Implement oidc client of sorts

2025-12-10 16:34:40 +00:00 · 2025-12-10 16:34:40 +00:00 · a750f646a9
commit a750f646a9
parent 1772e57ee8
7 changed files with 175 additions and 55 deletions
--- a/internal/middleware/session.go
+++ b/internal/middleware/session.go
@ -44,42 +44,26 @@ func (s *SessionStore) Logout(w http.ResponseWriter, r *http.Request) {
 	}

 	http.SetCookie(w, &cookie)
+	http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
 }

 func (s *SessionStore) AsMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		sessionCookie, err := r.Cookie("id")
-		// No session yet
-		if err != nil {
-			user := r.Header.Get("X-Auth-Request-User")
+		user := "anon"
+		var cookieVal string
+		// Session exists
+		if err == nil {
+			session, ok := s.sessions[sessionCookie.Value]

-			if user != "" {
-				sessionID := s.Login(user, w)
-				nextWithSessionContext(w, r, next, user, sessionID)
-			} else {
-				http.Redirect(w, r, "/login/", http.StatusFound)
+			// Session not expired
+			if ok {
+				user = session.User
+				cookieVal = sessionCookie.Value
 			}
-
-			return
 		}

-		session, ok := s.sessions[sessionCookie.Value]
-
-		// Session expired
-		if !ok {
-			user := r.Header.Get("X-Auth-Request-User")
-
-			if user != "" {
-				sessionID := s.Login(user, w)
-				nextWithSessionContext(w, r, next, user, sessionID)
-			} else {
-				http.Redirect(w, r, "/login/", http.StatusFound)
-			}
-
-			return
-		}
-
-		nextWithSessionContext(w, r, next, session.User, sessionCookie.Value)
+		nextWithSessionContext(w, r, next, user, cookieVal)
 	})
 }