From 39ad130e8166012eb42bbfcbdfa439bd04c7ee76 Mon Sep 17 00:00:00 2001
From: Antonio De Lucreziis <antonio.delucreziis@gmail.com>
Date: Sun, 12 Jun 2022 20:41:12 +0200
Subject: [PATCH] Added logout and some logging

---
 auth/auth.go       |  4 ++++
 auth/ldap.go       | 10 +++++++++-
 auth/memory.go     |  2 +-
 main.go            | 12 +++++++++++-
 views/profilo.html |  3 +++
 5 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/auth/auth.go b/auth/auth.go
index af1253c..ac02bee 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -1,5 +1,9 @@
 package auth
 
+import "fmt"
+
+var ErrInvalidSession = fmt.Errorf(`invalid session token`)
+
 type User interface {
 	GetUsername() string
 	GetName() string
diff --git a/auth/ldap.go b/auth/ldap.go
index a8ebafb..183da64 100644
--- a/auth/ldap.go
+++ b/auth/ldap.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"log"
 	"net/http"
 	"path"
 	"time"
@@ -59,15 +60,22 @@ func (a *LDAPAuthService) doGetRequest(url string, response interface{}) error {
 	)
 
 	if err != nil {
+		log.Printf(`GET %q resulted in %v`, url, err)
 		return err
 	}
 
 	res, err := http.DefaultClient.Do(req)
 	if err != nil {
+		log.Printf(`GET %q resulted in %v`, url, err)
 		return err
 	}
 
-	return json.NewDecoder(res.Body).Decode(response)
+	if err := json.NewDecoder(res.Body).Decode(response); err != nil {
+		log.Printf(`GET %q resulted in %v`, url, err)
+		return err
+	}
+
+	return nil
 }
 
 func (a *LDAPAuthService) doPostRequest(url string, request interface{}, response interface{}) error {
diff --git a/auth/memory.go b/auth/memory.go
index efe9dde..65c02a8 100644
--- a/auth/memory.go
+++ b/auth/memory.go
@@ -89,7 +89,7 @@ func (m *Memory) GetUsers() ([]User, error) {
 func (m *Memory) GetSession(token string) (Session, error) {
 	session, ok := m.Sessions[token]
 	if !ok {
-		return nil, fmt.Errorf(`invalid session token`)
+		return nil, ErrInvalidSession
 	}
 
 	return session, nil
diff --git a/main.go b/main.go
index 4da8ab4..0c08f5d 100644
--- a/main.go
+++ b/main.go
@@ -147,7 +147,7 @@ func main() {
 	app.Get("/profilo", func(c *fiber.Ctx) error {
 		user, ok := c.Locals("user").(auth.User)
 		if !ok || user == nil {
-			return fmt.Errorf(`no logged in user`)
+			return fmt.Errorf(`user not logged in`)
 		}
 
 		c.Type("html")
@@ -156,6 +156,16 @@ func main() {
 		})
 	})
 
+	app.Get("/logout", func(c *fiber.Ctx) error {
+		c.Cookie(&fiber.Cookie{
+			Name:    "session-token",
+			Path:    "/",
+			Value:   "",
+			Expires: time.Now(),
+		})
+		return c.Redirect("/")
+	})
+
 	app.Get("/news/:article", func(c *fiber.Ctx) error {
 		articleID := c.Params("article")
 
diff --git a/views/profilo.html b/views/profilo.html
index f488ef6..d26ca4f 100644
--- a/views/profilo.html
+++ b/views/profilo.html
@@ -9,6 +9,9 @@
     <p>
         Lorem ipsum dolor sit amet consectetur adipisicing elit. Quae earum amet delectus cumque obcaecati minus quos aliquid fugiat reprehenderit voluptatum?
     </p>
+    <p class="center">
+        <a href="/logout">Logout</a>
+    </p>
     <h2>Recupero Credenziali Poisson</h2>
     <p>
         Per il recupero credenziali vieni direttamente al PHC a parlarne con calma con noi altrimenti puoi inviaci una email all'indirizzo <a href="mailto:{{ .Config.Email }}">{{ .Config.Email }}</a> e poi recuperare le nuove credenziali sul sito <a href="https://credenziali.phc.dm.unipi.it/">credenziali.phc.dm.unipi.it</a>.