tangled.org / core
this repo has no description
fork atom

rename consts

Akshay fc1b32bb 166abe60

options
unified split
Changed files
+33 -35
appview
auth
auth.go
consts.go
state
middleware.go
state.go
+14 -14
appview/auth/auth.go
··· 29 29 } 30 30 31 31 func Make() (*Auth, error) { 32 - store := sessions.NewCookieStore([]byte(appview.SESSION_COOKIE_SECRET)) 32 + store := sessions.NewCookieStore([]byte(appview.SessionCookieSecret)) 33 33 return &Auth{store}, nil 34 34 } 35 35 ··· 139 139 } 140 140 141 141 func (a *Auth) StoreSession(r *http.Request, w http.ResponseWriter, atSessionish Sessionish, pdsEndpoint string) error { 142 - clientSession, _ := a.Store.Get(r, appview.SESSION_NAME) 143 - clientSession.Values[appview.SESSION_HANDLE] = atSessionish.GetHandle() 144 - clientSession.Values[appview.SESSION_DID] = atSessionish.GetDid() 145 - clientSession.Values[appview.SESSION_PDS] = pdsEndpoint 146 - clientSession.Values[appview.SESSION_ACCESSJWT] = atSessionish.GetAccessJwt() 147 - clientSession.Values[appview.SESSION_REFRESHJWT] = atSessionish.GetRefreshJwt() 148 - clientSession.Values[appview.SESSION_EXPIRY] = time.Now().Add(time.Hour).Format(appview.TIME_LAYOUT) 149 - clientSession.Values[appview.SESSION_AUTHENTICATED] = true 142 + clientSession, _ := a.Store.Get(r, appview.SessionName) 143 + clientSession.Values[appview.SessionHandle] = atSessionish.GetHandle() 144 + clientSession.Values[appview.SessionDid] = atSessionish.GetDid() 145 + clientSession.Values[appview.SessionPds] = pdsEndpoint 146 + clientSession.Values[appview.SessionAccessJwt] = atSessionish.GetAccessJwt() 147 + clientSession.Values[appview.SessionRefreshJwt] = atSessionish.GetRefreshJwt() 148 + clientSession.Values[appview.SessionExpiry] = time.Now().Add(time.Hour).Format(appview.TimeLayout) 149 + clientSession.Values[appview.SessionAuthenticated] = true 150 150 151 151 return clientSession.Save(r, w) 152 152 } ··· 176 176 } 177 177 178 178 func (a *Auth) GetSession(r *http.Request) (*sessions.Session, error) { 179 - return a.Store.Get(r, appview.SESSION_NAME) 179 + return a.Store.Get(r, appview.SessionName) 180 180 } 181 181 182 182 func (a *Auth) GetDID(r *http.Request) string { 183 - clientSession, _ := a.Store.Get(r, appview.SESSION_NAME) 184 - return clientSession.Values[appview.SESSION_DID].(string) 183 + clientSession, _ := a.Store.Get(r, appview.SessionName) 184 + return clientSession.Values[appview.SessionDid].(string) 185 185 } 186 186 187 187 func (a *Auth) GetHandle(r *http.Request) string { 188 - clientSession, _ := a.Store.Get(r, appview.SESSION_NAME) 189 - return clientSession.Values[appview.SESSION_HANDLE].(string) 188 + clientSession, _ := a.Store.Get(r, appview.SessionName) 189 + return clientSession.Values[appview.SessionHandle].(string) 190 190 }
+10 -12
appview/consts.go
··· 1 1 package appview 2 2 3 3 const ( 4 - SESSION_COOKIE_SECRET = "TODO_CHANGE_ME" 5 - SESSION_NAME = "appview-session" 6 - SESSION_HANDLE = "handle" 7 - SESSION_DID = "did" 8 - SESSION_PDS = "pds" 9 - SESSION_ACCESSJWT = "accessJwt" 10 - SESSION_REFRESHJWT = "refreshJwt" 11 - SESSION_EXPIRY = "expiry" 12 - SESSION_AUTHENTICATED = "authenticated" 13 - 14 - SALT = "TODO_RANDOM_SALT" 15 - TIME_LAYOUT = "2006-01-02 15:04:05.999999999 -0700 MST" 4 + SessionCookieSecret = "TODO_CHANGE_ME" 5 + SessionName = "appview-session" 6 + SessionHandle = "handle" 7 + SessionDid = "did" 8 + SessionPds = "pds" 9 + SessionAccessJwt = "accessJwt" 10 + SessionRefreshJwt = "refreshJwt" 11 + SessionExpiry = "expiry" 12 + SessionAuthenticated = "authenticated" 13 + TimeLayout = "2006-01-02 15:04:05.999999999 -0700 MST" 16 14 )
+7 -7
appview/state/middleware.go
··· 16 16 func AuthMiddleware(s *State) Middleware { 17 17 return func(next http.Handler) http.Handler { 18 18 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 19 - session, _ := s.auth.Store.Get(r, appview.SESSION_NAME) 20 - authorized, ok := session.Values[appview.SESSION_AUTHENTICATED].(bool) 19 + session, _ := s.auth.Store.Get(r, appview.SessionName) 20 + authorized, ok := session.Values[appview.SessionAuthenticated].(bool) 21 21 22 22 if !ok || !authorized { 23 23 log.Printf("not logged in, redirecting") ··· 27 27 28 28 // refresh if nearing expiry 29 29 // TODO: dedup with /login 30 - expiryStr := session.Values[appview.SESSION_EXPIRY].(string) 31 - expiry, err := time.Parse(appview.TIME_LAYOUT, expiryStr) 30 + expiryStr := session.Values[appview.SessionExpiry].(string) 31 + expiry, err := time.Parse(appview.TimeLayout, expiryStr) 32 32 if err != nil { 33 33 log.Println("invalid expiry time", err) 34 34 return 35 35 } 36 - pdsUrl := session.Values[appview.SESSION_PDS].(string) 37 - did := session.Values[appview.SESSION_DID].(string) 38 - refreshJwt := session.Values[appview.SESSION_REFRESHJWT].(string) 36 + pdsUrl := session.Values[appview.SessionPds].(string) 37 + did := session.Values[appview.SessionDid].(string) 38 + refreshJwt := session.Values[appview.SessionRefreshJwt].(string) 39 39 40 40 if time.Now().After(expiry) { 41 41 log.Println("token expired, refreshing ...")
+2 -2
appview/state/state.go
··· 92 92 93 93 return 94 94 case http.MethodPost: 95 - session, err := s.auth.Store.Get(r, appview.SESSION_NAME) 95 + session, err := s.auth.Store.Get(r, appview.SessionName) 96 96 if err != nil || session.IsNew { 97 97 log.Println("unauthorized attempt to generate registration key") 98 98 http.Error(w, "Forbidden", http.StatusUnauthorized) 99 99 return 100 100 } 101 101 102 - did := session.Values[appview.SESSION_DID].(string) 102 + did := session.Values[appview.SessionDid].(string) 103 103 104 104 // check if domain is valid url, and strip extra bits down to just host 105 105 domain := r.FormValue("domain")