fosrl/badger
1
0
Fork 0
mirror of https://github.com/fosrl/badger.git synced 2025-05-14 22:30:38 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

basic redirect test

Browse source
This commit is contained in:
Milo Schwartz 2024-10-06 18:10:17 -04:00
parent f92225f24e
commit 387ce901b9
No known key found for this signature in database
2 changed files with 31 additions and 36 deletions

4
.traefik.yml
View file

@ -6,5 +6,5 @@ import: github.com/fosrl/badger
summary: Middleware auth bouncer for Fossorial summary: Middleware auth bouncer for Fossorial
testData: testData:
apiAddress: http://pangolin:3001 apiBaseUrl: http://localhost:3001/api/v1
validToken: abc123 appBaseUrl: http://localhost:3000

63
main.go
View file

@ -2,13 +2,16 @@ package badger
import ( import (
"context" "context"
"fmt"
"net/http" "net/http"
"time" "net/url"
) )
const SessionCookieName = "session"
type Config struct { type Config struct {
APIAddress string `json:"apiAddress"` AppBaseUrl string `json:"appBaseUrl"`
ValidToken string `json:"validToken"` APIBaseUrl string `json:"apiBaseUrl"`
} }
func CreateConfig() *Config { func CreateConfig() *Config {
@ -18,52 +21,44 @@ func CreateConfig() *Config {
type Badger struct { type Badger struct {
next http.Handler next http.Handler
name string name string
apiAdress string appBaseUrl string
validToken string apiBaseUrl string
} }
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) { func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
return &Badger{ return &Badger{
next: next, next: next,
name: name, name: name,
apiAdress: config.APIAddress, appBaseUrl: config.AppBaseUrl,
validToken: config.ValidToken, apiBaseUrl: config.APIBaseUrl,
}, nil }, nil
} }
// THIS IS AN EAXMPLE FOR TESTING
var usedTokens = make(map[string]bool)
const cookieName = "access_token"
const cookieDuration = 1 * time.Minute
func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) { func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
if _, err := req.Cookie(cookieName); err == nil { // Check if the session cookie exists
p.next.ServeHTTP(rw, req) cookie, err := req.Cookie(SessionCookieName)
if err != nil {
// No session cookie, redirect to login
originalRequestURL := url.QueryEscape(req.URL.String())
http.Redirect(rw, req, fmt.Sprintf("%s/auth/login?redirect=%s", p.appBaseUrl, originalRequestURL), http.StatusFound)
return return
} }
queryToken := req.URL.Query().Get("token") // Verify the user with the session ID
if queryToken == "" { sessionID := cookie.Value
http.Error(rw, "Missing token", http.StatusUnauthorized) verifyURL := fmt.Sprintf("%s/badger/verify-user?sessionId=%s", p.apiBaseUrl, sessionID)
resp, err := http.Get(verifyURL)
if err != nil || resp.StatusCode != http.StatusOK {
// If unauthorized (401), redirect to the homepage
if resp != nil && resp.StatusCode == http.StatusUnauthorized {
http.Redirect(rw, req, p.appBaseUrl, http.StatusFound)
} else {
// Handle other errors, possibly log them (you can adjust the error handling here)
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
}
return return
} }
if queryToken != p.validToken || usedTokens[queryToken] {
http.Error(rw, "Invalid or already used token", http.StatusUnauthorized)
return
}
usedTokens[queryToken] = true
expiration := time.Now().Add(cookieDuration)
http.SetCookie(rw, &http.Cookie{
Name: cookieName,
Value: "temporary-access",
Expires: expiration,
Path: "/",
})
p.next.ServeHTTP(rw, req) p.next.ServeHTTP(rw, req)
} }