session handler with cookies.

2025-05-28 16:37:15 +02:00 · 2021-01-29 22:22:14 +01:00 · 2021-01-29 22:22:14 +01:00 · 6d59b3feff
commit 6d59b3feff
parent 546cd608c3
5 changed files with 113 additions and 17 deletions
--- a/internal/api/session.go
+++ b/internal/api/session.go
@ -0,0 +1,80 @@
+package api
+
+import (
+	"time"
+	"net/http"
+
+	"demodesk/neko/internal/utils"
+	"demodesk/neko/internal/types"
+	"demodesk/neko/internal/http/auth"
+)
+
+type SessionLoginPayload struct {
+	ID     string `json:"id"`
+	Secret string `json:"secret"`
+}
+
+type SessionWhoamiPayload struct {
+	ID      string              `json:"id"`
+	Profile types.MemberProfile `json:"profile"`
+	State   types.MemberState   `json:"state"`
+}
+
+func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) {
+	data := &SessionLoginPayload{}
+	if !utils.HttpJsonRequest(w, r, data) {
+		return
+	}
+
+	session, err := api.sessions.Authenticate(data.ID, data.Secret)
+	if err != nil {
+		utils.HttpUnauthorized(w, err)
+		return
+	}
+
+	http.SetCookie(w, &http.Cookie{
+		Name: "neko-id",
+		Value: session.ID(),
+		Expires: time.Now().Add(365 * 24 * time.Hour),
+		HttpOnly: false,
+	})
+
+	http.SetCookie(w, &http.Cookie{
+		Name: "neko-secret",
+		Value: data.Secret,
+		Expires: time.Now().Add(365 * 24 * time.Hour),
+		HttpOnly: true,
+	})
+
+	utils.HttpSuccess(w)
+}
+
+func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) {
+	http.SetCookie(w, &http.Cookie{
+		Name: "neko-id",
+		Value: "",
+		Path: "/",
+		Expires: time.Unix(0, 0),
+		HttpOnly: false,
+	})
+
+	http.SetCookie(w, &http.Cookie{
+		Name: "neko-secret",
+		Value: "",
+		Path: "/",
+		Expires: time.Unix(0, 0),
+		HttpOnly: true,
+	})
+
+	utils.HttpSuccess(w)
+}
+
+func (api *ApiManagerCtx) Whoami(w http.ResponseWriter, r *http.Request) {
+	session := auth.GetSession(r)
+
+	utils.HttpSuccess(w, SessionWhoamiPayload{
+		ID:      session.ID(),
+		Profile: session.GetProfile(),
+		State:   session.GetState(),
+	})
+}