zdravko/internal/handlers/session.go

112 lines
3 KiB
Go

package handlers
import (
"context"
"fmt"
"net/http"
"time"
)
const sessionName = "zdravko-hey"
type AuthenticatedUser struct {
ID string
Email string
OAuth2AccessToken string
OAuth2RefreshToken string
OAuth2TokenType string
OAuth2Expiry time.Time
}
type authenticatedUserKeyType string
const authenticatedUserKey authenticatedUserKeyType = "authenticatedUser"
func WithUser(ctx context.Context, user *AuthenticatedUser) context.Context {
return context.WithValue(ctx, authenticatedUserKey, user)
}
func GetUser(ctx context.Context) *AuthenticatedUser {
user, ok := ctx.Value(authenticatedUserKey).(*AuthenticatedUser)
if !ok {
return nil
}
return user
}
func (h *BaseHandler) GetAuthenticatedUserForRequest(r *http.Request) (*AuthenticatedUser, error) {
session, err := h.store.Get(r, sessionName)
if err != nil {
return nil, err
}
if session.IsNew {
return nil, fmt.Errorf("session is nil")
}
expiry, err := time.Parse(time.RFC3339, session.Values["oauth2_expiry"].(string))
if err != nil {
return nil, err
}
user := &AuthenticatedUser{
ID: session.Values["id"].(string),
Email: session.Values["email"].(string),
OAuth2AccessToken: session.Values["oauth2_access_token"].(string),
OAuth2RefreshToken: session.Values["oauth2_refresh_token"].(string),
OAuth2TokenType: session.Values["oauth2_token_type"].(string),
OAuth2Expiry: expiry,
}
return user, nil
}
func (h *BaseHandler) SetAuthenticatedUserForRequest(w http.ResponseWriter, r *http.Request, user *AuthenticatedUser) error {
session, err := h.store.Get(r, sessionName)
if err != nil {
return err
}
session.Values["id"] = user.ID
session.Values["email"] = user.Email
session.Values["oauth2_access_token"] = user.OAuth2AccessToken
session.Values["oauth2_refresh_token"] = user.OAuth2RefreshToken
session.Values["oauth2_token_type"] = user.OAuth2TokenType
session.Values["oauth2_expiry"] = user.OAuth2Expiry.Format(time.RFC3339)
err = h.store.Save(r, w, session)
if err != nil {
return err
}
return nil
}
func (h *BaseHandler) ClearAuthenticatedUserForRequest(w http.ResponseWriter, r *http.Request) error {
session, err := h.store.Get(r, sessionName)
if err != nil {
return err
}
session.Options.MaxAge = -1
err = h.store.Save(r, w, session)
if err != nil {
return err
}
return nil
}
type AuthenticatedHandler func(http.ResponseWriter, *http.Request, *AuthenticatedUser)
func (h *BaseHandler) Authenticated(next AuthenticatedHandler) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
user, err := h.GetAuthenticatedUserForRequest(r)
if err != nil {
http.Redirect(w, r, "/oauth2/login", http.StatusTemporaryRedirect)
return
}
if user.OAuth2Expiry.Before(time.Now()) {
user, err = h.RefreshToken(w, r, user)
if err != nil {
http.Redirect(w, r, "/oauth2/login", http.StatusTemporaryRedirect)
return
}
}
next(w, r, user)
}
}