From 7897d8a8ad87c0bb26bb8156ba09fc9fab62f565 Mon Sep 17 00:00:00 2001 From: Frédéric Guillot Date: Mon, 21 Jan 2019 20:21:05 -0800 Subject: Handle the case when application session is expired and not user session --- ui/middleware.go | 23 ++++++++++++++++------- ui/session/session.go | 16 ++++++++-------- ui/ui.go | 2 +- 3 files changed, 25 insertions(+), 16 deletions(-) (limited to 'ui') diff --git a/ui/middleware.go b/ui/middleware.go index 237432a..81fb3a5 100644 --- a/ui/middleware.go +++ b/ui/middleware.go @@ -61,12 +61,21 @@ func (m *middleware) handleAppSession(next http.Handler) http.Handler { session := m.getAppSessionValueFromCookie(r) if session == nil { - logger.Debug("[UI:AppSession] Session not found") - - session, err = m.store.CreateSession() - if err != nil { - html.ServerError(w, r, err) - return + if (request.IsAuthenticated(r)) { + userID := request.UserID(r) + logger.Debug("[UI:AppSession] Cookie expired but user #%d is logged: creating a new session", userID) + session, err = m.store.CreateAppSessionWithUserPrefs(userID) + if err != nil { + html.ServerError(w, r, err) + return + } + } else { + logger.Debug("[UI:AppSession] Session not found, creating a new one") + session, err = m.store.CreateAppSession() + if err != nil { + html.ServerError(w, r, err) + return + } } http.SetCookie(w, cookie.New(cookie.CookieSessionID, session.ID, m.cfg.IsHTTPS, m.cfg.BasePath())) @@ -104,7 +113,7 @@ func (m *middleware) getAppSessionValueFromCookie(r *http.Request) *model.Sessio return nil } - session, err := m.store.Session(cookieValue) + session, err := m.store.AppSession(cookieValue) if err != nil { logger.Error("[UI:AppSession] %v", err) return nil diff --git a/ui/session/session.go b/ui/session/session.go index 2351866..0874f92 100644 --- a/ui/session/session.go +++ b/ui/session/session.go @@ -18,49 +18,49 @@ type Session struct { // NewOAuth2State generates a new OAuth2 state and stores the value into the database. func (s *Session) NewOAuth2State() string { state := crypto.GenerateRandomString(32) - s.store.UpdateSessionField(s.sessionID, "oauth2_state", state) + s.store.UpdateAppSessionField(s.sessionID, "oauth2_state", state) return state } // NewFlashMessage creates a new flash message. func (s *Session) NewFlashMessage(message string) { - s.store.UpdateSessionField(s.sessionID, "flash_message", message) + s.store.UpdateAppSessionField(s.sessionID, "flash_message", message) } // FlashMessage returns the current flash message if any. func (s *Session) FlashMessage(message string) string { if message != "" { - s.store.UpdateSessionField(s.sessionID, "flash_message", "") + s.store.UpdateAppSessionField(s.sessionID, "flash_message", "") } return message } // NewFlashErrorMessage creates a new flash error message. func (s *Session) NewFlashErrorMessage(message string) { - s.store.UpdateSessionField(s.sessionID, "flash_error_message", message) + s.store.UpdateAppSessionField(s.sessionID, "flash_error_message", message) } // FlashErrorMessage returns the last flash error message if any. func (s *Session) FlashErrorMessage(message string) string { if message != "" { - s.store.UpdateSessionField(s.sessionID, "flash_error_message", "") + s.store.UpdateAppSessionField(s.sessionID, "flash_error_message", "") } return message } // SetLanguage updates the language field in session. func (s *Session) SetLanguage(language string) { - s.store.UpdateSessionField(s.sessionID, "language", language) + s.store.UpdateAppSessionField(s.sessionID, "language", language) } // SetTheme updates the theme field in session. func (s *Session) SetTheme(theme string) { - s.store.UpdateSessionField(s.sessionID, "theme", theme) + s.store.UpdateAppSessionField(s.sessionID, "theme", theme) } // SetPocketRequestToken updates Pocket Request Token. func (s *Session) SetPocketRequestToken(requestToken string) { - s.store.UpdateSessionField(s.sessionID, "pocket_request_token", requestToken) + s.store.UpdateAppSessionField(s.sessionID, "pocket_request_token", requestToken) } // New returns a new session handler. diff --git a/ui/ui.go b/ui/ui.go index 91d4783..71bbe69 100644 --- a/ui/ui.go +++ b/ui/ui.go @@ -22,8 +22,8 @@ func Serve(router *mux.Router, cfg *config.Config, store *storage.Storage, pool handler := &handler{router, cfg, store, template.NewEngine(cfg, router), pool, feedHandler} uiRouter := router.NewRoute().Subrouter() - uiRouter.Use(middleware.handleAppSession) uiRouter.Use(middleware.handleUserSession) + uiRouter.Use(middleware.handleAppSession) // Static assets. uiRouter.HandleFunc("/stylesheets/{name}.css", handler.showStylesheet).Name("stylesheet").Methods("GET") -- cgit v1.2.3