Require access to Still via method

This commit adds a safeguard to accessing the still from a specific
component by requiring access via the component.GetStill method.

internal/dis/component/auth/api/api.go

@@ -36,8 +36,9 @@ type AuthInfo struct {
 }
 
 func (a *API) HandleRoute(ctx context.Context, path string) (http.Handler, error) {
+
 	return &Handler[AuthInfo]{
-		Config: a.Config,
+		Config: component.GetStill(a).Config,
 		Auth:   a.dependencies.Auth,
 
 		Methods: []string{"GET"},

internal/dis/component/auth/next/next.go

@@ -58,7 +58,7 @@ func (next *Next) getInstance(r *http.Request) (wisski *wisski.WissKI, path stri
 	}
 
 	// find the slug
-	slug, ok := next.Config.HTTP.SlugFromHost(url.Host)
+	slug, ok := component.GetStill(next).Config.HTTP.SlugFromHost(url.Host)
 	if slug == "" || !ok {
 		return nil, "", httpx.ErrBadRequest
 	}

internal/dis/component/auth/panel/ssh.go

@@ -5,6 +5,7 @@ import (
 	"errors"
 	"net/http"
 
+	"github.com/FAU-CDI/wisski-distillery/internal/dis/component"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/server/assets"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/server/templating"
@@ -64,9 +65,10 @@ func (panel *UserPanel) sshRoute(ctx context.Context) http.Handler {
 			return sc, err
 		}
 
-		sc.Domain = panel.Config.HTTP.PrimaryDomain
-		sc.PanelDomain = panel.Config.HTTP.PanelDomain()
-		sc.Port = panel.Config.Listen.SSHPort
+		config := component.GetStill(panel).Config
+		sc.Domain = config.HTTP.PrimaryDomain
+		sc.PanelDomain = config.HTTP.PanelDomain()
+		sc.Port = config.Listen.SSHPort
 
 		// pick the first domain that the user has access to as an example
 		grants, err := panel.dependencies.Policy.User(r.Context(), user.User.User)
@@ -75,7 +77,7 @@ func (panel *UserPanel) sshRoute(ctx context.Context) http.Handler {
 		} else {
 			sc.Slug = "example"
 		}
-		sc.Hostname = panel.Config.HTTP.HostFromSlug(sc.Slug)
+		sc.Hostname = config.HTTP.HostFromSlug(sc.Slug)
 
 		sc.Keys, err = panel.dependencies.Keys.Keys(r.Context(), user.User.User)
 		if err != nil {

internal/dis/component/auth/panel/tokens.go

@@ -5,6 +5,7 @@ import (
 	"html/template"
 	"net/http"
 
+	"github.com/FAU-CDI/wisski-distillery/internal/dis/component"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/server/assets"
 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component/server/templating"
@@ -52,7 +53,7 @@ func (panel *UserPanel) tokensRoute(ctx context.Context) http.Handler {
 			return tc, err
 		}
 
-		tc.Domain = template.URL(panel.Config.HTTP.JoinPath().String())
+		tc.Domain = template.URL(component.GetStill(panel).Config.HTTP.JoinPath().String())
 
 		// get the tokens
 		tc.Tokens, err = panel.dependencies.Tokens.Tokens(r.Context(), user.User.User)
@@ -178,7 +179,7 @@ func (panel *UserPanel) tokensAddRoute(ctx context.Context) http.Handler {
 			// render the created context
 			return panel.dependencies.Handling.WriteHTML(
 				tplDone.Context(r, TokenCreateContext{
-					Domain: template.URL(panel.Config.HTTP.JoinPath().String()),
+					Domain: template.URL(component.GetStill(panel).Config.HTTP.JoinPath().String()),
 					Token:  tok,
 				}),
 				nil,

internal/dis/component/auth/panel/user.go

@@ -46,8 +46,7 @@ func (panel *UserPanel) routeUser(ctx context.Context) http.Handler {
 		menuTOTPAction,
 		menuSSH,
 	}
-
-	if panel.Config.HTTP.API.Value {
+	if component.GetStill(panel).Config.HTTP.API.Value {
 		actions = append(actions, menuTokens)
 	}
 

internal/dis/component/auth/session.go

@@ -107,7 +107,7 @@ func (auth *Auth) checkUser(ctx context.Context, name string) (user *AuthUser, e
 // If the session is not set, creates a new session.
 func (auth *Auth) session(r *http.Request) (*sessions.Session, error) {
 	return auth.store.Get(func() sessions.Store {
-		return sessions.NewCookieStore([]byte(auth.Config.SessionSecret))
+		return sessions.NewCookieStore([]byte(component.GetStill(auth).Config.SessionSecret))
 	}).Get(r, server.SessionCookie)
 }