From ca33a035c779ae14fb6330c8801c75f49dd1bb79 Mon Sep 17 00:00:00 2001
From: Mitchell Riedstra <mitch@riedstra.dev>
Date: Sat, 7 Jan 2023 13:31:23 -0500
Subject: Add an internal caching option. It performs quite well.

Also refactor and clean up most linter warnings.
---
 cmd/server/middleware.go | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

(limited to 'cmd/server/middleware.go')

diff --git a/cmd/server/middleware.go b/cmd/server/middleware.go
index d0957fd..17717c2 100644
--- a/cmd/server/middleware.go
+++ b/cmd/server/middleware.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"errors"
+	"fmt"
 	"log"
 	"net/http"
 	"net/url"
@@ -12,6 +13,8 @@ import (
 	"riedstra.dev/mitch/go-website/users"
 )
 
+var ErrInvalidJWTToken = errors.New("invalid JWT token")
+
 func (a *App) Err5xx(w http.ResponseWriter, r *http.Request,
 	statusCode int, title, desc string) {
 	page.Render5xx(w, r, map[string]interface{}{
@@ -33,15 +36,15 @@ func (a *App) LogoutHandler() http.Handler {
 			SameSite: a.auth.SameSiteStrict,
 			Secure:   a.auth.Secure,
 			Value:    "logout",
-			Expires:  time.Now().Add(time.Second), //nolint
+			Expires:  time.Now().Add(time.Second),
 		})
 
 		http.Redirect(w, r, "/", http.StatusFound)
 	})
 }
 
-func (a *App) LoginHandler() http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { //nolint
+func (a *App) LoginHandler() http.Handler { //nolint
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		loggedIn := a.IsLoggedIn(r)
 
 		next, _ := url.Parse(r.URL.Query().Get("next"))
@@ -74,7 +77,7 @@ func (a *App) LoginHandler() http.Handler {
 		password := r.FormValue("password")
 
 		var (
-			err   error = nil
+			err   error
 			u     *users.SiteUser
 			found = false
 		)
@@ -125,16 +128,19 @@ func (a *App) IsLoggedIn(r *http.Request) bool {
 	_, err := a.GetAuthToken(r)
 	if err != nil {
 		log.Printf("%s IsLoggedIn: false", r.URL.Path)
+
 		return false
 	}
+
 	log.Printf("%s IsLoggedIn: true", r.URL.Path)
+
 	return true
 }
 
 func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) {
 	c, err := r.Cookie("Auth")
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("getting auth token: %w", err)
 	}
 
 	token, err := jwt.Parse(c.Value,
@@ -144,11 +150,11 @@ func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) {
 	)
 
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("while parsing jwt %w", err)
 	}
 
 	if !token.Valid {
-		return token, errors.New("IsLoggedIn: token not valid")
+		return token, ErrInvalidJWTToken
 	}
 
 	return token, nil
@@ -156,7 +162,6 @@ func (a *App) GetAuthToken(r *http.Request) (*jwt.Token, error) {
 
 func (a *App) RequiresLogin(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-
 		if !a.IsLoggedIn(r) {
 			log.Printf("Unauthorized request %s %s", r.Method, r.URL.Path)
 			page.Render(w, r, "login", map[string]interface{}{
@@ -167,6 +172,5 @@ func (a *App) RequiresLogin(next http.Handler) http.Handler {
 		}
 
 		next.ServeHTTP(w, r)
-
 	})
 }
-- 
cgit v1.2.3