diff options
| author | Mitchell Riedstra <mitch@riedstra.dev> | 2023-01-07 13:31:23 -0500 |
|---|---|---|
| committer | Mitchell Riedstra <mitch@riedstra.dev> | 2023-01-07 13:31:23 -0500 |
| commit | ca33a035c779ae14fb6330c8801c75f49dd1bb79 (patch) | |
| tree | deaabaf15d6d91079a68f247e46070399e4343ee /cmd/server/middleware.go | |
| parent | 97dd660925434be537cd9a49a1d0c893b223e357 (diff) | |
| download | go-website-0.0.22.tar.gz go-website-0.0.22.tar.xz | |
Add an internal caching option. It performs quite well.v0.0.22
Also refactor and clean up most linter warnings.
Diffstat (limited to 'cmd/server/middleware.go')
| -rw-r--r-- | cmd/server/middleware.go | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/cmd/server/middleware.go b/cmd/server/middleware.go index d0957fd..17717c2 100644 --- a/cmd/server/middleware.go +++ b/cmd/server/middleware.go @@ -2,6 +2,7 @@ package main import ( "errors" + "fmt" "log" "net/http" "net/url" @@ -12,6 +13,8 @@ import ( "riedstra.dev/mitch/go-website/users" ) +var ErrInvalidJWTToken = errors.New("invalid JWT token") + func (a *App) Err5xx(w http.ResponseWriter, r *http.Request, statusCode int, title, desc string) { page.Render5xx(w, r, map[string]interface{}{ @@ -33,15 +36,15 @@ func (a *App) LogoutHandler() http.Handler { SameSite: a.auth.SameSiteStrict, Secure: a.auth.Secure, Value: "logout", - Expires: time.Now().Add(time.Second), //nolint + Expires: time.Now().Add(time.Second), }) http.Redirect(w, r, "/", http.StatusFound) }) } -func (a *App) LoginHandler() http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { //nolint +func (a *App) LoginHandler() http.Handler { //nolint + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { loggedIn := a.IsLoggedIn(r) next, _ := url.Parse(r.URL.Query().Get("next")) @@ -74,7 +77,7 @@ func (a *App) LoginHandler() http.Handler { password := r.FormValue("password") var ( - err error = nil + err error u *users.SiteUser found = false ) @@ -125,16 +128,19 @@ func (a *App) IsLoggedIn(r *http.Request) bool { _, err := a.GetAuthToken(r) if err != nil { log.Printf("%s IsLoggedIn: false", r.URL.Path) + return false } + log.Printf("%s IsLoggedIn: true", r.URL.Path) + return true } func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) { c, err := r.Cookie("Auth") if err != nil { - return nil, err + return nil, fmt.Errorf("getting auth token: %w", err) } token, err := jwt.Parse(c.Value, @@ -144,11 +150,11 @@ func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) { ) if err != nil { - return nil, err + return nil, fmt.Errorf("while parsing jwt %w", err) } if !token.Valid { - return token, errors.New("IsLoggedIn: token not valid") + return token, ErrInvalidJWTToken } return token, nil @@ -156,7 +162,6 @@ func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) { func (a *App) RequiresLogin(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if !a.IsLoggedIn(r) { log.Printf("Unauthorized request %s %s", r.Method, r.URL.Path) page.Render(w, r, "login", map[string]interface{}{ @@ -167,6 +172,5 @@ func (a *App) RequiresLogin(next http.Handler) http.Handler { } next.ServeHTTP(w, r) - }) } |