move server to server directory.

2025-05-18 11:36:59 +02:00 · 2024-06-23 17:48:14 +02:00 · 2024-06-23 17:48:14 +02:00 · cfb423b13d
commit cfb423b13d
parent da45f62ca8
211 changed files with 18 additions and 10 deletions
--- a/server/internal/api/session.go
+++ b/server/internal/api/session.go
@ -0,0 +1,85 @@
+package api
+
+import (
+	"errors"
+	"net/http"
+
+	"github.com/demodesk/neko/pkg/auth"
+	"github.com/demodesk/neko/pkg/types"
+	"github.com/demodesk/neko/pkg/utils"
+)
+
+type SessionLoginPayload struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type SessionDataPayload struct {
+	ID      string              `json:"id"`
+	Token   string              `json:"token,omitempty"`
+	Profile types.MemberProfile `json:"profile"`
+	State   types.SessionState  `json:"state"`
+}
+
+func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) error {
+	data := &SessionLoginPayload{}
+	if err := utils.HttpJsonRequest(w, r, data); err != nil {
+		return err
+	}
+
+	session, token, err := api.members.Login(data.Username, data.Password)
+	if err != nil {
+		if errors.Is(err, types.ErrSessionAlreadyConnected) {
+			return utils.HttpUnprocessableEntity("session already connected")
+		} else if errors.Is(err, types.ErrMemberDoesNotExist) || errors.Is(err, types.ErrMemberInvalidPassword) {
+			return utils.HttpUnauthorized().WithInternalErr(err)
+		} else if errors.Is(err, types.ErrSessionLoginsLocked) {
+			return utils.HttpForbidden("logins are locked").WithInternalErr(err)
+		} else {
+			return utils.HttpInternalServerError().WithInternalErr(err)
+		}
+	}
+
+	sessionData := SessionDataPayload{
+		ID:      session.ID(),
+		Profile: session.Profile(),
+		State:   session.State(),
+	}
+
+	if api.sessions.CookieEnabled() {
+		api.sessions.CookieSetToken(w, token)
+	} else {
+		sessionData.Token = token
+	}
+
+	return utils.HttpSuccess(w, sessionData)
+}
+
+func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) error {
+	session, _ := auth.GetSession(r)
+
+	err := api.members.Logout(session.ID())
+	if err != nil {
+		if errors.Is(err, types.ErrSessionNotFound) {
+			return utils.HttpBadRequest("session is not logged in")
+		} else {
+			return utils.HttpInternalServerError().WithInternalErr(err)
+		}
+	}
+
+	if api.sessions.CookieEnabled() {
+		api.sessions.CookieClearToken(w, r)
+	}
+
+	return utils.HttpSuccess(w, true)
+}
+
+func (api *ApiManagerCtx) Whoami(w http.ResponseWriter, r *http.Request) error {
+	session, _ := auth.GetSession(r)
+
+	return utils.HttpSuccess(w, SessionDataPayload{
+		ID:      session.ID(),
+		Profile: session.Profile(),
+		State:   session.State(),
+	})
+}