#3, more info for own authentication handler

2024-01-30 07:06:42 +01:00 · 2024-01-30 07:06:42 +01:00 · 99ce47e9e5
commit 99ce47e9e5
parent 772c54f6fe
2 changed files with 34 additions and 22 deletions
--- a/database/pkg.go
+++ b/database/pkg.go
@ -214,7 +214,18 @@ func (db *T) RetrieveSession(uuid string) (sess *session.T, err error) {// {{{
 	return
 }// }}}
 func (db *T) SetSessionUser(uuid string, userID int) (err error) { // {{{
-	_, err = db.Conn.Exec("UPDATE _webservice.session SET user_id=$1 WHERE uuid=$2", userID, uuid)
+	_, err = db.Conn.Exec(`
 		UPDATE _webservice.session
 		SET
 			user_id = CASE
 				WHEN $1 <= 0 THEN NULL
 				ELSE $1
 			END
 		WHERE uuid=$2
 		`,
 		userID,
 		uuid,
 	)
 	if err != nil {
 		return
 	}
--- a/session.go
+++ b/session.go
@ -15,14 +15,16 @@ import (
 )
 type AuthenticationRequest struct {
-	Username string
+	UserID     int `json:"-"`
-	Password string
+	Username   string
 	Password   string
 	Additional interface{}
 }
 type AuthenticationResponse struct {
-	OK bool
+	OK            bool
 	Authenticated bool
-	UserID int
+	UserID        int
 }
 type AuthenticationHandler func(AuthenticationRequest, bool) (AuthenticationResponse, error)
@ -64,7 +66,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo *
 	respJSON, _ := json.Marshal(
 		struct {
-			OK   bool
+			OK      bool
 			Session session.T
 		}{
 			true,
@ -75,7 +77,7 @@ func (service *Service) sessionNew(w http.ResponseWriter, r *http.Request, foo *
 	w.Write(respJSON)
 } // }}}
 func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{
-	var authenticated bool
+	var authenticatedByFramework bool
 	var authResponse AuthenticationResponse
 	var err error
 	reqBody, _ := io.ReadAll(r.Body)
@ -91,40 +93,39 @@ func (service *Service) sessionAuthenticate(w http.ResponseWriter, r *http.Reque
 	// Authenticate against webservice user table if using a database.
 	var userID int
 	if service.Db != nil {
-		authenticated, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password)
+		authenticatedByFramework, userID, err = service.Db.Authenticate(authRequest.Username, authRequest.Password)
 		if err != nil {
 			service.errorHandler(err, "001-A002", w)
 			return
 		}
-
+		authRequest.UserID = userID
 		if authenticated && userID > 0 {
 			err = service.Db.SetSessionUser(sess.UUID, userID)
 			if err != nil {
 				service.errorHandler(err, "001-A003", w)
 				return
 			}
 		}
 	}
 	// The authentication handler is provided with the authenticated response of the possible database authentication,
 	// and given a chance to override it.
-	authResponse, err = service.authenticationHandler(authRequest, authenticated)
+	authResponse, err = service.authenticationHandler(authRequest, authenticatedByFramework)
 	if err != nil {
 		service.errorHandler(err, "001-F002", w)
 		return
 	}
 	authResponse.UserID = userID
 	authResponse.OK = true
 	sess.Authenticated = authResponse.Authenticated
 	if authResponse.Authenticated && userID > 0 {
 		err = service.Db.SetSessionUser(sess.UUID, userID)
 		if err != nil {
 			service.errorHandler(err, "001-A003", w)
 			return
 		}
 	}
 	authResp, _ := json.Marshal(authResponse)
 	w.Write(authResp)
 } // }}}
-func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) {// {{{
+func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request, sess *session.T) { // {{{
 	response := struct {
-		OK bool
+		OK      bool
 		Session *session.T
 	}{
 		true,
@ -132,7 +133,7 @@ func (service *Service) sessionRetrieve(w http.ResponseWriter, r *http.Request,
 	}
 	out, _ := json.Marshal(response)
 	w.Write(out)
-}// }}}
+} // }}}
 func (service *Service) retrieveSession(uuid string) (session *session.T, found bool) { // {{{
 	var err error