1 files changed, 18 insertions, 5 deletions

diff --git a/src/sessions/middleware.go b/src/sessions/middleware.go
index 238047e..c1d0528 100644
--- a/src/sessions/middleware.go
+++ b/src/sessions/middleware.go
@@ -7,19 +7,20 @@ import (
 
 func SetSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// is there a session_token cookie?
 		scookie, err := r.Cookie("session_token")
 		if err != nil || scookie.Value == "" {
 			// no session value or cookie
 			next.ServeHTTP(w, r)
 		}
 		cvalue := scookie.Value
-		vsession, ok := Sessions[cvalue]
+		vsession, ok := GetSession(cvalue)
 		if !ok {
 			// no session
 			next.ServeHTTP(w, r)
 		}
 		// set session
-		ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession)
+		ctx := context.WithValue(r.Context(), SessionCtxKey("session"), vsession.Id())
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }
@@ -27,10 +28,22 @@ func SetSession(next http.Handler) http.Handler {
 func GuestSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// if SessionKey does not exist then this is a valid guest request
-		if _, ok := r.Context().Value(SessionCtxKey("session")).(session); !ok {
+		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
 			next.ServeHTTP(w, r)
 		}
-		// else redirect to `/` as this is an auth session
-		http.Redirect(w, r, "/", http.StatusSeeOther)
+		// else redirect to `/u/me` as this is an auth session
+		http.Redirect(w, r, "/u/me", http.StatusSeeOther)
+	})
+}
+
+func AuthSession(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// if session key not exists, then this is a guest session request redirect to login page
+		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
+			http.Redirect(w, r, "/login", http.StatusSeeOther)
+		}
+
+		// else this is a valid auth session request
+		next.ServeHTTP(w, r)
 	})
 }