Auto login using X-Auth-Request-User header

internal/middleware/session.go

@@ -58,17 +58,27 @@ func (s *SessionStore) AsMiddleware(next http.Handler) http.Handler {
 
 		// No session yet
 		if err != nil {
+			user := r.Header.Get("X-Auth-Request-User")
+			if user != "" {
+				s.Login(user, w)
+			} else {
 				http.Redirect(w, r, "/login/", http.StatusFound)
 				return
 			}
+		}
 
 		session, ok := s.sessions[sessionCookie.Value]
 
 		// Session expired
 		if !ok {
+			user := r.Header.Get("X-Auth-Request-User")
+			if user != "" {
+				s.Login(user, w)
+			} else {
 				http.Redirect(w, r, "/login/", http.StatusFound)
 				return
 			}
+		}
 
 		ctx := r.Context()
 		ctx = context.WithValue(