From 2bbf24f5817df1bfa74f4b1ce2763c9add31727a Mon Sep 17 00:00:00 2001 From: tijl Date: Wed, 21 Aug 2024 17:54:36 +0200 Subject: [PATCH] database + auth --- cmd/server/main.go | 9 +++++++- internal/oidc/oidc.go | 1 - internal/sessions/sessions.go | 22 ++++++++++-------- locales/en.json | 3 ++- locales/nl.json | 3 ++- migrations/00000001_init.up.sql | 8 +++++++ modules/database/sessions.sql | 31 ++++++++++++++----------- modules/database/sessions.sql.go | 39 +++++++++++++++++++------------- views/partials/menu.html | 12 +++++++++- 9 files changed, 85 insertions(+), 43 deletions(-) diff --git a/cmd/server/main.go b/cmd/server/main.go index 7f3293e..4e205cb 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -89,7 +89,14 @@ func main() { return nil }) - app.Get("/login", oidc.HandleRedirect) + app.Get("/login", func(c *fiber.Ctx) error { + _, err := sessions.GetSession(c) + if err == nil { + return c.Redirect("/account") + } else { + return oidc.HandleRedirect(c) + } + }) app.Get(config.Config.Oidc.CallbackUrl, oidc.HandleCallback) // Static routes diff --git a/internal/oidc/oidc.go b/internal/oidc/oidc.go index 9899c04..5c090c2 100644 --- a/internal/oidc/oidc.go +++ b/internal/oidc/oidc.go @@ -37,5 +37,4 @@ func Load(ctx context.Context) { Verifier = Provider.Verifier(oidcConfig) log.Debug().Msg("loaded oidc") - log.Debug().Interface("Config", Config).Msg("data") } diff --git a/internal/sessions/sessions.go b/internal/sessions/sessions.go index 535deaa..12360f8 100644 --- a/internal/sessions/sessions.go +++ b/internal/sessions/sessions.go @@ -2,6 +2,7 @@ package sessions import ( "context" + "errors" "git.tijl.dev/tijl/tijl.dev/internal/db" "git.tijl.dev/tijl/tijl.dev/internal/utils" @@ -24,7 +25,7 @@ func NewSession(uid string, c *fiber.Ctx) (string, error) { Secure: true, }) - err = db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{ + _, err = db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{ Token: createSessionParams.Token, IpAddress: c.IP(), Agent: string(c.Context().UserAgent()), @@ -36,18 +37,21 @@ func NewSession(uid string, c *fiber.Ctx) (string, error) { return createSessionParams.Token, nil } -func GetSession(c *fiber.Ctx) (database.Session, error) { - err := db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{ +func GetSession(c *fiber.Ctx) (string, error) { + if c.Cookies("session") == "" { + return "", errors.New("no cookie found") + } + uid, err := db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{ Token: c.Cookies("session"), IpAddress: c.IP(), Agent: string(c.Context().UserAgent()), }) if err != nil { - return database.Session{}, err + return uid, err } - session, err := db.Queries.GetSession(context.TODO(), c.Cookies("session")) - if err != nil { - return session, err - } - return session, nil + //session, err := db.Queries.GetSession(context.TODO(), c.Cookies("session")) + //if err != nil { + // return session, err + //} + return uid, nil } diff --git a/locales/en.json b/locales/en.json index 4a11c2f..703bda2 100644 --- a/locales/en.json +++ b/locales/en.json @@ -6,5 +6,6 @@ "english": "English", "dutch": "Dutch", "about": "About", - "projects": "Projects" + "projects": "Projects", + "account": "Account" } diff --git a/locales/nl.json b/locales/nl.json index 4c31f5c..d8fe031 100644 --- a/locales/nl.json +++ b/locales/nl.json @@ -6,5 +6,6 @@ "english": "Engels", "dutch": "Nederlands", "about": "Over", - "projects": "Projecten" + "projects": "Projecten", + "account": "Account" } diff --git a/migrations/00000001_init.up.sql b/migrations/00000001_init.up.sql index cf5ad46..4c69198 100644 --- a/migrations/00000001_init.up.sql +++ b/migrations/00000001_init.up.sql @@ -19,6 +19,10 @@ CREATE TABLE sessions ( FOREIGN KEY (uid) REFERENCES users (uid) ); +-- Creating indexes for better performance +CREATE INDEX idx_sessions_last_activity ON sessions (last_activity); +CREATE INDEX idx_sessions_token ON sessions (token); + CREATE TABLE session_ips ( id SERIAL PRIMARY KEY, session_id INTEGER NOT NULL, @@ -29,3 +33,7 @@ CREATE TABLE session_ips ( CONSTRAINT session_ips_unique UNIQUE (session_id, ip_address) ); +-- Creating indexes for better performance +CREATE INDEX idx_session_ips_session_id_ip_address ON session_ips (session_id, ip_address); +CREATE INDEX idx_session_ips_access_time ON session_ips (access_time); + diff --git a/modules/database/sessions.sql b/modules/database/sessions.sql index 5151ce3..6c37150 100644 --- a/modules/database/sessions.sql +++ b/modules/database/sessions.sql @@ -10,24 +10,29 @@ SELECT * FROM sessions WHERE uid = $1 AND (expires > CURRENT_TIMESTAMP OR expire -- name: CreateSession :exec INSERT INTO sessions (uid, token, last_activity) VALUES ($1, $2, CURRENT_TIMESTAMP); --- name: QuickUpdateSession :exec +-- name: QuickUpdateSession :one WITH updated_session AS ( UPDATE sessions SET last_activity = CURRENT_TIMESTAMP WHERE token = $1 - RETURNING id + RETURNING id, uid +), +inserted_or_updated AS ( + INSERT INTO session_ips (session_id, ip_address, agent, access_time) + VALUES ( + (SELECT id FROM updated_session), + $2, + $3, + CURRENT_TIMESTAMP + ) + ON CONFLICT (session_id, ip_address) + DO UPDATE SET + agent = EXCLUDED.agent, + access_time = CURRENT_TIMESTAMP + RETURNING session_id ) -INSERT INTO session_ips (session_id, ip_address, agent, access_time) -VALUES ( - (SELECT id FROM updated_session), - $2, - $3, - CURRENT_TIMESTAMP -) -ON CONFLICT (session_id, ip_address) -DO UPDATE SET - agent = EXCLUDED.agent, - access_time = CURRENT_TIMESTAMP; +SELECT uid +FROM updated_session; -- name: ExpireSession :exec UPDATE sessions SET expires = 1 WHERE token = $1; diff --git a/modules/database/sessions.sql.go b/modules/database/sessions.sql.go index ae85e04..034a4b5 100644 --- a/modules/database/sessions.sql.go +++ b/modules/database/sessions.sql.go @@ -128,24 +128,29 @@ func (q *Queries) GetSessions(ctx context.Context, arg GetSessionsParams) ([]Ses return items, nil } -const quickUpdateSession = `-- name: QuickUpdateSession :exec +const quickUpdateSession = `-- name: QuickUpdateSession :one WITH updated_session AS ( UPDATE sessions SET last_activity = CURRENT_TIMESTAMP WHERE token = $1 - RETURNING id + RETURNING id, uid +), +inserted_or_updated AS ( + INSERT INTO session_ips (session_id, ip_address, agent, access_time) + VALUES ( + (SELECT id FROM updated_session), + $2, + $3, + CURRENT_TIMESTAMP + ) + ON CONFLICT (session_id, ip_address) + DO UPDATE SET + agent = EXCLUDED.agent, + access_time = CURRENT_TIMESTAMP + RETURNING session_id ) -INSERT INTO session_ips (session_id, ip_address, agent, access_time) -VALUES ( - (SELECT id FROM updated_session), - $2, - $3, - CURRENT_TIMESTAMP -) -ON CONFLICT (session_id, ip_address) -DO UPDATE SET - agent = EXCLUDED.agent, - access_time = CURRENT_TIMESTAMP +SELECT uid +FROM updated_session ` type QuickUpdateSessionParams struct { @@ -154,7 +159,9 @@ type QuickUpdateSessionParams struct { Agent string } -func (q *Queries) QuickUpdateSession(ctx context.Context, arg QuickUpdateSessionParams) error { - _, err := q.db.ExecContext(ctx, quickUpdateSession, arg.Token, arg.IpAddress, arg.Agent) - return err +func (q *Queries) QuickUpdateSession(ctx context.Context, arg QuickUpdateSessionParams) (string, error) { + row := q.db.QueryRowContext(ctx, quickUpdateSession, arg.Token, arg.IpAddress, arg.Agent) + var uid string + err := row.Scan(&uid) + return uid, err } diff --git a/views/partials/menu.html b/views/partials/menu.html index 97b31a6..98f2de6 100644 --- a/views/partials/menu.html +++ b/views/partials/menu.html @@ -81,12 +81,22 @@ -
  • +
  • + {{if .SignedIn}} + + + {{icon "login"}} + + {{.T.account}} + + {{else}} + {{icon "login"}} {{.T.login}} + {{end}}