database + auth

2024-08-21 17:54:36 +02:00 · 2024-08-21 17:54:36 +02:00 · 2bbf24f581
commit 2bbf24f581
parent 3732fb2fa4
9 changed files with 85 additions and 43 deletions
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -89,7 +89,14 @@ func main() {
 		return nil
 	})

-	app.Get("/login", oidc.HandleRedirect)
+	app.Get("/login", func(c *fiber.Ctx) error {
+		_, err := sessions.GetSession(c)
+		if err == nil {
+			return c.Redirect("/account")
+		} else {
+			return oidc.HandleRedirect(c)
+		}
+	})
 	app.Get(config.Config.Oidc.CallbackUrl, oidc.HandleCallback)

 	// Static routes
--- a/internal/oidc/oidc.go
+++ b/internal/oidc/oidc.go
@ -37,5 +37,4 @@ func Load(ctx context.Context) {
 	Verifier = Provider.Verifier(oidcConfig)

 	log.Debug().Msg("loaded oidc")
-	log.Debug().Interface("Config", Config).Msg("data")
 }
--- a/internal/sessions/sessions.go
+++ b/internal/sessions/sessions.go
@ -2,6 +2,7 @@ package sessions

 import (
 	"context"
+	"errors"

 	"git.tijl.dev/tijl/tijl.dev/internal/db"
 	"git.tijl.dev/tijl/tijl.dev/internal/utils"
@ -24,7 +25,7 @@ func NewSession(uid string, c *fiber.Ctx) (string, error) {
 		Secure: true,
 	})

-	err = db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{
+	_, err = db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{
 		Token:     createSessionParams.Token,
 		IpAddress: c.IP(),
 		Agent:     string(c.Context().UserAgent()),
@ -36,18 +37,21 @@ func NewSession(uid string, c *fiber.Ctx) (string, error) {
 	return createSessionParams.Token, nil
 }

-func GetSession(c *fiber.Ctx) (database.Session, error) {
-	err := db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{
+func GetSession(c *fiber.Ctx) (string, error) {
+	if c.Cookies("session") == "" {
+		return "", errors.New("no cookie found")
+	}
+	uid, err := db.Queries.QuickUpdateSession(context.TODO(), database.QuickUpdateSessionParams{
 		Token:     c.Cookies("session"),
 		IpAddress: c.IP(),
 		Agent:     string(c.Context().UserAgent()),
 	})
 	if err != nil {
-		return database.Session{}, err
+		return uid, err
 	}
-	session, err := db.Queries.GetSession(context.TODO(), c.Cookies("session"))
-	if err != nil {
-		return session, err
-	}
-	return session, nil
+	//session, err := db.Queries.GetSession(context.TODO(), c.Cookies("session"))
+	//if err != nil {
+	//	return session, err
+	//}
+	return uid, nil
 }
--- a/locales/en.json
+++ b/locales/en.json
@ -6,5 +6,6 @@
 	"english": "English",
 	"dutch": "Dutch",
 	"about": "About",
-	"projects": "Projects"
+	"projects": "Projects",
+	"account": "Account"
 }
--- a/locales/nl.json
+++ b/locales/nl.json
@ -6,5 +6,6 @@
 	"english": "Engels",
 	"dutch": "Nederlands",
 	"about": "Over",
-	"projects": "Projecten"
+	"projects": "Projecten",
+	"account": "Account"
 }
--- a/migrations/00000001_init.up.sql
+++ b/migrations/00000001_init.up.sql
@ -19,6 +19,10 @@ CREATE TABLE sessions (
    FOREIGN KEY (uid) REFERENCES users (uid)
 );

+-- Creating indexes for better performance
+CREATE INDEX idx_sessions_last_activity ON sessions (last_activity);
+CREATE INDEX idx_sessions_token ON sessions (token);
+
 CREATE TABLE session_ips (
    id SERIAL PRIMARY KEY,
    session_id INTEGER NOT NULL,
@ -29,3 +33,7 @@ CREATE TABLE session_ips (
    CONSTRAINT session_ips_unique UNIQUE (session_id, ip_address)
 );

+-- Creating indexes for better performance
+CREATE INDEX idx_session_ips_session_id_ip_address ON session_ips (session_id, ip_address);
+CREATE INDEX idx_session_ips_access_time ON session_ips (access_time);
+
--- a/modules/database/sessions.sql
+++ b/modules/database/sessions.sql
@ -10,24 +10,29 @@ SELECT * FROM sessions WHERE uid = $1 AND (expires > CURRENT_TIMESTAMP OR expire
 -- name: CreateSession :exec
 INSERT INTO sessions (uid, token, last_activity) VALUES ($1, $2, CURRENT_TIMESTAMP);

-- name: QuickUpdateSession :exec
+-- name: QuickUpdateSession :one
 WITH updated_session AS (
    UPDATE sessions 
    SET last_activity = CURRENT_TIMESTAMP 
    WHERE token = $1 
-    RETURNING id
-)
-INSERT INTO session_ips (session_id, ip_address, agent, access_time)
-VALUES (
+    RETURNING id, uid
+),
+inserted_or_updated AS (
+    INSERT INTO session_ips (session_id, ip_address, agent, access_time)
+    VALUES (
        (SELECT id FROM updated_session), 
        $2, 
        $3,
        CURRENT_TIMESTAMP
-)
-ON CONFLICT (session_id, ip_address) 
-DO UPDATE SET 
+    )
+    ON CONFLICT (session_id, ip_address) 
+    DO UPDATE SET 
        agent = EXCLUDED.agent,
-    access_time = CURRENT_TIMESTAMP;
+        access_time = CURRENT_TIMESTAMP
+    RETURNING session_id
+)
+SELECT uid
+FROM updated_session;

 -- name: ExpireSession :exec
 UPDATE sessions SET expires = 1 WHERE token = $1;
--- a/modules/database/sessions.sql.go
+++ b/modules/database/sessions.sql.go
@ -128,24 +128,29 @@ func (q *Queries) GetSessions(ctx context.Context, arg GetSessionsParams) ([]Ses
 	return items, nil
 }

-const quickUpdateSession = `-- name: QuickUpdateSession :exec
+const quickUpdateSession = `-- name: QuickUpdateSession :one
 WITH updated_session AS (
    UPDATE sessions 
    SET last_activity = CURRENT_TIMESTAMP 
    WHERE token = $1 
-    RETURNING id
-)
-INSERT INTO session_ips (session_id, ip_address, agent, access_time)
-VALUES (
+    RETURNING id, uid
+),
+inserted_or_updated AS (
+    INSERT INTO session_ips (session_id, ip_address, agent, access_time)
+    VALUES (
        (SELECT id FROM updated_session), 
        $2, 
        $3,
        CURRENT_TIMESTAMP
-)
-ON CONFLICT (session_id, ip_address) 
-DO UPDATE SET 
+    )
+    ON CONFLICT (session_id, ip_address) 
+    DO UPDATE SET 
        agent = EXCLUDED.agent,
        access_time = CURRENT_TIMESTAMP
+    RETURNING session_id
+)
+SELECT uid
+FROM updated_session
 `

 type QuickUpdateSessionParams struct {
@ -154,7 +159,9 @@ type QuickUpdateSessionParams struct {
 	Agent     string
 }

-func (q *Queries) QuickUpdateSession(ctx context.Context, arg QuickUpdateSessionParams) error {
-	_, err := q.db.ExecContext(ctx, quickUpdateSession, arg.Token, arg.IpAddress, arg.Agent)
-	return err
+func (q *Queries) QuickUpdateSession(ctx context.Context, arg QuickUpdateSessionParams) (string, error) {
+	row := q.db.QueryRowContext(ctx, quickUpdateSession, arg.Token, arg.IpAddress, arg.Agent)
+	var uid string
+	err := row.Scan(&uid)
+	return uid, err
 }
--- a/views/partials/menu.html
+++ b/views/partials/menu.html
@ -81,12 +81,22 @@
                            </ul>
                        </details>
                    </li>
-                    <li><a class="active flex gap-4" hx-boost="false" href="/login">
+                    <li>
+                        {{if .SignedIn}}
+                        <a class="flex gap-4" href="/account">
+                            <span class="w-5 text-center">
+                                {{icon "login"}}
+                            </span>
+                            <span class="text-base">{{.T.account}}</span>
+                        </a>
+                        {{else}}
+                        <a class="active flex gap-4" hx-boost="false" href="/login">
                            <span class="w-5 text-center">
                                {{icon "login"}}
                            </span>
                            <span class="text-base">{{.T.login}}</span>
                        </a>
+                        {{end}}
                    </li>
                </ul>
            </details>