tangled.org / core
this repo has no description
fork atom
core / appview / state / middleware.go
at 81d6c180d5927771c20e7f0747e5c178c466c0f7 1.9 kB view raw
1package state 2 3import ( 4 "log" 5 "net/http" 6 "time" 7 8 comatproto "github.com/bluesky-social/indigo/api/atproto" 9 "github.com/bluesky-social/indigo/xrpc" 10 "github.com/icyphox/bild/appview" 11 "github.com/icyphox/bild/appview/auth" 12) 13 14type Middleware func(http.Handler) http.Handler 15 16func AuthMiddleware(s *State) Middleware { 17 return func(next http.Handler) http.Handler { 18 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 19 session, _ := s.auth.Store.Get(r, appview.SessionName) 20 authorized, ok := session.Values[appview.SessionAuthenticated].(bool) 21 22 if !ok || !authorized { 23 log.Printf("not logged in, redirecting") 24 http.Redirect(w, r, "/login", http.StatusTemporaryRedirect) 25 return 26 } 27 28 // refresh if nearing expiry 29 // TODO: dedup with /login 30 expiryStr := session.Values[appview.SessionExpiry].(string) 31 expiry, err := time.Parse(appview.TimeLayout, expiryStr) 32 if err != nil { 33 log.Println("invalid expiry time", err) 34 return 35 } 36 pdsUrl := session.Values[appview.SessionPds].(string) 37 did := session.Values[appview.SessionDid].(string) 38 refreshJwt := session.Values[appview.SessionRefreshJwt].(string) 39 40 if time.Now().After(expiry) { 41 log.Println("token expired, refreshing ...") 42 43 client := xrpc.Client{ 44 Host: pdsUrl, 45 Auth: &xrpc.AuthInfo{ 46 Did: did, 47 AccessJwt: refreshJwt, 48 RefreshJwt: refreshJwt, 49 }, 50 } 51 atSession, err := comatproto.ServerRefreshSession(r.Context(), &client) 52 if err != nil { 53 log.Println(err) 54 return 55 } 56 57 sessionish := auth.RefreshSessionWrapper{atSession} 58 59 err = s.auth.StoreSession(r, w, &sessionish, pdsUrl) 60 if err != nil { 61 log.Printf("failed to store session for did: %s\n: %s", atSession.Did, err) 62 return 63 } 64 65 log.Println("successfully refreshed token") 66 } 67 68 next.ServeHTTP(w, r) 69 }) 70 } 71}