pcmt/handlers/middleware.go
surtur 6b45213649
All checks were successful
continuous-integration/drone/push Build is passing
go: add user onboarding, HIBP search functionality
* add user onboarding workflow
* fix user editing (no edits of passwords of regular users after
  onboarding)
* refresh HIBP breach cache in DB on app start-up
* display HIBP breach details
* fix request scheduling to prevent panics (this still needs some love..)
* fix middleware auth
* add TODOs
* update head.tmpl
* reword some error messages
2023-08-24 18:43:24 +02:00

147 lines
3.4 KiB
Go

// Copyright 2023 wanderer <a_mirre at utb dot cz>
// SPDX-License-Identifier: AGPL-3.0-only
package handlers
import (
"context"
"net/http"
"strings"
moduser "git.dotya.ml/mirre-mt/pcmt/modules/user"
"github.com/CAFxX/httpcompression"
"github.com/CAFxX/httpcompression/contrib/andybalholm/brotli"
"github.com/CAFxX/httpcompression/contrib/compress/gzip"
"github.com/labstack/echo-contrib/session"
"github.com/labstack/echo/v4"
)
func MiddlewareSession(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
sess, _ := session.Get(setting.SessionCookieName(), c)
var username string
// uname, ok := sess.Values["username"].(string)
uname := sess.Values["username"]
if uname != nil {
username = uname.(string)
log.Debug("Refreshing session cookie", "username", username, "module", "middleware")
refreshSession(
sess,
"/",
setting.SessionMaxAge(),
true,
c.Request().URL.Scheme == "https", //nolint:goconst
http.SameSiteStrictMode,
)
c.Set("sess", sess)
var u moduser.User
ctx := context.WithValue(context.Background(), moduser.CtxKey{}, slogger)
if usr, err := moduser.QueryUser(ctx, dbclient, username); err == nil && usr != nil {
u.ID = usr.ID
u.Username = usr.Username
u.IsAdmin = usr.IsAdmin
u.CreatedAt = usr.CreatedAt
u.IsActive = usr.IsActive
u.IsLoggedIn = true
} else {
c.Logger().Error(http.StatusText(http.StatusInternalServerError) + " - " + err.Error())
return renderErrorPage(
c,
http.StatusInternalServerError,
http.StatusText(http.StatusInternalServerError),
err.Error(),
)
}
c.Set("sloggerCtx", ctx)
c.Set("sessUsr", u)
if err := sess.Save(c.Request(), c.Response()); err != nil {
c.Logger().Error("Failed to save session", "module", "middleware")
return renderErrorPage(
c,
http.StatusInternalServerError,
http.StatusText(http.StatusInternalServerError)+" (make sure you've got cookies enabled)",
err.Error(),
)
}
return next(c)
}
if !sess.IsNew {
c.Logger().Errorf("%d - %s", http.StatusUnauthorized, "you need to log in")
return c.Redirect(http.StatusTemporaryRedirect, "/signin")
}
// return renderErrorPage(
// c,
// http.StatusUnauthorized,
// http.StatusText(http.StatusUnauthorized),
// ErrNoSession.Error(),
// )
c.Logger().Warn("Could not get username from the cookie")
return next(c)
}
}
var cacheExtensions = [2]string{".png", ".svg"}
func MiddlewareCache(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
cache := false
for _, v := range cacheExtensions {
if strings.HasSuffix(c.Request().URL.Path, v) {
cache = true
break
}
}
if cache {
c.Response().Header().Set(echo.HeaderCacheControl, "300")
}
return next(c)
}
}
func WrapMiddlewareCompress() (echo.MiddlewareFunc, error) {
brEnc, err := brotli.New(brotli.Options{})
if err != nil {
return nil, err
}
gzEnc, err := gzip.New(gzip.Options{})
if err != nil {
return nil, err
}
blocklist := true
a, _ := httpcompression.Adapter(
httpcompression.Compressor(brotli.Encoding, 1, brEnc),
httpcompression.Compressor(gzip.Encoding, 0, gzEnc),
httpcompression.Prefer(httpcompression.PreferServer),
httpcompression.MinSize(100),
httpcompression.ContentTypes([]string{
"image/jpeg",
"image/gif",
"image/png",
}, blocklist),
)
return echo.WrapMiddleware(a), nil
}