From 76bee566cdce490b8d99422b22baad7c9b93b94e Mon Sep 17 00:00:00 2001 From: Muyao CHEN Date: Sun, 30 Jun 2024 10:31:15 +0200 Subject: [PATCH] Creating handlers for forms & adding CSRF Protection --- cmd/web/routes.go | 1 + pkg/handlers/handlers.go | 22 +++++++++++++++------- pkg/render/render.go | 9 ++++++--- templates/generals.page.tmpl | 4 ++-- templates/majors.page.tmpl | 4 ++-- templates/reservation.page.tmpl | 3 ++- 6 files changed, 28 insertions(+), 15 deletions(-) diff --git a/cmd/web/routes.go b/cmd/web/routes.go index 0f5f6b1..cefcc09 100644 --- a/cmd/web/routes.go +++ b/cmd/web/routes.go @@ -23,6 +23,7 @@ func routes(app *config.AppConfig) http.Handler { mux.Get("/generals-quarters", handlers.Repo.Generals) mux.Get("/majors-suite", handlers.Repo.Majors) mux.Get("/reservation", handlers.Repo.Reservation) + mux.Post("/reservation", handlers.Repo.PostReservation) mux.Get("/make-reservation", handlers.Repo.MakeReservation) fileServer := http.FileServer(http.Dir("./static/")) diff --git a/pkg/handlers/handlers.go b/pkg/handlers/handlers.go index c257973..50fe408 100644 --- a/pkg/handlers/handlers.go +++ b/pkg/handlers/handlers.go @@ -1,6 +1,7 @@ package handlers import ( + "fmt" "go-udemy-web-1/pkg/config" "go-udemy-web-1/pkg/models" "go-udemy-web-1/pkg/render" @@ -32,7 +33,7 @@ func (m *Repository) Home(w http.ResponseWriter, r *http.Request) { remoteIP := r.RemoteAddr m.App.Session.Put(r.Context(), "remote_ip", remoteIP) - render.RenderTemplate(w, "home.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "home.page.tmpl", &models.TemplateData{}) } // About is the about page handler @@ -45,30 +46,37 @@ func (m *Repository) About(w http.ResponseWriter, r *http.Request) { stringMap["remote_ip"] = remoteIP // send the data to the template - render.RenderTemplate(w, "about.page.tmpl", &models.TemplateData{StringMap: stringMap}) + render.RenderTemplate(w, r, "about.page.tmpl", &models.TemplateData{StringMap: stringMap}) } // Contact is the contact page handler func (m *Repository) Contact(w http.ResponseWriter, r *http.Request) { - render.RenderTemplate(w, "contact.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "contact.page.tmpl", &models.TemplateData{}) } // Generals is the General's Quarters page handler func (m *Repository) Generals(w http.ResponseWriter, r *http.Request) { - render.RenderTemplate(w, "generals.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "generals.page.tmpl", &models.TemplateData{}) } // Majors is the Major's Suite page handler func (m *Repository) Majors(w http.ResponseWriter, r *http.Request) { - render.RenderTemplate(w, "majors.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "majors.page.tmpl", &models.TemplateData{}) } // MakeReservation is the make reservation page handler func (m *Repository) MakeReservation(w http.ResponseWriter, r *http.Request) { - render.RenderTemplate(w, "make-reservation.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "make-reservation.page.tmpl", &models.TemplateData{}) } // MakeReservation is the make reservation page handler func (m *Repository) Reservation(w http.ResponseWriter, r *http.Request) { - render.RenderTemplate(w, "reservation.page.tmpl", &models.TemplateData{}) + render.RenderTemplate(w, r, "reservation.page.tmpl", &models.TemplateData{}) +} + +// MakeReservation is the make reservation page handler +func (m *Repository) PostReservation(w http.ResponseWriter, r *http.Request) { + start := r.Form.Get("start") + end := r.Form.Get("end") + fmt.Fprintf(w, "Posted to search availability from %s to %s", start, end) } diff --git a/pkg/render/render.go b/pkg/render/render.go index 84f8bc7..a932101 100644 --- a/pkg/render/render.go +++ b/pkg/render/render.go @@ -8,6 +8,8 @@ import ( "log" "net/http" "path/filepath" + + "github.com/justinas/nosurf" ) var app *config.AppConfig @@ -18,12 +20,13 @@ func NewTemplates(a *config.AppConfig) { } // AddDefaultData adds default template data -func AddDefaultData(td *models.TemplateData) *models.TemplateData { +func AddDefaultData(td *models.TemplateData, r *http.Request) *models.TemplateData { + td.CSRFToken = nosurf.Token(r) return td } // RenderTemplate renders a HTML template file -func RenderTemplate(w http.ResponseWriter, tmpl string, td *models.TemplateData) { +func RenderTemplate(w http.ResponseWriter, r *http.Request, tmpl string, td *models.TemplateData) { var tc map[string]*template.Template if app.UseCache { // get the template cache from the app config @@ -42,7 +45,7 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, td *models.TemplateData) // written successfully buf := new(bytes.Buffer) - td = AddDefaultData(td) + td = AddDefaultData(td, r) err := t.Execute(buf, td) if err != nil { diff --git a/templates/generals.page.tmpl b/templates/generals.page.tmpl index bba3fdd..983f9ad 100644 --- a/templates/generals.page.tmpl +++ b/templates/generals.page.tmpl @@ -23,14 +23,14 @@
- +
{{end}} {{define "js"}}