commit f6f63fe1a9911b740b845b1f0fcccd1bd0dcd4d5 · foxwitch.net/core

+1 -2

appview/auth/auth.go

···

       140
       140
        
       	clientSession.Values[appview.SessionPds] = pdsEndpoint

     

       141
       141
        
       	clientSession.Values[appview.SessionAccessJwt] = atSessionish.GetAccessJwt()

     

       142
       142
        
       	clientSession.Values[appview.SessionRefreshJwt] = atSessionish.GetRefreshJwt()

     

       143
       143
       -
       	clientSession.Values[appview.SessionExpiry] = time.Now().Add(time.Minute * 15).Format(time.RFC3339)

     

       143
       143
       +
       	clientSession.Values[appview.SessionExpiry] = time.Now().Add(time.Second * 5).Format(time.RFC3339)

     

       144
       144
        
       	clientSession.Values[appview.SessionAuthenticated] = true

     

       145
       145
        
       	return clientSession.Save(r, w)

     

       146
       146
        
       }

     

       147
       147
        
       

     

       148
       148
        
       func (a *Auth) AuthorizedClient(r *http.Request) (*xrpc.Client, error) {

     

       149
       149
        
       	clientSession, err := a.Store.Get(r, "appview-session")

     

       150
       150
       -
       

     

       151
       150
        
       	if err != nil || clientSession.IsNew {

     

       152
       151
        
       		return nil, err

     

       153
       152
        
       	}

+16 -4

appview/state/middleware.go

···

       21
       21
        
       func AuthMiddleware(s *State) Middleware {

     

       22
       22
        
       	return func(next http.Handler) http.Handler {

     

       23
       23
        
       		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

     

       24
       24
       -
       			session, _ := s.auth.Store.Get(r, appview.SessionName)

     

       24
       24
       +
       			session, err := s.auth.GetSession(r)

     

       25
       25
       +
       			if session.IsNew || err != nil {

     

       26
       26
       +
       				log.Printf("not logged in, redirecting")

     

       27
       27
       +
       				http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)

     

       28
       28
       +
       				return

     

       29
       29
       +
       			}

     

       30
       30
       +
       

     

       25
       31
        
       			authorized, ok := session.Values[appview.SessionAuthenticated].(bool)

     

       26
       32
        
       			if !ok || !authorized {

     

       27
       33
        
       				log.Printf("not logged in, redirecting")

     
···

       38
       44
        
       				http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)

     

       39
       45
        
       				return

     

       40
       46
        
       			}

     

       41
       41
       -
       			pdsUrl := session.Values[appview.SessionPds].(string)

     

       42
       42
       -
       			did := session.Values[appview.SessionDid].(string)

     

       43
       43
       -
       			refreshJwt := session.Values[appview.SessionRefreshJwt].(string)

     

       47
       47
       +
       			pdsUrl, ok1 := session.Values[appview.SessionPds].(string)

     

       48
       48
       +
       			did, ok2 := session.Values[appview.SessionDid].(string)

     

       49
       49
       +
       			refreshJwt, ok3 := session.Values[appview.SessionRefreshJwt].(string)

     

       50
       50
       +
       

     

       51
       51
       +
       			if !ok1 || !ok2 || !ok3 {

     

       52
       52
       +
       				log.Println("invalid expiry time", err)

     

       53
       53
       +
       				http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)

     

       54
       54
       +
       				return

     

       55
       55
       +
       			}

     

       44
       56
        
       

     

       45
       57
        
       			if time.Now().After(expiry) {

     

       46
       58
        
       				log.Println("token expired, refreshing ...")

+2 -1

appview/state/state.go

···

       836
       836
        
       

     

       837
       837
        
       			// settings routes, needs auth

     

       838
       838
        
       			r.Group(func(r chi.Router) {

     

       839
       839
       +
       				r.Use(AuthMiddleware(s))

     

       839
       840
        
       				r.With(RepoPermissionMiddleware(s, "repo:settings")).Route("/settings", func(r chi.Router) {

     

       840
       841
        
       					r.Get("/", s.RepoSettings)

     

       841
       842
        
       					r.With(RepoPermissionMiddleware(s, "repo:invite")).Put("/collaborator", s.AddCollaborator)

     
···

       858
       859
        
       

     

       859
       860
        
       	r.Get("/", s.Timeline)

     

       860
       861
        
       

     

       861
       861
       -
       	r.Get("/logout", s.Logout)

     

       862
       862
       +
       	r.With(AuthMiddleware(s)).Get("/logout", s.Logout)

     

       862
       863
        
       

     

       863
       864
        
       	r.Route("/login", func(r chi.Router) {

     

       864
       865
        
       		r.Get("/", s.Login)