furu04/Super-HomeworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

CAPTCHAと2FAを実装

Browse Source
This commit is contained in:
furu04
2026-03-24 18:40:38 +09:00
parent 080bd1f8d7
commit 1113477111
17 changed files with 798 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/router/router.go
View File

@@ -14,6 +14,7 @@ import (
"homework-manager/internal/middleware"
"homework-manager/internal/service"
"github.com/dchest/captcha"
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
"github.com/gin-gonic/gin"
@@ -175,7 +176,8 @@ func Setup(cfg *config.Config) *gin.Engine {
r.Use(middleware.RequestTimer())
securityConfig := middleware.SecurityConfig{
HTTPS: cfg.HTTPS,
HTTPS: cfg.HTTPS,
TurnstileEnabled: cfg.Captcha.Enabled && cfg.Captcha.Type == "turnstile",
}
r.Use(middleware.SecurityHeaders(securityConfig))
r.Use(middleware.ForceHTTPS(securityConfig))
@@ -196,13 +198,22 @@ func Setup(cfg *config.Config) *gin.Engine {
notificationService.StartReminderScheduler()
authHandler := handler.NewAuthHandler()
authHandler := handler.NewAuthHandler(cfg.Captcha)
assignmentHandler := handler.NewAssignmentHandler(notificationService)
adminHandler := handler.NewAdminHandler()
profileHandler := handler.NewProfileHandler(notificationService)
apiHandler := handler.NewAPIHandler()
apiRecurringHandler := handler.NewAPIRecurringHandler()
r.GET("/captcha/:file", gin.WrapH(captcha.Server(captcha.StdWidth, captcha.StdHeight)))
r.GET("/captcha-new", func(c *gin.Context) {
id := captcha.New()
c.String(http.StatusOK, id)
})
r.GET("/login/2fa", authHandler.ShowLogin2FA)
r.POST("/login/2fa", csrfMiddleware, authHandler.Login2FA)
guest := r.Group("/")
guest.Use(middleware.GuestOnly())
guest.Use(csrfMiddleware)
@@ -252,6 +263,9 @@ func Setup(cfg *config.Config) *gin.Engine {
auth.POST("/profile", profileHandler.Update)
auth.POST("/profile/password", profileHandler.ChangePassword)
auth.POST("/profile/notifications", profileHandler.UpdateNotificationSettings)
auth.GET("/profile/totp/setup", profileHandler.ShowTOTPSetup)
auth.POST("/profile/totp/setup", profileHandler.EnableTOTP)
auth.POST("/profile/totp/disable", profileHandler.DisableTOTP)
admin := auth.Group("/admin")
admin.Use(middleware.AdminRequired())