From 99ce47e9e52adf24100b5f4b5c8ada566b4e1d3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20=C3=85hall?= Date: Tue, 30 Jan 2024 07:06:42 +0100 Subject: [PATCH] #3, more info for own authentication handler --- database/pkg.go | 13 ++++++++++++- session.go | 43 ++++++++++++++++++++++--------------------- 2 files changed, 34 insertions(+), 22 deletions(-) diff --git a/database/pkg.go b/database/pkg.go index 9e5c122..6fd929e 100644 --- a/database/pkg.go +++ b/database/pkg.go @@ -214,7 +214,18 @@ func (db *T) RetrieveSession(uuid string) (sess *session.T, err error) {// {{{ return }// }}} func (db *T) SetSessionUser(uuid string, userID int) (err error) { // {{{ - _, err = db.Conn.Exec("UPDATE _webservice.session SET user_id=$1 WHERE uuid=$2", userID, uuid) + _, err = db.Conn.Exec(` + UPDATE _webservice.session + SET + user_id = CASE + WHEN $1 <= 0 THEN NULL + ELSE $1 + END + WHERE uuid=$2 + `, + userID, + uuid, + ) if err != nil { return } diff --git a/session.go b/session.go index d612f57..f69f0e5 100644 --- a/session.go +++ b/session.go @@ -15,14 +15,16 @@ import ( ) type AuthenticationRequest struct { - Username string - Password string + UserID int `json:"-"` + Username string + Password string + Additional interface{} } type AuthenticationResponse struct { - OK bool + OK bool Authenticated bool - UserID int + UserID int } type AuthenticationHandler func(AuthenticationRequest, bool) (AuthenticationResponse, error) @@ -64,7 +66,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo * respJSON, _ := json.Marshal( struct { - OK bool + OK bool Session session.T }{ true, @@ -75,7 +77,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo * w.Write(respJSON) } // }}} func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{ - var authenticated bool + var authenticatedByFramework bool var authResponse AuthenticationResponse var err error reqBody, _ := io.ReadAll(r.Body) @@ -91,40 +93,39 @@ func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Reque // Authenticate against webservice user table if using a database. var userID int if service.Db != nil { - authenticated, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password) + authenticatedByFramework, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password) if err != nil { service.errorHandler(err, "001-A002", w) return } - - if authenticated && userID > 0 { - err = service.Db.SetSessionUser(sess.UUID, userID) - if err != nil { - service.errorHandler(err, "001-A003", w) - return - } - } - + authRequest.UserID = userID } // The authentication handler is provided with the authenticated response of the possible database authentication, // and given a chance to override it. - authResponse, err = service.authenticationHandler(authRequest, authenticated) + authResponse, err = service.authenticationHandler(authRequest, authenticatedByFramework) if err != nil { service.errorHandler(err, "001-F002", w) return } authResponse.UserID = userID authResponse.OK = true - sess.Authenticated = authResponse.Authenticated + if authResponse.Authenticated && userID > 0 { + err = service.Db.SetSessionUser(sess.UUID, userID) + if err != nil { + service.errorHandler(err, "001-A003", w) + return + } + } + authResp, _ := json.Marshal(authResponse) w.Write(authResp) } // }}} -func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) {// {{{ +func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{ response := struct { - OK bool + OK bool Session *session.T }{ true, @@ -132,7 +133,7 @@ func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, } out, _ := json.Marshal(response) w.Write(out) -}// }}} +} // }}} func (service *Service) retrieveSession(uuid string) (session *session.T, found bool) { // {{{ var err error