diff --git a/handler/download/download.go b/handler/download/download.go index e9d8b89..cb48aa8 100644 --- a/handler/download/download.go +++ b/handler/download/download.go @@ -1,13 +1,10 @@ package downloadHandler import ( - "errors" "net/http" "github.com/fossyy/filekeeper/db" "github.com/fossyy/filekeeper/logger" - "github.com/fossyy/filekeeper/middleware" - "github.com/fossyy/filekeeper/session" "github.com/fossyy/filekeeper/types" "github.com/fossyy/filekeeper/utils" downloadView "github.com/fossyy/filekeeper/view/download" @@ -20,26 +17,7 @@ func init() { } func GET(w http.ResponseWriter, r *http.Request) { - cookie, err := r.Cookie("Session") - if err != nil { - if errors.Is(err, http.ErrNoCookie) { - http.Redirect(w, r, "/signin", http.StatusSeeOther) - return - } - log.Error(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - storeSession.Destroy(w) - } - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - userSession := middleware.GetUser(storeSession) - + userSession := r.Context().Value("user").(types.User) files, err := db.DB.GetFiles(userSession.UserID.String()) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) diff --git a/handler/misc/misc.go b/handler/misc/misc.go deleted file mode 100644 index a4d6241..0000000 --- a/handler/misc/misc.go +++ /dev/null @@ -1,13 +0,0 @@ -package miscHandler - -import ( - "net/http" -) - -func Robot(w http.ResponseWriter, r *http.Request) { - http.Redirect(w, r, "/public/robots.txt", http.StatusSeeOther) -} - -func Favicon(w http.ResponseWriter, r *http.Request) { - http.Redirect(w, r, "/public/favicon.ico", http.StatusSeeOther) -} diff --git a/handler/upload/initialisation/initialisation.go b/handler/upload/initialisation/initialisation.go index 634101f..a8afdc6 100644 --- a/handler/upload/initialisation/initialisation.go +++ b/handler/upload/initialisation/initialisation.go @@ -10,8 +10,6 @@ import ( "github.com/fossyy/filekeeper/db" "github.com/fossyy/filekeeper/logger" - "github.com/fossyy/filekeeper/middleware" - "github.com/fossyy/filekeeper/session" "github.com/fossyy/filekeeper/types" "github.com/fossyy/filekeeper/types/models" "github.com/google/uuid" @@ -25,21 +23,7 @@ func init() { } func POST(w http.ResponseWriter, r *http.Request) { - cookie, err := r.Cookie("Session") - if err != nil { - handleError(w, err, http.StatusInternalServerError) - return - } - - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - storeSession.Destroy(w) - } - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - userSession := middleware.GetUser(storeSession) + userSession := r.Context().Value("user").(types.User) body, err := io.ReadAll(r.Body) if err != nil { diff --git a/handler/upload/upload.go b/handler/upload/upload.go index b17b436..7beda57 100644 --- a/handler/upload/upload.go +++ b/handler/upload/upload.go @@ -3,6 +3,7 @@ package uploadHandler import ( "errors" "github.com/fossyy/filekeeper/db" + "github.com/fossyy/filekeeper/types" "io" "net/http" "os" @@ -11,8 +12,6 @@ import ( "sync" "github.com/fossyy/filekeeper/logger" - "github.com/fossyy/filekeeper/middleware" - "github.com/fossyy/filekeeper/session" filesView "github.com/fossyy/filekeeper/view/upload" ) @@ -38,22 +37,7 @@ func POST(w http.ResponseWriter, r *http.Request) { return } - cookie, err := r.Cookie("Session") - if err != nil { - handleCookieError(w, r, err) - return - } - - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - storeSession.Destroy(w) - } - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - userSession := middleware.GetUser(storeSession) + userSession := r.Context().Value("user").(types.User) if r.FormValue("done") == "true" { db.DB.FinalizeFileUpload(fileID) diff --git a/handler/user/user.go b/handler/user/user.go index 82c376e..abe001d 100644 --- a/handler/user/user.go +++ b/handler/user/user.go @@ -1,11 +1,10 @@ package userHandler import ( - "errors" + "github.com/fossyy/filekeeper/types" "net/http" "github.com/fossyy/filekeeper/logger" - "github.com/fossyy/filekeeper/middleware" "github.com/fossyy/filekeeper/session" userView "github.com/fossyy/filekeeper/view/user" ) @@ -17,27 +16,9 @@ func init() { } func GET(w http.ResponseWriter, r *http.Request) { - cookie, err := r.Cookie("Session") - if err != nil { - return - } - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - storeSession.Destroy(w) - } - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - userSession := middleware.GetUser(storeSession) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - log.Error(err.Error()) - return - } - + userSession := r.Context().Value("user").(types.User) component := userView.Main("User Page", userSession.Email, userSession.Username, session.UserSessionInfoList[userSession.Email]) - err = component.Render(r.Context(), w) + err := component.Render(r.Context(), w) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) log.Error(err.Error()) diff --git a/middleware/middleware.go b/middleware/middleware.go index fbcb4d8..eea2a6a 100644 --- a/middleware/middleware.go +++ b/middleware/middleware.go @@ -1,7 +1,7 @@ package middleware import ( - "errors" + "context" "fmt" "net/http" "strings" @@ -9,7 +9,6 @@ import ( errorHandler "github.com/fossyy/filekeeper/handler/error" "github.com/fossyy/filekeeper/logger" "github.com/fossyy/filekeeper/session" - "github.com/fossyy/filekeeper/types" "github.com/fossyy/filekeeper/utils" ) @@ -60,90 +59,56 @@ func Handler(next http.Handler) http.Handler { } func Auth(next http.HandlerFunc, w http.ResponseWriter, r *http.Request) { - cookie, err := r.Cookie("Session") - if err != nil { - if errors.Is(err, http.ErrNoCookie) { - http.SetCookie(w, &http.Cookie{ - Name: "redirect", - Value: r.RequestURI, - Path: "/", - }) - http.Redirect(w, r, "/signin", http.StatusSeeOther) - return - } - log.Error(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) + status, user := session.GetSession(r) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - storeSession.Destroy(w) - http.Redirect(w, r, "/signin", http.StatusSeeOther) - return - } - log.Error(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) + switch status { + case session.Authorized: + ctx := context.WithValue(r.Context(), "user", user) + req := r.WithContext(ctx) + r.Context().Value("user") + next.ServeHTTP(w, req) + return + case session.Unauthorized: + http.SetCookie(w, &http.Cookie{ + Name: "redirect", + Value: r.RequestURI, + Path: "/", + }) + http.Redirect(w, r, "/signin", http.StatusSeeOther) + return + case session.InvalidSession: + http.SetCookie(w, &http.Cookie{ + Name: "Session", + Value: "", + Path: "/", + MaxAge: -1, + }) + http.Redirect(w, r, "/signin", http.StatusSeeOther) + return + default: + http.Redirect(w, r, "/", http.StatusSeeOther) return } - userSession := GetUser(storeSession) - if userSession.Authenticated { - session.GetSessionInfo(storeSession.Values["user"].(types.User).Email, cookie.Value).UpdateAccessTime() - next.ServeHTTP(w, r) - return - } - http.SetCookie(w, &http.Cookie{ - Name: "redirect", - Value: r.RequestURI, - Path: "/", - }) - http.Redirect(w, r, "/signin", http.StatusSeeOther) - return } func Guest(next http.HandlerFunc, w http.ResponseWriter, r *http.Request) { - cookie, err := r.Cookie("Session") - if err != nil { - if errors.Is(err, http.ErrNoCookie) { - next.ServeHTTP(w, r) - return - } - log.Error(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) + status, _ := session.GetSession(r) + + switch status { + case session.Authorized: + http.Redirect(w, r, "/", http.StatusSeeOther) return - } - storeSession, err := session.GlobalSessionStore.Get(cookie.Value) - if err != nil { - if errors.Is(err, &session.SessionNotFoundError{}) { - http.SetCookie(w, &http.Cookie{ - Name: "Session", - Value: "", - MaxAge: -1, - }) - next.ServeHTTP(w, r) - return - } else { - log.Error(err.Error()) - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - } - userSession := GetUser(storeSession) - if !userSession.Authenticated { + case session.Unauthorized: + next.ServeHTTP(w, r) + return + case session.InvalidSession: + http.SetCookie(w, &http.Cookie{ + Name: "Session", + Value: "", + Path: "/", + MaxAge: -1, + }) next.ServeHTTP(w, r) return } - http.Redirect(w, r, "/", http.StatusSeeOther) - return -} - -func GetUser(s *session.Session) types.User { - val := s.Values["user"] - var userSession = types.User{} - userSession, ok := val.(types.User) - if !ok { - return types.User{Authenticated: false} - } - return userSession } diff --git a/routes/routes.go b/routes/routes.go index e151bbd..51c46df 100644 --- a/routes/routes.go +++ b/routes/routes.go @@ -10,7 +10,6 @@ import ( forgotPasswordVerifyHandler "github.com/fossyy/filekeeper/handler/forgotPassword/verify" indexHandler "github.com/fossyy/filekeeper/handler/index" logoutHandler "github.com/fossyy/filekeeper/handler/logout" - miscHandler "github.com/fossyy/filekeeper/handler/misc" signinHandler "github.com/fossyy/filekeeper/handler/signin" signupHandler "github.com/fossyy/filekeeper/handler/signup" signupVerifyHandler "github.com/fossyy/filekeeper/handler/signup/verify" @@ -187,11 +186,11 @@ func SetupRoutes() *http.ServeMux { }) handler.HandleFunc("/robots.txt", func(w http.ResponseWriter, r *http.Request) { - miscHandler.Robot(w, r) + http.ServeFile(w, r, "public/robots.txt") }) handler.HandleFunc("/favicon.ico", func(w http.ResponseWriter, r *http.Request) { - http.Redirect(w, r, "/public/favicon.ico", http.StatusSeeOther) + http.ServeFile(w, r, "public/favicon.ico") }) fileServer := http.FileServer(http.Dir("./public")) diff --git a/session/session.go b/session/session.go index 73b7b8d..abc1574 100644 --- a/session/session.go +++ b/session/session.go @@ -1,6 +1,8 @@ package session import ( + "errors" + "github.com/fossyy/filekeeper/types" "net/http" "strconv" "sync" @@ -30,6 +32,14 @@ type SessionInfo struct { AccessAt string } +type UserStatus string + +const ( + Authorized UserStatus = "authorized" + Unauthorized UserStatus = "unauthorized" + InvalidSession UserStatus = "invalid_session" +) + type SessionInfoList map[string][]*SessionInfo var GlobalSessionStore = SessionStore{Sessions: make(map[string]*Session)} @@ -125,3 +135,27 @@ func (sessionInfo *SessionInfo) UpdateAccessTime() { formattedTime := currentTime.Format("01-02-2006") sessionInfo.AccessAt = formattedTime } + +func GetSession(r *http.Request) (UserStatus, types.User) { + cookie, err := r.Cookie("Session") + if err != nil { + return Unauthorized, types.User{} + } + + storeSession, err := GlobalSessionStore.Get(cookie.Value) + if err != nil { + if errors.Is(err, &SessionNotFoundError{}) { + return InvalidSession, types.User{} + } + return Unauthorized, types.User{} + } + + val := storeSession.Values["user"] + var userSession = types.User{} + userSession, ok := val.(types.User) + if !ok { + return Unauthorized, types.User{} + } + + return Authorized, userSession +}