diff --git a/internal/middleware/session.go b/internal/middleware/session.go index 5a7770a..bea2354 100644 --- a/internal/middleware/session.go +++ b/internal/middleware/session.go @@ -34,12 +34,13 @@ func NewSessionStore(oauth *oauth2.Config, prefix string) SessionStore { URLs: map[string]urls.URL{ "login": {Path: "/login/", Protocol: "GET", Handler: store.LoginViewOAUTH}, "callback": {Path: "/callback/", Protocol: "GET", Handler: store.CallbackViewOAUTH}, - "logout": {Path: "/logout/", Protocol: "GET", Handler: store.Logout}, + "logout": {Path: "/logout/", Protocol: "GET", Handler: store.LogoutView}, }, } return store } +// Log a user in func (s *SessionStore) Login(user string, w http.ResponseWriter) string { sessionID := rand.Text() s.sessions[sessionID] = Session{User: user} @@ -53,7 +54,8 @@ func (s *SessionStore) Login(user string, w http.ResponseWriter) string { return sessionID } -func (s *SessionStore) Logout(w http.ResponseWriter, r *http.Request) { +// View to logout a user +func (s *SessionStore) LogoutView(w http.ResponseWriter, r *http.Request) { session := r.Context().Value(ContextKey("session")).(string) delete(s.sessions, session) @@ -66,6 +68,7 @@ func (s *SessionStore) Logout(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, "/", http.StatusTemporaryRedirect) } +// View to log in a user via oauth func (s *SessionStore) LoginViewOAUTH(w http.ResponseWriter, r *http.Request) { log.Printf("%+v", *s.oauth) @@ -76,6 +79,7 @@ func (s *SessionStore) LoginViewOAUTH(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, url, http.StatusTemporaryRedirect) } +// Oauth callback view func (s *SessionStore) CallbackViewOAUTH(w http.ResponseWriter, r *http.Request) { // Read oauthState from Cookie oauthState, err := r.Cookie("oauthstate") @@ -117,6 +121,8 @@ func (s *SessionStore) CallbackViewOAUTH(w http.ResponseWriter, r *http.Request) http.Redirect(w, r, "/", http.StatusTemporaryRedirect) } +// Turn the session store into a middleware. +// Sets the user on the context based on the available session cookie func (s *SessionStore) AsMiddleware(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { sessionCookie, err := r.Cookie("id")