Make start on session management

2025-07-30 09:35:01 +01:00 · 2025-07-30 09:35:01 +01:00 · 17dd20478d
commit 17dd20478d
parent 352d9555ba
4 changed files with 65 additions and 7 deletions
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -1,6 +1,7 @@
 package main
 import (
 	"crypto/rand"
 	"flag"
 	"log"
 	"net"
@ -16,6 +17,8 @@ import (
 func main() {
 	var confFile string
 	cache := make(map[string]string, 20)
 	flag.StringVar(&confFile, "c", "/etc/gonotes/conf.toml", "Specify path to config file.")
 	flag.Parse()
@ -33,8 +36,28 @@ func main() {
 	etag := middleware.NewETag("static", cacheExpiration)
 	if !conf.Conf.Production {
 		router.HandleFunc("/login/", func(w http.ResponseWriter, r *http.Request) {
 			user := r.FormValue("user")
 			log.Printf("Trying to log in %s", user)
 			sessionID := rand.Text()
 			cache[sessionID] = user
 			// TODO: omg remove this
 			log.Printf("Session id is %s", sessionID)
 			cookie := http.Cookie{
 				Name: "id", Value: sessionID, MaxAge: 3600,
 				Secure: true, HttpOnly: true, Path: "/",
 			}
 			http.SetCookie(w, &cookie)
 			http.Redirect(w, r, "/notes/", http.StatusFound)
 		})
 	}
 	router.Handle("/", middleware.LoggingMiddleware(http.RedirectHandler("/notes/", http.StatusFound)))
-	router.Handle("/notes/", middleware.LoggingMiddleware(http.StripPrefix("/notes", notesRouter)))
+	router.Handle("/notes/", middleware.SessionMiddleware(cache, middleware.LoggingMiddleware(http.StripPrefix("/notes", notesRouter))))
 	router.Handle(
 		"/static/",
 		middleware.LoggingMiddleware(
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module forgejo.gwairfelin.com/max/gonotes
-go 1.23.5
+go 1.24.5
 require github.com/yuin/goldmark v1.7.8
--- a/internal/conf/conf.go
+++ b/internal/conf/conf.go
@ -54,11 +54,12 @@ func (asset *Asset) fetchIfNotExists(staticPath string) {
 }
 type Config struct {
-	Address   string
+	Address    string
-	Protocol  string
+	Protocol   string
-	Extension string
+	Extension  string
-	NotesDir  string
+	NotesDir   string
-	LogAccess bool
+	LogAccess  bool
 	Production bool
 }
 var (
--- a/internal/middleware/session.go
+++ b/internal/middleware/session.go
@ -0,0 +1,34 @@
 // Middleware to deal with sessions
 package middleware
 import (
 	"context"
 	"log"
 	"net/http"
 )
 func SessionMiddleware(cache map[string]string, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		sessionCookie, err := r.Cookie("id")
 		// No session yet
 		if err != nil {
 			http.Redirect(w, r, "/login/", http.StatusUnauthorized)
 			return
 		}
 		user, ok := cache[sessionCookie.Value]
 		// Session expired
 		if !ok {
 			http.Redirect(w, r, "/login/", http.StatusUnauthorized)
 			return
 		}
 		log.Printf("User is %s", user)
 		ctx := r.Context()
 		ctx = context.WithValue(ctx, "user", user)
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }