Beispiel #1
0
func WithAuthentication(h ContextHandler) ContextHandler {
	return ContextHandlerFunc(func(ctx context.Context, w http.ResponseWriter, req *http.Request) error {
		user, err := auth.GetUserCookie(req)
		// if no active user session then authorize user
		if err != nil || user.Id() == "" {
			http.Redirect(w, req, auth.Config.LoginRedirect, http.StatusSeeOther)
			log.Warnf("unidentified user: %+v", user)
			return nil
		}
		if _, ok := accessibleEmail[user.Email()]; !ok {
			auth.DeleteUserCookie(w, req)
			http.Redirect(w, req, "http://google.com", http.StatusSeeOther)
			log.Warnf("unidentified user: %+v", user)
			return nil
		}

		ctx = context.WithValue(ctx, userKey, &user)

		userID := fmt.Sprintf("%+v", user)

		globalStorage.Lock()
		// (X) this will deadlock
		// defer globalStorage.Unlock()
		if globalStorage.userIDToData[userID] == nil {
			globalStorage.userIDToData[userID] = &data{}
		}
		globalStorage.Unlock()

		return h.ServeHTTPContext(ctx, w, req)
	})
}
Beispiel #2
0
func secreteHandler(w http.ResponseWriter, req *http.Request) {
	switch req.Method {
	case "GET":
		user, err := auth.GetUserCookie(req)
		if err != nil {
			w.WriteHeader(http.StatusBadRequest)
			fmt.Fprintln(w, err)
			return
		}
		if user.Email() != "*****@*****.**" {
			fmt.Println("only [email protected] can access")
			auth.DeleteUserCookie(w, req)
			http.Redirect(w, req, "http://google.com", http.StatusSeeOther)
		}
		fmt.Fprintf(w, `<a href="/auth/logout">logout</a><br>authorized user: %+v`, user)

	default:
		http.Error(w, "Method Not Allowed", 405)
	}
}
Beispiel #3
0
// https://github.com/bradrydzewski/go.auth/blob/master/auth.go
func WithAuthentication(h ContextHandler) ContextHandler {
	return ContextHandlerFunc(func(ctx context.Context, w http.ResponseWriter, req *http.Request) error {
		user, err := auth.GetUserCookie(req)
		// if no active user session then authorize user
		if err != nil || user.Id() == "" {
			http.Redirect(w, req, auth.Config.LoginRedirect, http.StatusSeeOther)
			log.Warnf("unidentified user: %+v", user)
			return nil
		}
		if _, ok := accessibleEmail[user.Email()]; !ok {
			auth.DeleteUserCookie(w, req)
			http.Redirect(w, req, "http://google.com", http.StatusSeeOther)
			log.Warnf("unidentified user: %+v", user)
			return nil
		}
		// else, add the user to the URL and continue
		// req.URL.User = url.User(user.Id())

		ctx = context.WithValue(ctx, UserKey, &user)
		return h.ServeHTTPContext(ctx, w, req)
	})
}