adjusted session store to only require library and returnable session object

2 files changed, 54 insertions, 15 deletions

diff --git a/src/sessions/middleware.go b/src/sessions/middleware.go
index 238047e..c1d0528 100644
--- a/src/sessions/middleware.go
+++ b/src/sessions/middleware.go
@@ -7,19 +7,20 @@ import (
 
 func SetSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// is there a session_token cookie?
 		scookie, err := r.Cookie("session_token")
 		if err != nil || scookie.Value == "" {
 			// no session value or cookie
 			next.ServeHTTP(w, r)
 		}
 		cvalue := scookie.Value
-		vsession, ok := Sessions[cvalue]
+		vsession, ok := GetSession(cvalue)
 		if !ok {
 			// no session
 			next.ServeHTTP(w, r)
 		}
 		// set session
-		ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession)
+		ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession.Id())
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }
@@ -27,10 +28,22 @@ func SetSession(next http.Handler) http.Handler {
 func GuestSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// if SessionKey does not exist then this is a valid guest request
-		if _, ok := r.Context().Value(SessionCtxKey("session")).(session); !ok {
+		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
 			next.ServeHTTP(w, r)
 		}
-		// else redirect to `/` as this is an auth session
-		http.Redirect(w, r, "/", http.StatusSeeOther)
+		// else redirect to `/u/me` as this is an auth session
+		http.Redirect(w, r, "/u/me", http.StatusSeeOther)
+	})
+}
+
+func AuthSession(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// if session key not exists, then this is a guest session request redirect to login page
+		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
+			http.Redirect(w, r, "/login", http.StatusSeeOther)
+		}
+
+		// else this is a valid auth session request
+		next.ServeHTTP(w, r)
 	})
 }
diff --git a/src/sessions/sessions.go b/src/sessions/sessions.go
index d2acab6..34fe91c 100644
--- a/src/sessions/sessions.go
+++ b/src/sessions/sessions.go
@@ -2,22 +2,24 @@ package sessions
 
 import (
 	"net/http"
+	"sync"
 
 	"github.com/google/uuid"
 )
 
-type SessionMgr struct {
-	key    string
-	Values map[string]string
-}
+type sessionvalues map[string]any
 
-type session map[string]any
+type Session struct {
+	id     string
+	values sessionvalues
+	mu     *sync.Mutex
+}
 
 type SessionCtxKey string
 
-var sessions map[string]session
+var _sessions map[string]Session
 
-func (sm *SessionMgr) NewSession(w http.ResponseWriter, r http.Request) {
+func NewSession(w http.ResponseWriter, values map[string]any) Session {
 	token := uuid.NewString()
 
 	// set secure cookie in http.ResponseWriter
@@ -27,9 +29,33 @@ func (sm *SessionMgr) NewSession(w http.ResponseWriter, r http.Request) {
 		Value: token,
 	})
 
-	sessions[token] = session{
-		"username": username,
+	// create session and store
+	s := Session{
+		id:     token,
+		values: sessionvalues(values),
 	}
-	// set request context
+	_sessions[token] = s
+	return s
+}
+
+func GetSession(id string) (Session, bool) {
+	s, ok := _sessions[id]
+	return s, ok
+}
+
+func (s *Session) Id() string {
+	return s.id
+}
+
+func (s *Session) Get(key string) interface{} {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	return s.values[key]
+}
 
+func (s *Session) Set(key string, value interface{}) bool {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	s.values[key] = value
+	return true
 }