Creating handlers for forms & adding CSRF Protection
This commit is contained in:
Muyao CHEN
parent
592d5241d1
commit
76bee566cd
@ -23,6 +23,7 @@ func routes(app *config.AppConfig) http.Handler {
|
|||||||
mux.Get("/generals-quarters", handlers.Repo.Generals)
|
mux.Get("/generals-quarters", handlers.Repo.Generals)
|
||||||
mux.Get("/majors-suite", handlers.Repo.Majors)
|
mux.Get("/majors-suite", handlers.Repo.Majors)
|
||||||
mux.Get("/reservation", handlers.Repo.Reservation)
|
mux.Get("/reservation", handlers.Repo.Reservation)
|
||||||
|
mux.Post("/reservation", handlers.Repo.PostReservation)
|
||||||
mux.Get("/make-reservation", handlers.Repo.MakeReservation)
|
mux.Get("/make-reservation", handlers.Repo.MakeReservation)
|
||||||
|
|
||||||
fileServer := http.FileServer(http.Dir("./static/"))
|
fileServer := http.FileServer(http.Dir("./static/"))
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
package handlers
|
package handlers
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
"go-udemy-web-1/pkg/config"
|
"go-udemy-web-1/pkg/config"
|
||||||
"go-udemy-web-1/pkg/models"
|
"go-udemy-web-1/pkg/models"
|
||||||
"go-udemy-web-1/pkg/render"
|
"go-udemy-web-1/pkg/render"
|
||||||
@ -32,7 +33,7 @@ func (m *Repository) Home(w http.ResponseWriter, r *http.Request) {
|
|||||||
remoteIP := r.RemoteAddr
|
remoteIP := r.RemoteAddr
|
||||||
m.App.Session.Put(r.Context(), "remote_ip", remoteIP)
|
m.App.Session.Put(r.Context(), "remote_ip", remoteIP)
|
||||||
|
|
||||||
render.RenderTemplate(w, "home.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "home.page.tmpl", &models.TemplateData{})
|
||||||
}
|
}
|
||||||
|
|
||||||
// About is the about page handler
|
// About is the about page handler
|
||||||
@ -45,30 +46,37 @@ func (m *Repository) About(w http.ResponseWriter, r *http.Request) {
|
|||||||
stringMap["remote_ip"] = remoteIP
|
stringMap["remote_ip"] = remoteIP
|
||||||
|
|
||||||
// send the data to the template
|
// send the data to the template
|
||||||
render.RenderTemplate(w, "about.page.tmpl", &models.TemplateData{StringMap: stringMap})
|
render.RenderTemplate(w, r, "about.page.tmpl", &models.TemplateData{StringMap: stringMap})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Contact is the contact page handler
|
// Contact is the contact page handler
|
||||||
func (m *Repository) Contact(w http.ResponseWriter, r *http.Request) {
|
func (m *Repository) Contact(w http.ResponseWriter, r *http.Request) {
|
||||||
render.RenderTemplate(w, "contact.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "contact.page.tmpl", &models.TemplateData{})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generals is the General's Quarters page handler
|
// Generals is the General's Quarters page handler
|
||||||
func (m *Repository) Generals(w http.ResponseWriter, r *http.Request) {
|
func (m *Repository) Generals(w http.ResponseWriter, r *http.Request) {
|
||||||
render.RenderTemplate(w, "generals.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "generals.page.tmpl", &models.TemplateData{})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Majors is the Major's Suite page handler
|
// Majors is the Major's Suite page handler
|
||||||
func (m *Repository) Majors(w http.ResponseWriter, r *http.Request) {
|
func (m *Repository) Majors(w http.ResponseWriter, r *http.Request) {
|
||||||
render.RenderTemplate(w, "majors.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "majors.page.tmpl", &models.TemplateData{})
|
||||||
}
|
}
|
||||||
|
|
||||||
// MakeReservation is the make reservation page handler
|
// MakeReservation is the make reservation page handler
|
||||||
func (m *Repository) MakeReservation(w http.ResponseWriter, r *http.Request) {
|
func (m *Repository) MakeReservation(w http.ResponseWriter, r *http.Request) {
|
||||||
render.RenderTemplate(w, "make-reservation.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "make-reservation.page.tmpl", &models.TemplateData{})
|
||||||
}
|
}
|
||||||
|
|
||||||
// MakeReservation is the make reservation page handler
|
// MakeReservation is the make reservation page handler
|
||||||
func (m *Repository) Reservation(w http.ResponseWriter, r *http.Request) {
|
func (m *Repository) Reservation(w http.ResponseWriter, r *http.Request) {
|
||||||
render.RenderTemplate(w, "reservation.page.tmpl", &models.TemplateData{})
|
render.RenderTemplate(w, r, "reservation.page.tmpl", &models.TemplateData{})
|
||||||
|
}
|
||||||
|
|
||||||
|
// MakeReservation is the make reservation page handler
|
||||||
|
func (m *Repository) PostReservation(w http.ResponseWriter, r *http.Request) {
|
||||||
|
start := r.Form.Get("start")
|
||||||
|
end := r.Form.Get("end")
|
||||||
|
fmt.Fprintf(w, "Posted to search availability from %s to %s", start, end)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,6 +8,8 @@ import (
|
|||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
|
"github.com/justinas/nosurf"
|
||||||
)
|
)
|
||||||
|
|
||||||
var app *config.AppConfig
|
var app *config.AppConfig
|
||||||
@ -18,12 +20,13 @@ func NewTemplates(a *config.AppConfig) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// AddDefaultData adds default template data
|
// AddDefaultData adds default template data
|
||||||
func AddDefaultData(td *models.TemplateData) *models.TemplateData {
|
func AddDefaultData(td *models.TemplateData, r *http.Request) *models.TemplateData {
|
||||||
|
td.CSRFToken = nosurf.Token(r)
|
||||||
return td
|
return td
|
||||||
}
|
}
|
||||||
|
|
||||||
// RenderTemplate renders a HTML template file
|
// RenderTemplate renders a HTML template file
|
||||||
func RenderTemplate(w http.ResponseWriter, tmpl string, td *models.TemplateData) {
|
func RenderTemplate(w http.ResponseWriter, r *http.Request, tmpl string, td *models.TemplateData) {
|
||||||
var tc map[string]*template.Template
|
var tc map[string]*template.Template
|
||||||
if app.UseCache {
|
if app.UseCache {
|
||||||
// get the template cache from the app config
|
// get the template cache from the app config
|
||||||
@ -42,7 +45,7 @@ func RenderTemplate(w http.ResponseWriter, tmpl string, td *models.TemplateData)
|
|||||||
// written successfully
|
// written successfully
|
||||||
buf := new(bytes.Buffer)
|
buf := new(bytes.Buffer)
|
||||||
|
|
||||||
td = AddDefaultData(td)
|
td = AddDefaultData(td, r)
|
||||||
|
|
||||||
err := t.Execute(buf, td)
|
err := t.Execute(buf, td)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -23,14 +23,14 @@
|
|||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="d-flex justify-content-center py-3">
|
<div class="d-flex justify-content-center py-3">
|
||||||
<button id="make-reservation" class="btn btn-success">Check Availability</button>
|
<button id="check-availability" class="btn btn-success">Check Availability</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
{{define "js"}}
|
{{define "js"}}
|
||||||
<script>
|
<script>
|
||||||
document.getElementById("make-reservation").addEventListener('click', () => {
|
document.getElementById("check-availability").addEventListener('click', () => {
|
||||||
let html = `
|
let html = `
|
||||||
<form action="reservation.html" method="get" novalidate class="needs-validation">
|
<form action="reservation.html" method="get" novalidate class="needs-validation">
|
||||||
<div id="reservation-dates-modal" class="row">
|
<div id="reservation-dates-modal" class="row">
|
||||||
|
|||||||
@ -23,14 +23,14 @@
|
|||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="d-flex justify-content-center py-3">
|
<div class="d-flex justify-content-center py-3">
|
||||||
<button id="make-reservation" class="btn btn-success">Check Availability</button>
|
<button id="check-availability" class="btn btn-success">Check Availability</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
{{define "js"}}
|
{{define "js"}}
|
||||||
<script>
|
<script>
|
||||||
document.getElementById("make-reservation").addEventListener('click', () => {
|
document.getElementById("check-availability").addEventListener('click', () => {
|
||||||
let html = `
|
let html = `
|
||||||
<form action="reservation.html" method="get" novalidate class="needs-validation">
|
<form action="reservation.html" method="get" novalidate class="needs-validation">
|
||||||
<div id="reservation-dates-modal" class="row">
|
<div id="reservation-dates-modal" class="row">
|
||||||
|
|||||||
@ -7,7 +7,8 @@
|
|||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<h1 class="text-center mt-5">Search for Availability</h1>
|
<h1 class="text-center mt-5">Search for Availability</h1>
|
||||||
|
|
||||||
<form action="reservation.html" method="get" novalidate class="needs-validation">
|
<form action="/reservation" method="post" novalidate class="needs-validation">
|
||||||
|
<input type="hidden" name="csrf_token" value="{{.CSRFToken}}">
|
||||||
<div id="reservation-dates" class="row">
|
<div id="reservation-dates" class="row">
|
||||||
<div class="col mb-3">
|
<div class="col mb-3">
|
||||||
<input required type="text" class="form-control" name="start" placeholder="Arrival">
|
<input required type="text" class="form-control" name="start" placeholder="Arrival">
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user