diff options
| -rw-r--r-- | walrss/internal/http/auth.go | 17 | ||||
| -rw-r--r-- | walrss/internal/http/http.go | 26 |
2 files changed, 39 insertions, 4 deletions
diff --git a/walrss/internal/http/auth.go b/walrss/internal/http/auth.go index eff478d..62e4295 100644 --- a/walrss/internal/http/auth.go +++ b/walrss/internal/http/auth.go @@ -12,6 +12,10 @@ import ( func (s *Server) authRegister(ctx *fiber.Ctx) error { page := new(views.RegisterPage) + if getCurrentUserID(ctx) != "" { + goto success + } + if ctx.Method() == fiber.MethodPost { password := ctx.FormValue("password") passwordConfirmation := ctx.FormValue("passwordConfirmation") @@ -44,16 +48,22 @@ func (s *Server) authRegister(ctx *fiber.Ctx) error { HTTPOnly: true, }) - return ctx.Redirect(urls.Index) + goto success } exit: return views.SendPage(ctx, page) +success: + return ctx.Redirect(urls.Index) } func (s *Server) authSignIn(ctx *fiber.Ctx) error { page := &views.SignInPage{} + if getCurrentUserID(ctx) != "" { + goto success + } + if ctx.Method() == fiber.MethodPost { email := ctx.FormValue("email") @@ -88,11 +98,12 @@ func (s *Server) authSignIn(ctx *fiber.Ctx) error { HTTPOnly: true, }) - return ctx.Redirect(urls.Index) + goto success } return views.SendPage(ctx, page) - +success: + return ctx.Redirect(urls.Index) incorrectUsernameOrPassword: ctx.Status(fiber.StatusUnauthorized) return views.SendPage(ctx, &views.SignInPage{Problem: "Incorrect username or password"}) diff --git a/walrss/internal/http/http.go b/walrss/internal/http/http.go index 92829f7..037e310 100644 --- a/walrss/internal/http/http.go +++ b/walrss/internal/http/http.go @@ -12,6 +12,7 @@ import ( const ( sessionCookieKey = "walrss-session" sessionDuration = (time.Hour * 24) * 7 // 7 days + userIDLocalKey = "userID" ) type Server struct { @@ -54,6 +55,19 @@ func New(st *state.State) (*Server, error) { } func (s *Server) registerHandlers() { + s.app.Use(func(ctx *fiber.Ctx) error { + if token := ctx.Cookies(sessionCookieKey); token != "" { + log.Debug().Msgf("cookie %s=%s", sessionCookieKey, token) + userID, createdAt, err := core.ValidateSessionToken(token) + if err == nil && time.Now().Sub(createdAt) < sessionDuration { + log.Debug().Msg("session valid") + ctx.Locals(userIDLocalKey, userID) + } + } + + return ctx.Next() + }) + s.app.Get(urls.AuthRegister, s.authRegister) s.app.Post(urls.AuthRegister, s.authRegister) @@ -65,7 +79,17 @@ func (s *Server) Run() error { return s.app.Listen(s.state.Config.GetHTTPAddress()) } -func UserErrorToResponse(ctx *fiber.Ctx, ue core.UserError) error { +func userErrorToResponse(ctx *fiber.Ctx, ue core.UserError) error { ctx.Status(ue.Status) return ctx.SendString(ue.Error()) } + +func getCurrentUserID(ctx *fiber.Ctx) string { + if x := ctx.Locals(userIDLocalKey); x != nil { + s, ok := x.(string) + if ok { + return s + } + } + return "" +} |