated user
if cookieToken := csrf.GetTokenFromCookie(ctx); cookieToken != "" {
if session := csrf.GetCurrentSession(ctx); session != nil {
csrf.StoreToken(session, cookieToken)
}
}
ctx.Redirect("/", fasthttp.StatusFound)
}
// processLogout handles logout
func processLogout() router.Handler {
return func(ctx router.Ctx, params []string) {
// Validate CSRF token
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
middleware.Logout(ctx, auth.Manager)
ctx.Redirect("/", fasthttp.StatusFound)
func processLogout(ctx router.Ctx, params []string) {
// Validate CSRF token
if !csrf.ValidateFormToken(ctx, auth.Manager) {
ctx.SetStatusCode(fasthttp.StatusForbidden)
ctx.WriteString("CSRF validation failed")
return
}
middleware.Logout(ctx, auth.Manager)
ctx.Redirect("/", fasthttp.StatusFound)
}
// Helper functions
@ -279,23 +242,3 @@ func validateRegistration(username, email, password, confirmPassword string) err
}
return nil
}
// createUser inserts a new user into the database
// This is a simplified version - in a real app you'd have a proper users.Create function
func createUser(user *users.User) error {
query := `INSERT INTO users (username, password, email, verified, auth) VALUES (?, ?, ?, ?, ?)`
err := database.Exec(query, user.Username, user.Password, user.Email, user.Verified, user.Auth)
if err != nil {
return fmt.Errorf("failed to insert user: %w", err)
}
// Get the user ID (simplified - in real app you'd return it from insert)
createdUser, err := users.GetByUsername(user.Username)
if err != nil {
return fmt.Errorf("failed to get created user: %w", err)
}
user.ID = createdUser.ID
return nil
}

46
templates/auth/login.html
View File

@ -1,28 +1,30 @@
<h1>Log In</h1>
{error_message}
<form action="/login" method="post">
<form class="standard mb-1" action="/login" method="post">
{csrf_field}
<table width="75%">
<tr>
<td width="30%">Email/Username:</td>
<td><input type="text" size="30" name="email" required></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" size="30" name="password" required></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="Log In"></td>
</tr>
<tr>
<td colspan="2">
Want to play? You gotta <a href="/register">register your own character.</a>
<br><br>
<div class="row">
<label for="id">Email/Username</label>
<input id="id" type="text" name="id" required>
</div>
You may also <a href="/change-password">change your password</a>, or
<a href="/lost-password">request a new one</a> if you've lost yours.
</td>
</tr>
</table>
<div class="row">
<label for="password">Password</label>
<input id="password" type="password" name="password" required>
</div>
<div class="actions">
<button class="btn" type="submit">Log in</button>
</div>
</form>
<p class="mb-1">
Want to play? You gotta <a href="/register">register your own character.</a>
</p>
<p>
You may also <a href="/change-password">change your password</a>, or
<a href="/lost-password">request a new one</a> if you've lost yours.
</p>

82
templates/auth/register.html
View File

@ -1,44 +1,46 @@
<h1>Register</h1>
{error_message}
<form action="/register" method="post">
<form class="standard" action="/register" method="post">
{csrf_field}
<table width="80%">
<tr>
<td width="20%">Username:</td>
<td>
<input type="text" name="username" size="30" maxlength="30" value="{username}" required>
<br>
Usernames must be 30 alphanumeric characters or less.
<br><br><br>
</td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" size="30" required></td>
</tr>
<tr>
<td>Verify Password:</td>
<td>
<input type="password" name="confirm_password" size="30" required>
<br>
Passwords must be at least 6 characters.
<br><br><br>
</td>
</tr>
<tr>
<td>Email Address:</td>
<td>
<input type="email" name="email" size="30" maxlength="100" value="{email}" required>
<br>
A valid email address is required.
<br><br><br>
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" name="submit" value="Register">
<input type="reset" name="reset" value="Reset">
</td>
</tr>
</table>
<div class="row">
<div>
<label for="username">Username</label>
<span class="help">Must be 30 alphanumeric characters or less.</span>
</div>
<input type="text" id="username" name="username" maxlength="30" value="{username}" required>
</div>
<div class="row">
<div>
<label for="password">Password</label>
<span class="help">Passwords must be at least 6 characters.</span>
</div>
<input type="password" id="password" name="password" required class="mb-05">
<label for="confirm_password">Verify Password</label>
<input type="password" id="confirm_password" name="confirm_password" required>
</div>
<div class="row">
<label for="email">Email</label>
<input type="email" id="email" name="email" maxlength="100" value="{email}" required>
</div>
<div class="row">
<label for="charclass">Class</label>
<select id="charclass" name="charclass">
<option>Choose a Class</option>
<option value="1">Mage</option>
<option value="2">Warrior</option>
<option value="3">Paladin</option>
</select>
</div>
<div class="actions">
<button class="btn" type="submit" name="submit">Register</button>
<button class="btn" type="reset" name="reset">Reset</button>
</div>
</form>