From 3345ce304365a577aa7d3f86e1b136b906610f1f Mon Sep 17 00:00:00 2001
From: Thibaut Horel <thibaut.horel@gmail.com>
Date: Fri, 28 Dec 2018 20:12:34 -0500
Subject: First working commit

---
 main.go              |  5 ++++-
 store.go             | 13 +++++++++++--
 templates/login.tmpl |  2 +-
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index a8afe72..a9e3ab6 100644
--- a/main.go
+++ b/main.go
@@ -46,12 +46,15 @@ func (app *App) loginHandler(w http.ResponseWriter, r *http.Request) {
 	if r.Method == http.MethodPost {
 		username := r.FormValue("username")
 		password := r.FormValue("password")
+		next := r.FormValue("next")
 		hash := md5.Sum([]byte(password))
 		dst := make([]byte, hex.EncodedLen(md5.Size))
 		hex.Encode(dst, hash[:])
 		u, ok := app.GetUser(username)
-		next := r.FormValue("next")
 		if ok && subtle.ConstantTimeCompare(u.Password, dst) == 1 {
+			s := app.NewSession(u.Id)
+			c := http.Cookie{Name: "id", Value: s.Id, Domain: ".horel.test"}
+			http.SetCookie(w, &c)
 			http.Redirect(w, r, next, http.StatusSeeOther)
 		} else {
 			app.Template.ExecuteTemplate(w, "login.tmpl", struct {
diff --git a/store.go b/store.go
index 1c8348f..9723b66 100644
--- a/store.go
+++ b/store.go
@@ -20,6 +20,7 @@ type User struct {
 
 type Store interface {
 	GetSession(id string) (*Session, bool)
+	NewSession(userId int64) *Session
 	GetUser(name string) (*User, bool)
 }
 
@@ -42,7 +43,7 @@ func (store *PgStore) GetSession(id string) (*Session, bool) {
 		return s, true
 	}
 	s = new(Session)
-	row := store.QueryRow("SELECT id, user_id FROM session WHERE id = $1", id)
+	row := store.QueryRow("SELECT id, user_id FROM sessions WHERE id = $1", id)
 	if err := row.Scan(&s.Id, &s.UserId); err != nil {
 		return nil, false
 	}
@@ -50,9 +51,17 @@ func (store *PgStore) GetSession(id string) (*Session, bool) {
 	return s, true
 }
 
+func (store *PgStore) NewSession(userId int64) *Session {
+	var id string
+	store.QueryRow("INSERT INTO sessions(user_id) VALUES ($1) RETURNING id", userId).Scan(&id)
+	s := &Session{id, userId}
+	store.sessionCache[s.Id] = s
+	return s
+}
+
 func (store *PgStore) GetUser(name string) (*User, bool) {
 	u := &User{Name: name}
-	row := store.QueryRow("SELECT id, password FROM user WHERE name = $1", name)
+	row := store.QueryRow("SELECT id, password FROM users WHERE name = $1", name)
 	if err := row.Scan(&u.Id, &u.Password); err != nil {
 		return nil, false
 	}
diff --git a/templates/login.tmpl b/templates/login.tmpl
index 67d0000..6f76a4a 100644
--- a/templates/login.tmpl
+++ b/templates/login.tmpl
@@ -29,7 +29,7 @@ button:hover {background-color: #1967be; border-color: #1862b5}
 	<input type="password" id="password" name="password" placeholder="Mot de passe"/>
 
 	<button type="submit" name="login">Se Connecter</button>
-	<input type="hidden" id="next" value="{{.Next}}"/>
+	<input type="hidden" name="next" value="{{.Next}}"/>
   </div>
   <hr>
 </form>
-- 
cgit v1.2.3-70-g09d2