Enha: use of sql sessions

2025-07-03 08:15:54 +03:00
parent 130ed3763b
commit e02554b181
10 changed files with 36 additions and 25 deletions
--- a/handlers/actions.go
+++ b/handlers/actions.go
@@ -130,10 +130,10 @@ func notifyBotIfNeeded(room *models.Room) {
 func getFullInfoByCtx(ctx context.Context) (*models.FullInfo, error) {
 	resp := &models.FullInfo{}
 	// state, err := getStateByCtx(ctx)
-	// if err != nil {
-	// 	return nil, err
-	// }
 	state, err := getPlayerByCtx(ctx)
+	if err != nil {
+		return nil, err
+	}
 	resp.State = state
 	if state.RoomID == "" {
 		return resp, nil
--- a/handlers/auth.go
+++ b/handlers/auth.go
@@ -1,6 +1,7 @@
 package handlers

 import (
+	"context"
 	"crypto/hmac"
 	"crypto/sha256"
 	"encoding/base64"
@@ -12,6 +13,7 @@ import (
 	"html/template"
 	"net/http"
 	"strings"
+	"time"
 )

 func abortWithError(w http.ResponseWriter, msg string) {
@@ -144,9 +146,10 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 	// expiresAt := time.Now().Add(time.Duration(cfg.SessionLifetime) * time.Second)
 	// Set the token in the session map, along with the session information
 	session := &models.Session{
-		Username:    username,
-		CookieToken: sessionToken,
-		Lifetime:    uint32(cfg.SessionLifetime / 60),
+		Username:  username,
+		TokenKey:  sessionToken,
+		UpdatedAt: time.Now(),
+		Lifetime:  uint32(cfg.SessionLifetime / 60),
 	}
 	cookieName := "session_token"
 	// hmac to protect cookies
@@ -173,6 +176,9 @@ func makeCookie(username string, remote string) (*http.Cookie, error) {
 		log.Info("changing cookie domain", "domain", cookie.Domain)
 	}
 	// set ctx?
+	if err := repo.SessionCreate(context.Background(), session); err != nil {
+		return nil, err
+	}
 	// set user in session
 	if err := cacheSetSession(sessionToken, session); err != nil {
 		return nil, err
--- a/handlers/handlers.go
+++ b/handlers/handlers.go
@@ -48,7 +48,10 @@ func HandleHome(w http.ResponseWriter, r *http.Request) {
 		abortWithError(w, err.Error())
 		return
 	}
-	fi, _ := getFullInfoByCtx(r.Context())
+	fi, err := getFullInfoByCtx(r.Context())
+	if err != nil {
+		log.Error("failed to fetch fi", "error", err)
+	}
 	if fi != nil && fi.Room != nil && fi.State != nil {
 		fi.Room.UpdateCounter()
 		if fi.State.Role == "mime" {
--- a/handlers/middleware.go
+++ b/handlers/middleware.go
@@ -61,12 +61,12 @@ func GetSession(next http.Handler) http.Handler {
 			next.ServeHTTP(w, r)
 			return
 		}
-		userSession, err := cacheGetSession(sessionToken)
+		userSession, err := repo.SessionByToken(r.Context(), sessionToken)
+		// userSession, err := cacheGetSession(sessionToken)
 		// log.Debug("userSession from cache", "us", userSession)
 		if err != nil {
-			// msg := "auth failed; session does not exists"
-			// err = errors.New(msg)
-			// log.Debug(msg, "error", err)
+			msg := "auth failed; session does not exists"
+			log.Debug(msg, "error", err, "key", sessionToken)
 			next.ServeHTTP(w, r)
 			return
 		}