From ac7f557d6039ec10518e39af7259e5e97f59fd38 Mon Sep 17 00:00:00 2001
From: Alexander Kavon <hawk@alexkavon.com>
Date: Thu, 30 Nov 2023 05:28:59 -0500
Subject: properly check value in session middlewhere and reverse rules

---
 src/sessions/middleware.go | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/sessions/middleware.go b/src/sessions/middleware.go
index c1d0528..6bb3b15 100644
--- a/src/sessions/middleware.go
+++ b/src/sessions/middleware.go
@@ -27,23 +27,23 @@ func SetSession(next http.Handler) http.Handler {
 
 func GuestSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		// if SessionKey does not exist then this is a valid guest request
-		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
-			next.ServeHTTP(w, r)
+		// if SessionKey does exist then redirect to `/u/me` as this is an auth session
+		if v := r.Context().Value(SessionCtxKey("session")); v != nil {
+			http.Redirect(w, r, "/u/me", http.StatusSeeOther)
 		}
-		// else redirect to `/u/me` as this is an auth session
-		http.Redirect(w, r, "/u/me", http.StatusSeeOther)
+		// else this is a valid guest request
+		next.ServeHTTP(w, r)
 	})
 }
 
 func AuthSession(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		// if session key not exists, then this is a guest session request redirect to login page
-		if _, ok := r.Context().Value(SessionCtxKey("session")); !ok {
+		// if session key exists then this is a valid auth request
+		if v := r.Context().Value(SessionCtxKey("session")); v != nil {
 			http.Redirect(w, r, "/login", http.StatusSeeOther)
 		}
 
-		// else this is a valid auth session request
-		next.ServeHTTP(w, r)
+		// else this is a guest session request, redirect to login
+		http.Redirect(w, r, "/login", http.StatusSeeOther)
 	})
 }
-- 
cgit v1.2.3