update mvc/authenticated-controller example

rel to: #1536 too


Former-commit-id: 0ed36644ee2d6c27d90450700d9241eb1ba93c17

_examples/mvc/authenticated-controller/main.go

@@ -15,9 +15,19 @@ import (
 )
 
 func main() {
-	app := iris.New()
+	app := newApp()
 	app.Logger().SetLevel("debug")
 
+	// Open a client, e.g. Postman and visit the below endpoints.
+	// GET: http://localhost:8080/user (UnauthenticatedUserController.Get)
+	// POST: http://localhost:8080/user/login (UnauthenticatedUserController.PostLogin)
+	// GET: http://localhost:8080/user (UserController.Get)
+	// POST: http://localhost:8080/user/logout (UserController.PostLogout)
+	app.Listen(":8080")
+}
+
+func newApp() *iris.Application {
+	app := iris.New()
 	sess := sessions.New(sessions.Config{
 		Cookie:       "myapp_session_id",
 		AllowReclaim: true,
@@ -37,18 +47,11 @@ func main() {
 		userApp.Register(authDependency)
 
 		// Register Controllers.
-		userApp.Handle(new(MeController))
 		userApp.Handle(new(UserController))
 		userApp.Handle(new(UnauthenticatedUserController))
 	}
 
-	// Open a client, e.g. Postman and visit the below endpoints.
-	// GET: http://localhost:8080/user
-	// POST: http://localhost:8080/user/login
-	// GET: http://localhost:8080/user
-	// GET: http://localhost:8080/user/me
-	// POST: http://localhost:8080/user/logout
-	app.Listen(":8080")
+	return app
 }
 
 // Authenticated is a custom type used as "annotation" for resources that requires authentication,
@@ -70,21 +73,16 @@ func authDependency(ctx iris.Context, session *sessions.Session) Authenticated {
 // UnauthenticatedUserController serves the "public" Unauthorized User API.
 type UnauthenticatedUserController struct{}
 
-// GetMe registers a route that will be executed when authentication is not passed
-// (see UserController.GetMe) too.
-func (c *UnauthenticatedUserController) GetMe() string {
+// Get registers a route that will be executed when authentication is not passed
+// (see UserController.Get) too.
+func (c *UnauthenticatedUserController) Get() string {
 	return `custom action to redirect on authentication page`
 }
 
-// UserController serves the "public" User API.
-type UserController struct {
-	Session *sessions.Session
-}
-
 // PostLogin serves
 // POST: /user/login
-func (c *UserController) PostLogin() mvc.Response {
-	c.Session.Set("user_id", 1)
+func (c *UnauthenticatedUserController) PostLogin(session *sessions.Session) mvc.Response {
+	session.Set("user_id", 1)
 
 	// Redirect (you can still use the Context.Redirect if you want so).
 	return mvc.Response{
@@ -93,27 +91,20 @@ func (c *UserController) PostLogin() mvc.Response {
 	}
 }
 
-// PostLogout serves
-// POST: /user/logout
-func (c *UserController) PostLogout(ctx iris.Context) {
-	c.Session.Man.Destroy(ctx)
-}
-
-// GetMe showcases that the same type can be used inside controller's method too,
-// a second controller like `MeController` is not required.
-// GET: user/me
-func (c *UserController) GetMe(_ Authenticated) string {
-	return `UserController.GetMe: The Authenticated type
-can be used to secure a controller's method too.`
-}
-
-// MeController provides the logged user's available actions.
-type MeController struct {
+// UserController serves the "public" User API.
+type UserController struct {
 	CurrentUserID Authenticated
 }
 
 // Get returns a message for the sake of the example.
 // GET: /user
-func (c *MeController) Get() string {
-	return "This will be executed only when the user is logged in"
+func (c *UserController) Get() string {
+	return `UserController.Get: The Authenticated type
+can be used to secure a controller's method too.`
+}
+
+// PostLogout serves
+// POST: /user/logout
+func (c *UserController) PostLogout(ctx iris.Context) {
+	sessions.Get(ctx).Man.Destroy(ctx)
 }

_examples/mvc/authenticated-controller/main_test.go

@@ -0,0 +1,24 @@
+package main
+
+import (
+	"testing"
+
+	"github.com/kataras/iris/v12/httptest"
+)
+
+func TestMVCOverlapping(t *testing.T) {
+	app := newApp()
+
+	e := httptest.New(t, app, httptest.URL("http://example.com"))
+	// unauthenticated.
+	e.GET("/user").Expect().Status(httptest.StatusOK).Body().Equal("custom action to redirect on authentication page")
+	// login.
+	e.POST("/user/login").Expect().Status(httptest.StatusOK)
+	// authenticated.
+	e.GET("/user").Expect().Status(httptest.StatusOK).Body().Equal(`UserController.Get: The Authenticated type
+can be used to secure a controller's method too.`)
+	// logout.
+	e.POST("/user/logout").Expect().Status(httptest.StatusOK)
+	// unauthenticated.
+	e.GET("/user").Expect().Status(httptest.StatusOK).Body().Equal("custom action to redirect on authentication page")
+}

core/router/api_builder.go

@@ -289,9 +289,9 @@ func (api *APIBuilder) SetExecutionRules(executionRules ExecutionRules) Party {
 type RouteRegisterRule uint8
 
 const (
-	// RouteOverride an existing route with the new one, the default rule.
+	// RouteOverride replaces an existing route with the new one, the default rule.
 	RouteOverride RouteRegisterRule = iota
-	// RouteSkip registering a new route twice.
+	// RouteSkip keeps the original route and skips the new one.
 	RouteSkip
 	// RouteError log when a route already exists, shown after the `Build` state,
 	// server never starts.

iris.go

@@ -610,9 +610,9 @@ var (
 // Constants for input argument at `router.RouteRegisterRule`.
 // See `Party#SetRegisterRule`.
 const (
-	// RouteOverride an existing route with the new one, the default rule.
+	// RouteOverride replaces an existing route with the new one, the default rule.
 	RouteOverride = router.RouteOverride
-	// RouteSkip registering a new route twice.
+	// RouteSkip keeps the original route and skips the new one.
 	RouteSkip = router.RouteSkip
 	// RouteError log when a route already exists, shown after the `Build` state,
 	// server never starts.