package session import ( "errors" "net/http" "strings" "time" "gitlab.com/demodesk/neko/server/internal/types" ) func (manager *SessionManagerCtx) CookieSetToken(w http.ResponseWriter, token string) { sameSite := http.SameSiteDefaultMode if manager.config.CookieSecure { sameSite = http.SameSiteNoneMode } http.SetCookie(w, &http.Cookie{ Name: manager.config.CookieName, Value: token, Expires: time.Now().Add(manager.config.CookieExpiration), Secure: manager.config.CookieSecure, SameSite: sameSite, HttpOnly: true, }) } func (manager *SessionManagerCtx) CookieClearToken(w http.ResponseWriter, r *http.Request) { cookie, err := r.Cookie(manager.config.CookieName) if err != nil { return } cookie.Value = "" cookie.Expires = time.Unix(0, 0) http.SetCookie(w, cookie) } func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, error) { token, ok := manager.getToken(r) if !ok { return nil, errors.New("no authentication provided") } session, ok := manager.GetByToken(token) if !ok { return nil, types.ErrSessionNotFound } if !session.Profile().CanLogin { return nil, types.ErrSessionLoginDisabled } return session, nil } func (manager *SessionManagerCtx) getToken(r *http.Request) (string, bool) { if manager.CookieEnabled() { // get from Cookie cookie, err := r.Cookie(manager.config.CookieName) if err == nil { return cookie.Value, true } } // get from Header reqToken := r.Header.Get("Authorization") splitToken := strings.Split(reqToken, "Bearer ") if len(splitToken) == 2 { return strings.TrimSpace(splitToken[1]), true } // get from URL token := r.URL.Query().Get("token") if token != "" { return token, true } return "", false }