idanoo/autobrr
1
0
Fork 0
mirror of https://github.com/idanoo/autobrr synced 2025-07-23 08:49:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(http): auth handlers (#1311)

Browse source 
* fix(auth): implement invalid cookie handling

* that escalated quickly

* refactor(http): auth handlers

* add tests for auth handler
* refactor methods

* chore(tests): add header and build tag

* add build tag integration

* chore(tests): run in ci

---------

Co-authored-by: ze0s <ze0s@riseup.net>
This commit is contained in:
Kyle Sanderson 2023-12-27 17:04:25 -08:00 committed by GitHub
parent df2612602b
commit 6a94ecacca
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 537 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

15
internal/http/middleware.go
View file

@ -4,6 +4,7 @@
package http
import (
"context"
"net/http"
"runtime/debug"
"strings"
@ -30,13 +31,25 @@ func (s Server) IsAuthenticated(next http.Handler) http.Handler {
}
} else {
// check session
session, _ := s.cookieStore.Get(r, "user_session")
session, err := s.cookieStore.Get(r, "user_session")
if err != nil {
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
if session.IsNew {
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
// Check if user is authenticated
if auth, ok := session.Values["authenticated"].(bool); !ok || !auth {
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
ctx := context.WithValue(r.Context(), "session", session)
r = r.WithContext(ctx)
}
next.ServeHTTP(w, r)