summaryrefslogtreecommitdiff
path: root/internal/handlers/middleware.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/handlers/middleware.go')
-rw-r--r--internal/handlers/middleware.go48
1 files changed, 48 insertions, 0 deletions
diff --git a/internal/handlers/middleware.go b/internal/handlers/middleware.go
new file mode 100644
index 0000000..28ccdbc
--- /dev/null
+++ b/internal/handlers/middleware.go
@@ -0,0 +1,48 @@
+package handlers
+
+import (
+ "context"
+ "errors"
+ "net/http"
+)
+
+func (h *Handlers) GetSession(next http.Handler) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ sessionCookie, err := r.Cookie("session_token")
+ if err != nil {
+ msg := "auth failed; failed to get session token from cookies"
+ h.log.Debug(msg, "error", err)
+ next.ServeHTTP(w, r)
+ return
+ }
+ sessionToken := ""
+ if sessionCookie.Value == "" {
+ sessionToken = sessionCookie.Value
+ }
+ userSession, err := h.cacheGetSession(sessionCookie.Value)
+ if err != nil {
+ msg := "auth failed; session does not exists"
+ err = errors.New(msg)
+ h.log.Debug(msg, "error", err)
+ next.ServeHTTP(w, r)
+ return
+ }
+ if userSession.IsExpired() {
+ h.mc.RemoveKey(sessionToken)
+ msg := "session is expired"
+ h.log.Debug(msg, "error", err, "token", sessionToken)
+ next.ServeHTTP(w, r)
+ return
+ }
+ ctx := context.WithValue(r.Context(),
+ "username", userSession.Username)
+ if err := h.cacheSetSession(sessionToken,
+ userSession); err != nil {
+ msg := "failed to marshal user session"
+ h.log.Warn(msg, "error", err)
+ next.ServeHTTP(w, r)
+ return
+ }
+ next.ServeHTTP(w, r.WithContext(ctx))
+ })
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 06:15:51 +0000