diff --git a/components/index.html b/components/index.html
index 5a1e136..ca2136f 100644
--- a/components/index.html
+++ b/components/index.html
@@ -5,6 +5,7 @@
{{template "linklogin" .LinkLogin}}
{{ else if eq .State.RoomID "" }}
+
data: {{.}} {{.State}} {{.Room}}
Hello {{.State.Username}}
diff --git a/gralias.db b/gralias.db
index a48b678..d891687 100644
Binary files a/gralias.db and b/gralias.db differ
diff --git a/handlers/actions.go b/handlers/actions.go
index 3536780..edea372 100644
--- a/handlers/actions.go
+++ b/handlers/actions.go
@@ -130,10 +130,10 @@ func notifyBotIfNeeded(room *models.Room) {
func getFullInfoByCtx(ctx context.Context) (*models.FullInfo, error) {
resp := &models.FullInfo{}
// state, err := getStateByCtx(ctx)
- // if err != nil {
- // return nil, err
- // }
state, err := getPlayerByCtx(ctx)
+ if err != nil {
+ return nil, err
+ }
resp.State = state
if state.RoomID == "" {
return resp, nil
diff --git a/handlers/auth.go b/handlers/auth.go
index dd052bf..0f6afbc 100644
--- a/handlers/auth.go
+++ b/handlers/auth.go
@@ -1,6 +1,7 @@
package handlers
import (
+ "context"
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
@@ -12,6 +13,7 @@ import (
"html/template"
"net/http"
"strings"
+ "time"
)
func abortWithError(w http.ResponseWriter, msg string) {
@@ -144,9 +146,10 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
// expiresAt := time.Now().Add(time.Duration(cfg.SessionLifetime) * time.Second)
// Set the token in the session map, along with the session information
session := &models.Session{
- Username: username,
- CookieToken: sessionToken,
- Lifetime: uint32(cfg.SessionLifetime / 60),
+ Username: username,
+ TokenKey: sessionToken,
+ UpdatedAt: time.Now(),
+ Lifetime: uint32(cfg.SessionLifetime / 60),
}
cookieName := "session_token"
// hmac to protect cookies
@@ -173,6 +176,9 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
log.Info("changing cookie domain", "domain", cookie.Domain)
}
// set ctx?
+ if err := repo.SessionCreate(context.Background(), session); err != nil {
+ return nil, err
+ }
// set user in session
if err := cacheSetSession(sessionToken, session); err != nil {
return nil, err
diff --git a/handlers/handlers.go b/handlers/handlers.go
index 11b929b..37dcab1 100644
--- a/handlers/handlers.go
+++ b/handlers/handlers.go
@@ -48,7 +48,10 @@ func HandleHome(w http.ResponseWriter, r *http.Request) {
abortWithError(w, err.Error())
return
}
- fi, _ := getFullInfoByCtx(r.Context())
+ fi, err := getFullInfoByCtx(r.Context())
+ if err != nil {
+ log.Error("failed to fetch fi", "error", err)
+ }
if fi != nil && fi.Room != nil && fi.State != nil {
fi.Room.UpdateCounter()
if fi.State.Role == "mime" {
diff --git a/handlers/middleware.go b/handlers/middleware.go
index d53a760..e6021ef 100644
--- a/handlers/middleware.go
+++ b/handlers/middleware.go
@@ -61,12 +61,12 @@ func GetSession(next http.Handler) http.Handler {
next.ServeHTTP(w, r)
return
}
- userSession, err := cacheGetSession(sessionToken)
+ userSession, err := repo.SessionByToken(r.Context(), sessionToken)
+ // userSession, err := cacheGetSession(sessionToken)
// log.Debug("userSession from cache", "us", userSession)
if err != nil {
- // msg := "auth failed; session does not exists"
- // err = errors.New(msg)
- // log.Debug(msg, "error", err)
+ msg := "auth failed; session does not exists"
+ log.Debug(msg, "error", err, "key", sessionToken)
next.ServeHTTP(w, r)
return
}
diff --git a/migrations/001_initial_schema.up.sql b/migrations/001_initial_schema.up.sql
index a8d5ac1..6200e2a 100644
--- a/migrations/001_initial_schema.up.sql
+++ b/migrations/001_initial_schema.up.sql
@@ -72,7 +72,7 @@ CREATE TABLE sessions(
id INTEGER PRIMARY KEY AUTOINCREMENT,
updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
lifetime INTEGER NOT NULL DEFAULT 3600,
- cookie_token TEXT NOT NULL DEFAULT '', -- encoded value
+ token_key TEXT NOT NULL DEFAULT '' UNIQUE, -- encoded value
username TEXT NOT NULL,
FOREIGN KEY (username) REFERENCES players(username)
);
diff --git a/models/auth.go b/models/auth.go
index 0b6d83b..ba06d35 100644
--- a/models/auth.go
+++ b/models/auth.go
@@ -6,19 +6,19 @@ import (
// each session contains the username of the user and the time at which it expires
type Session struct {
- ID uint32
+ ID uint32 `db:"id"`
// CurrentRoom string
// Expiry time.Time
- UpdatedAt time.Time
- Lifetime uint32 // minutes
- CookieToken string
- Username string // username is playerid
+ UpdatedAt time.Time `db:"updated_at"`
+ Lifetime uint32 `db:"lifetime"` // minutes
+ TokenKey string `db:"token_key"`
+ Username string `db:"username"` // username is playerid
}
// we'll use this method later to determine if the session has expired
func (s Session) IsExpired() bool {
- return time.Now().After(s.UpdatedAt.Add(time.Minute * time.Duration(s.Lifetime)))
- // return s.Expiry.Before(time.Now())
+ // return time.Now().After(s.UpdatedAt.Add(time.Minute * time.Duration(s.Lifetime)))
+ return false
}
// func ListUsernames(ss map[string]*Session) []string {
diff --git a/repos/session.go b/repos/session.go
index 1991c43..97be4e0 100644
--- a/repos/session.go
+++ b/repos/session.go
@@ -19,7 +19,7 @@ func (p *RepoProvider) SessionByToken(ctx context.Context, token string) (*model
db := getDB(ctx, p.DB)
session := &models.Session{}
// The lifetime in the DB is in seconds, but in the model it is in minutes.
- err := sqlx.GetContext(ctx, db, session, `SELECT id, updated_at, lifetime / 60 as lifetime, cookie_token, username FROM sessions WHERE cookie_token = ?`, token)
+ err := sqlx.GetContext(ctx, db, session, `SELECT id, updated_at, lifetime / 60 as lifetime, token_key, username FROM sessions WHERE token_key = ? LIMIT 1;`, token)
if err != nil {
return nil, err
}
@@ -29,21 +29,21 @@ func (p *RepoProvider) SessionByToken(ctx context.Context, token string) (*model
func (p *RepoProvider) SessionCreate(ctx context.Context, session *models.Session) error {
db := getDB(ctx, p.DB)
// The lifetime in the model is in minutes, but in the DB it is in seconds.
- _, err := db.ExecContext(ctx, `INSERT INTO sessions (updated_at, lifetime, cookie_token, username) VALUES (?, ?, ?, ?)`,
- time.Now(), session.Lifetime*60, session.CookieToken, session.Username)
+ _, err := db.ExecContext(ctx, `INSERT INTO sessions (updated_at, lifetime, token_key, username) VALUES (?, ?, ?, ?) ON CONFLICT (token_key) DO UPDATE SET updated_at=CURRENT_TIMESTAMP, lifetime=excluded.lifetime;`,
+ time.Now(), session.Lifetime*60, session.TokenKey, session.Username)
return err
}
func (p *RepoProvider) SessionUpdate(ctx context.Context, session *models.Session) error {
db := getDB(ctx, p.DB)
// The lifetime in the model is in minutes, but in the DB it is in seconds.
- _, err := db.ExecContext(ctx, `UPDATE sessions SET updated_at = ?, lifetime = ? WHERE cookie_token = ?`,
- time.Now(), session.Lifetime*60, session.CookieToken)
+ _, err := db.ExecContext(ctx, `UPDATE sessions SET updated_at = ?, lifetime = ? WHERE token_key = ?`,
+ time.Now(), session.Lifetime*60, session.TokenKey)
return err
}
func (p *RepoProvider) SessionDelete(ctx context.Context, token string) error {
db := getDB(ctx, p.DB)
- _, err := db.ExecContext(ctx, `DELETE FROM sessions WHERE cookie_token = ?`, token)
+ _, err := db.ExecContext(ctx, `DELETE FROM sessions WHERE token_key = ?`, token)
return err
}
diff --git a/todos.md b/todos.md
index c0405e0..d3ee429 100644
--- a/todos.md
+++ b/todos.md
@@ -30,6 +30,7 @@
- clear indication that model (llm) is thinking / answered;
- possibly turn markings into parts of names of users (first three letters?);
- at game creation list languages and support them at backend;
+- sql ping goroutine with reconnect on fail;
#### sse points
- clue sse update;