neko/internal/session/auth.go

package session

import (
	"errors"
	"net/http"
	"strings"
	"time"

	"github.com/demodesk/neko/pkg/types"
)

func (manager *SessionManagerCtx) CookieSetToken(w http.ResponseWriter, token string) {
	sameSite := http.SameSiteDefaultMode
	if manager.config.CookieSecure {
		sameSite = http.SameSiteNoneMode
	}

	http.SetCookie(w, &http.Cookie{
		Name:     manager.config.CookieName,
		Value:    token,
		Expires:  time.Now().Add(manager.config.CookieExpiration),
		Secure:   manager.config.CookieSecure,
		SameSite: sameSite,
		HttpOnly: true,
	})
}

func (manager *SessionManagerCtx) CookieClearToken(w http.ResponseWriter, r *http.Request) {
	cookie, err := r.Cookie(manager.config.CookieName)
	if err != nil {
		return
	}

	cookie.Value = ""
	cookie.Expires = time.Unix(0, 0)
	http.SetCookie(w, cookie)
}

func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, error) {
	token, ok := manager.getToken(r)
	if !ok {
		return nil, errors.New("no authentication provided")
	}

	session, ok := manager.GetByToken(token)
	if !ok {
		return nil, types.ErrSessionNotFound
	}

	if !session.Profile().CanLogin {
		return nil, types.ErrSessionLoginDisabled
	}

	return session, nil
}

func (manager *SessionManagerCtx) getToken(r *http.Request) (string, bool) {
	if manager.CookieEnabled() {
		// get from Cookie
		cookie, err := r.Cookie(manager.config.CookieName)
		if err == nil {
			return cookie.Value, true
		}
	}

	// get from Header
	reqToken := r.Header.Get("Authorization")
	splitToken := strings.Split(reqToken, "Bearer ")
	if len(splitToken) == 2 {
		return strings.TrimSpace(splitToken[1]), true
	}

	// get from URL
	token := r.URL.Query().Get("token")
	if token != "" {
		return token, true
	}

	return "", false
}
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00			`package session`

			`import (`
common errors as variable. 2021-08-29 17:09:13 +02:00			`"errors"`
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00			`"net/http"`
fmt auth. 2021-03-13 21:44:38 +01:00			`"strings"`
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`"time"`
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00
rename module name from gitlab to github. 2022-07-14 00:58:22 +02:00			`"github.com/demodesk/neko/pkg/types"`
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00			`)`

move cookies to session + config. 2021-03-17 14:09:10 +01:00			`func (manager *SessionManagerCtx) CookieSetToken(w http.ResponseWriter, token string) {`
			`sameSite := http.SameSiteDefaultMode`
			`if manager.config.CookieSecure {`
			`sameSite = http.SameSiteNoneMode`
			`}`

			`http.SetCookie(w, &http.Cookie{`
			`Name: manager.config.CookieName,`
			`Value: token,`
cookie expiration as time duration. 2022-01-16 21:03:25 +01:00			`Expires: time.Now().Add(manager.config.CookieExpiration),`
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`Secure: manager.config.CookieSecure,`
			`SameSite: sameSite,`
			`HttpOnly: true,`
			`})`
			`}`

clear cookie if non-existent session. 2021-03-25 10:29:28 +01:00			`func (manager SessionManagerCtx) CookieClearToken(w http.ResponseWriter, r http.Request) {`
			`cookie, err := r.Cookie(manager.config.CookieName)`
			`if err != nil {`
			`return`
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`}`

clear cookie if non-existent session. 2021-03-25 10:29:28 +01:00			`cookie.Value = ""`
			`cookie.Expires = time.Unix(0, 0)`
			`http.SetCookie(w, cookie)`
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`}`

refactor authenticate to use Token. 2021-03-13 20:42:56 +01:00			`func (manager SessionManagerCtx) Authenticate(r http.Request) (types.Session, error) {`
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`token, ok := manager.getToken(r)`
login with secret. 2020-11-27 19:59:54 +01:00			`if !ok {`
common errors as variable. 2021-08-29 17:09:13 +02:00			`return nil, errors.New("no authentication provided")`
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00			`}`

OnHostChanged event and add tokens to session. 2021-03-13 22:17:49 +01:00			`session, ok := manager.GetByToken(token)`
login with secret. 2020-11-27 19:59:54 +01:00			`if !ok {`
common errors as variable. 2021-08-29 17:09:13 +02:00			`return nil, types.ErrSessionNotFound`
+ CanLogin. 2020-12-06 18:48:50 +01:00			`}`

add CanLogin check for Authenticate. 2021-03-14 19:58:15 +01:00			`if !session.Profile().CanLogin {`
common errors as variable. 2021-08-29 17:09:13 +02:00			`return nil, types.ErrSessionLoginDisabled`
add CanLogin check for Authenticate. 2021-03-14 19:58:15 +01:00			`}`

login with secret. 2020-11-27 19:59:54 +01:00			`return session, nil`
auth moved from websockets to session. 2020-11-01 18:39:12 +01:00			`}`
allow login using Query. 2020-11-28 15:22:04 +01:00
move cookies to session + config. 2021-03-17 14:09:10 +01:00			`func (manager SessionManagerCtx) getToken(r http.Request) (string, bool) {`
read cookies only if enabled. 2021-04-24 21:11:07 +02:00			`if manager.CookieEnabled() {`
			`// get from Cookie`
			`cookie, err := r.Cookie(manager.config.CookieName)`
			`if err == nil {`
			`return cookie.Value, true`
			`}`
			`}`

refactor authenticate to use Token. 2021-03-13 20:42:56 +01:00			`// get from Header`
			`reqToken := r.Header.Get("Authorization")`
			`splitToken := strings.Split(reqToken, "Bearer ")`
			`if len(splitToken) == 2 {`
			`return strings.TrimSpace(splitToken[1]), true`
allow login using Query. 2020-11-28 15:22:04 +01:00			`}`

refactor authenticate to use Token. 2021-03-13 20:42:56 +01:00			`// get from URL`
			`token := r.URL.Query().Get("token")`
			`if token != "" {`
			`return token, true`
allow login using Query. 2020-11-28 15:22:04 +01:00			`}`

refactor authenticate to use Token. 2021-03-13 20:42:56 +01:00			`return "", false`
format Go source code. 2021-02-14 14:40:17 +01:00			`}`