WIP

2023-06-22 13:30:44 +02:00 · 2023-06-22 13:30:44 +02:00 · effa79aacd
commit effa79aacd
parent 4b93d7dace
10 changed files with 56 additions and 20 deletions
--- a/internal/dis/component/auth/api/api.go
+++ b/internal/dis/component/auth/api/api.go
@ -44,7 +44,7 @@ func (a *API) HandleRoute(ctx context.Context, path string) (http.Handler, error

 		Handler: func(s string, r *http.Request) (ai AuthInfo, err error) {
 			var user *auth.AuthUser
-			user, ai.Token, err = a.Dependencies.Auth.UserOf(r)
+			user, err = a.Dependencies.Auth.SessionOf(r)
 			if user != nil {
 				ai.User = user.User.User
 			}
--- a/internal/dis/component/auth/next/next.go
+++ b/internal/dis/component/auth/next/next.go
@ -80,7 +80,7 @@ func (next *Next) HandleRoute(ctx context.Context, path string) (http.Handler, e
 		}

 		// get the user
-		user, _, err := next.Dependencies.Auth.UserOf(r)
+		user, _, err := next.Dependencies.Auth.SessionOf(r)
 		if err != nil {
 			return "", 0, err
 		}
--- a/internal/dis/component/auth/protect.go
+++ b/internal/dis/component/auth/protect.go
@ -23,7 +23,7 @@ func (auth *Auth) Protect(handler http.Handler, AllowToken bool, scope component

 		// load the user in the session
 		// TODO<tokens>: Check if API access is allowed
-		user, token, err := auth.UserOf(r)
+		user, token, err := auth.SessionOf(r)
 		if err != nil {
 			goto err
 		}
--- a/internal/dis/component/auth/scopes/admin.go
+++ b/internal/dis/component/auth/scopes/admin.go
@ -32,6 +32,6 @@ func (*AdminLoggedIn) Scope() component.ScopeInfo {
 }

 func (al *AdminLoggedIn) HasScope(param string, r *http.Request) (bool, error) {
-	user, _, err := al.Dependencies.Auth.UserOf(r)
+	user, _, err := al.Dependencies.Auth.SessionOf(r)
 	return user != nil && user.IsAdmin() && user.IsTOTPEnabled(), err
 }
--- a/internal/dis/component/auth/scopes/user.go
+++ b/internal/dis/component/auth/scopes/user.go
@ -31,6 +31,6 @@ func (*UserLoggedIn) Scope() component.ScopeInfo {
 }

 func (iu *UserLoggedIn) HasScope(param string, r *http.Request) (bool, error) {
-	user, _, err := iu.Dependencies.Auth.UserOf(r)
+	user, _, err := iu.Dependencies.Auth.SessionOf(r)
 	return user != nil, err
 }
--- a/internal/dis/component/auth/session.go
+++ b/internal/dis/component/auth/session.go
@ -18,27 +18,30 @@ import (
 	_ "embed"
 )

-// UserOf returns the user logged into the provided request.
+// SessionOf returns the session and user logged into the provided request.
 // token indicates if the user used a token to authenticate, or a browser session was used.
 // A token takes priority over a user in a session.
 //
 // If there is no user associated with the given request, user and error are nil, and token is false.
 // An invalid session, expired token, or disabled user all result in user = nil.
 //
-// When no UserOf exists in the given session returns nil.
-func (auth *Auth) UserOf(r *http.Request) (user *AuthUser, token bool, err error) {
+// When no SessionOf exists in the given session returns nil.
+func (auth *Auth) SessionOf(r *http.Request) (session component.SessionInfo, user *AuthUser, err error) {
 	// check the user from the token first
 	{
 		user, err := auth.UserOfToken(r)
 		if user != nil && err == nil {
-			return user, true, nil
+			return component.SessionInfo{User: &user.User, Token: true}, user, nil
 		}
 	}

 	// fallback to using session
 	{
 		user, err := auth.UserOfSession(r)
-		return user, false, err
+		if err != nil {
+			return component.SessionInfo{}, nil, err
+		}
+		return component.SessionInfo{User: &user.User, Token: false}, user, nil
 	}
 }