#3, more info for own authentication handler

2024-01-30 07:06:42 +01:00 · 2024-01-30 07:06:42 +01:00 · 99ce47e9e5
commit 99ce47e9e5
parent 772c54f6fe
2 changed files with 34 additions and 22 deletions
--- a/database/pkg.go
+++ b/database/pkg.go
@ -214,7 +214,18 @@ func (db *T) RetrieveSession(uuid string) (sess *session.T, err error) {// {{{
 	return
 }// }}}
 func (db *T) SetSessionUser(uuid string, userID int) (err error) { // {{{
-	_, err = db.Conn.Exec("UPDATE _webservice.session SET user_id=$1 WHERE uuid=$2", userID, uuid)
+	_, err = db.Conn.Exec(`
+		UPDATE _webservice.session
+		SET
+			user_id = CASE
+				WHEN $1 <= 0 THEN NULL
+				ELSE $1
+			END
+		WHERE uuid=$2
+		`,
+		userID,
+		uuid,
+	)
 	if err != nil {
 		return
 	}
--- a/session.go
+++ b/session.go
@ -15,14 +15,16 @@ import (
 )

 type AuthenticationRequest struct {
-	Username string
-	Password string
+	UserID     int `json:"-"`
+	Username   string
+	Password   string
+	Additional interface{}
 }

 type AuthenticationResponse struct {
-	OK bool
+	OK            bool
 	Authenticated bool
-	UserID int
+	UserID        int
 }

 type AuthenticationHandler func(AuthenticationRequest, bool) (AuthenticationResponse, error)
@ -64,7 +66,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo *

 	respJSON, _ := json.Marshal(
 		struct {
-			OK   bool
+			OK      bool
 			Session session.T
 		}{
 			true,
@ -75,7 +77,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo *
 	w.Write(respJSON)
 } // }}}
 func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{
-	var authenticated bool
+	var authenticatedByFramework bool
 	var authResponse AuthenticationResponse
 	var err error
 	reqBody, _ := io.ReadAll(r.Body)
@ -91,40 +93,39 @@ func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Reque
 	// Authenticate against webservice user table if using a database.
 	var userID int
 	if service.Db != nil {
-		authenticated, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password)
+		authenticatedByFramework, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password)
 		if err != nil {
 			service.errorHandler(err, "001-A002", w)
 			return
 		}
-
-		if authenticated && userID > 0 {
-			err = service.Db.SetSessionUser(sess.UUID, userID)
-			if err != nil {
-				service.errorHandler(err, "001-A003", w)
-				return
-			}
-		}
-
+		authRequest.UserID = userID
 	}

 	// The authentication handler is provided with the authenticated response of the possible database authentication,
 	// and given a chance to override it.
-	authResponse, err = service.authenticationHandler(authRequest, authenticated)
+	authResponse, err = service.authenticationHandler(authRequest, authenticatedByFramework)
 	if err != nil {
 		service.errorHandler(err, "001-F002", w)
 		return
 	}
 	authResponse.UserID = userID
 	authResponse.OK = true
-
 	sess.Authenticated = authResponse.Authenticated

+	if authResponse.Authenticated && userID > 0 {
+		err = service.Db.SetSessionUser(sess.UUID, userID)
+		if err != nil {
+			service.errorHandler(err, "001-A003", w)
+			return
+		}
+	}
+
 	authResp, _ := json.Marshal(authResponse)
 	w.Write(authResp)
 } // }}}
-func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) {// {{{
+func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{
 	response := struct {
-		OK bool
+		OK      bool
 		Session *session.T
 	}{
 		true,
@ -132,7 +133,7 @@ func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request,
 	}
 	out, _ := json.Marshal(response)
 	w.Write(out)
-}// }}}
+} // }}}

 func (service *Service) retrieveSession(uuid string) (session *session.T, found bool) { // {{{
 	var err error