cmdui/backend/api/auth/http.go

package auth

import (
	"context"
	"net/http"
	"time"

	"github.com/juju/errors"
)

const (
	sessionCookieName = "cmdui_session_id"
)

func AuthenticateRequest(w http.ResponseWriter, r *http.Request) (context.Context, error) {
	cook, err := r.Cookie(sessionCookieName)
	if err != nil {
		return r.Context(), errors.Annotate(err, "Failed to get cookie value")
	}
	sess, err := FindSession(cook.Value)
	if err != nil {
		return r.Context(), errors.Annotate(err, "Failed to authenticate request")
	}
	ctx := ContextWithSession(r.Context(), sess)
	if sess.ExpiresAt.Before(time.Now()) {
		ClearCookie(ctx, w)
		return ctx, errors.New("Session expired")
	}

	u, err := sess.User()
	if err != nil {
		return ctx, errors.Annotatef(err, "Failed to find user %d", sess.UserID)
	}
	if u == nil {
		return ctx, errors.UserNotFoundf("User %s was not found", sess.UserID)
	}
	u.Authorized = true

	ctx = ContextWithUser(ctx, *u)
	return ctx, nil
}

func AuthorizeResponse(ctx context.Context, w http.ResponseWriter) {
	if sess, ok := SessionFromContext(ctx); ok {
		http.SetCookie(w, &http.Cookie{
			Name:     sessionCookieName,
			Value:    sess.ID,
			Path:     "/",
			Expires:  sess.ExpiresAt,
			HttpOnly: true,
		})
	}
}

func ClearCookie(ctx context.Context, w http.ResponseWriter) {
	sess := Session(ctx)
	sess.ExpiresAt = time.Time{}
	ctx = ContextWithSession(ctx, sess)
	AuthorizeResponse(ctx, w)
}
Puberty commit 2017-10-29 23:06:41 +01:00			`package auth`

			`import (`
			`"context"`
			`"net/http"`
			`"time"`

			`"github.com/juju/errors"`
			`)`

			`const (`
			`sessionCookieName = "cmdui_session_id"`
			`)`

			`func AuthenticateRequest(w http.ResponseWriter, r *http.Request) (context.Context, error) {`
			`cook, err := r.Cookie(sessionCookieName)`
			`if err != nil {`
			`return r.Context(), errors.Annotate(err, "Failed to get cookie value")`
			`}`
			`sess, err := FindSession(cook.Value)`
			`if err != nil {`
			`return r.Context(), errors.Annotate(err, "Failed to authenticate request")`
			`}`
			`ctx := ContextWithSession(r.Context(), sess)`
			`if sess.ExpiresAt.Before(time.Now()) {`
			`ClearCookie(ctx, w)`
			`return ctx, errors.New("Session expired")`
			`}`

			`u, err := sess.User()`
			`if err != nil {`
			`return ctx, errors.Annotatef(err, "Failed to find user %d", sess.UserID)`
			`}`
			`if u == nil {`
			`return ctx, errors.UserNotFoundf("User %s was not found", sess.UserID)`
			`}`
			`u.Authorized = true`

			`ctx = ContextWithUser(ctx, *u)`
			`return ctx, nil`
			`}`

			`func AuthorizeResponse(ctx context.Context, w http.ResponseWriter) {`
			`if sess, ok := SessionFromContext(ctx); ok {`
			`http.SetCookie(w, &http.Cookie{`
			`Name: sessionCookieName,`
			`Value: sess.ID,`
			`Path: "/",`
			`Expires: sess.ExpiresAt,`
			`HttpOnly: true,`
			`})`
			`}`
			`}`

			`func ClearCookie(ctx context.Context, w http.ResponseWriter) {`
			`sess := Session(ctx)`
			`sess.ExpiresAt = time.Time{}`
			`ctx = ContextWithSession(ctx, sess)`
			`AuthorizeResponse(ctx, w)`
			`}`