reads the form values, checks them and creates the token
(w http.ResponseWriter, r *http.Request)
| 153 | |
| 154 | // reads the form values, checks them and creates the token |
| 155 | func authHandler(w http.ResponseWriter, r *http.Request) { |
| 156 | // make sure its post |
| 157 | if r.Method != "POST" { |
| 158 | w.WriteHeader(http.StatusBadRequest) |
| 159 | _, _ = fmt.Fprintln(w, "No POST", r.Method) |
| 160 | return |
| 161 | } |
| 162 | |
| 163 | user := r.FormValue("user") |
| 164 | pass := r.FormValue("pass") |
| 165 | |
| 166 | log.Printf("Authenticate: user[%s] pass[%s]\n", user, pass) |
| 167 | |
| 168 | // check values |
| 169 | if user != "test" || pass != "known" { |
| 170 | w.WriteHeader(http.StatusForbidden) |
| 171 | _, _ = fmt.Fprintln(w, "Wrong info") |
| 172 | return |
| 173 | } |
| 174 | |
| 175 | tokenString, err := createToken(user) |
| 176 | if err != nil { |
| 177 | w.WriteHeader(http.StatusInternalServerError) |
| 178 | _, _ = fmt.Fprintln(w, "Sorry, error while Signing Token!") |
| 179 | log.Printf("Token Signing error: %v\n", err) |
| 180 | return |
| 181 | } |
| 182 | |
| 183 | w.Header().Set("Content-Type", "application/jwt") |
| 184 | w.WriteHeader(http.StatusOK) |
| 185 | _, _ = fmt.Fprintln(w, tokenString) |
| 186 | } |
| 187 | |
| 188 | // only accessible with a valid token |
| 189 | func restrictedHandler(w http.ResponseWriter, r *http.Request) { |
nothing calls this directly
no test coverage detected