diff options
| author | Alexander Kavon <hawk@alexkavon.com> | 2023-11-30 20:10:41 -0500 |
|---|---|---|
| committer | Alexander Kavon <hawk@alexkavon.com> | 2023-11-30 20:10:50 -0500 |
| commit | 17af6e1a5017285b680a7d0a1dace1e1a1612ab9 (patch) | |
| tree | b33696d408ca10c5b0edd99cad399cc1dd093f52 /src/sessions/middleware.go | |
| parent | b3ea95f3d494c10d3f37de7842982138b4ee19a5 (diff) | |
fixed login/create templates to point to correct endpoints, updated func names to be more idiomatic, reference Session objects to save memory, logout/session.Destroy method
Diffstat (limited to 'src/sessions/middleware.go')
| -rw-r--r-- | src/sessions/middleware.go | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/sessions/middleware.go b/src/sessions/middleware.go index 6bb3b15..6ae34ac 100644 --- a/src/sessions/middleware.go +++ b/src/sessions/middleware.go @@ -5,22 +5,25 @@ import ( "net/http" ) -func SetSession(next http.Handler) http.Handler { +func StartSession(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // is there a session_token cookie? scookie, err := r.Cookie("session_token") if err != nil || scookie.Value == "" { // no session value or cookie next.ServeHTTP(w, r) + return } + // check for existing session cvalue := scookie.Value vsession, ok := GetSession(cvalue) if !ok { // no session next.ServeHTTP(w, r) + return } // set session - ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession.Id()) + ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession) next.ServeHTTP(w, r.WithContext(ctx)) }) } @@ -30,6 +33,7 @@ func GuestSession(next http.Handler) http.Handler { // if SessionKey does exist then redirect to `/u/me` as this is an auth session if v := r.Context().Value(SessionCtxKey("session")); v != nil { http.Redirect(w, r, "/u/me", http.StatusSeeOther) + return } // else this is a valid guest request next.ServeHTTP(w, r) @@ -40,10 +44,11 @@ func AuthSession(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // if session key exists then this is a valid auth request if v := r.Context().Value(SessionCtxKey("session")); v != nil { - http.Redirect(w, r, "/login", http.StatusSeeOther) + next.ServeHTTP(w, r) + return } // else this is a guest session request, redirect to login - http.Redirect(w, r, "/login", http.StatusSeeOther) + http.Redirect(w, r, "/u/auth", http.StatusSeeOther) }) } |