neko/internal/session/auth.go
2021-03-17 14:09:10 +01:00

84 lines
1.8 KiB
Go

package session
import (
"fmt"
"net/http"
"strings"
"time"
"demodesk/neko/internal/types"
)
func (manager *SessionManagerCtx) CookieSetToken(w http.ResponseWriter, token string) {
sameSite := http.SameSiteDefaultMode
if manager.config.CookieSecure {
sameSite = http.SameSiteNoneMode
}
http.SetCookie(w, &http.Cookie{
Name: manager.config.CookieName,
Value: token,
Expires: manager.config.CookieExpiration,
Secure: manager.config.CookieSecure,
SameSite: sameSite,
HttpOnly: true,
})
}
func (manager *SessionManagerCtx) CookieClearToken(w http.ResponseWriter) {
sameSite := http.SameSiteDefaultMode
if manager.config.CookieSecure {
sameSite = http.SameSiteNoneMode
}
http.SetCookie(w, &http.Cookie{
Name: manager.config.CookieName,
Value: "",
Expires: time.Unix(0, 0),
Secure: manager.config.CookieSecure,
SameSite: sameSite,
HttpOnly: true,
})
}
func (manager *SessionManagerCtx) Authenticate(r *http.Request) (types.Session, error) {
token, ok := manager.getToken(r)
if !ok {
return nil, fmt.Errorf("no authentication provided")
}
session, ok := manager.GetByToken(token)
if !ok {
return nil, fmt.Errorf("session not found")
}
if !session.Profile().CanLogin {
return nil, fmt.Errorf("login disabled")
}
return session, nil
}
func (manager *SessionManagerCtx) getToken(r *http.Request) (string, bool) {
// get from Header
reqToken := r.Header.Get("Authorization")
splitToken := strings.Split(reqToken, "Bearer ")
if len(splitToken) == 2 {
return strings.TrimSpace(splitToken[1]), true
}
// get from Cookie
cookie, err := r.Cookie(manager.config.CookieName)
if err == nil {
return cookie.Value, true
}
// get from URL
token := r.URL.Query().Get("token")
if token != "" {
return token, true
}
return "", false
}