Dont refresh session keys on bootloader requests
This commit is contained in:
parent
f86e0d9283
commit
70b2c4df47
@ -69,29 +69,25 @@ func (s *Session) Expired() bool {
|
||||
return time.Since(created) > Expiration
|
||||
}
|
||||
|
||||
func (s *Session) Refresh() (string, bool, error) {
|
||||
func (s *Session) Refresh() (string, error) {
|
||||
s.lock.Lock()
|
||||
created := time.Unix(s.createdAt, 0)
|
||||
s.lock.Unlock()
|
||||
|
||||
if time.Since(created) > Expiration {
|
||||
return "", true, nil
|
||||
}
|
||||
|
||||
if time.Since(created) > RefreshInterval {
|
||||
key, err := newSessionKey()
|
||||
if err != nil {
|
||||
return "", false, err
|
||||
return "", err
|
||||
}
|
||||
|
||||
s.lock.Lock()
|
||||
s.createdAt = time.Now().Unix()
|
||||
s.key = key
|
||||
s.lock.Unlock()
|
||||
return key, false, nil
|
||||
return key, nil
|
||||
}
|
||||
|
||||
return "", false, nil
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func newSessionKey() (string, error) {
|
||||
|
@ -8,7 +8,7 @@ import (
|
||||
"github.com/khlieng/dispatch/storage"
|
||||
)
|
||||
|
||||
func (d *Dispatch) handleAuth(w http.ResponseWriter, r *http.Request, createUser bool) *State {
|
||||
func (d *Dispatch) handleAuth(w http.ResponseWriter, r *http.Request, createUser, refresh bool) *State {
|
||||
var state *State
|
||||
|
||||
cookie, err := r.Cookie(session.CookieName)
|
||||
@ -23,18 +23,22 @@ func (d *Dispatch) handleAuth(w http.ResponseWriter, r *http.Request, createUser
|
||||
session := d.states.getSession(cookie.Value)
|
||||
if session != nil {
|
||||
key := session.Key()
|
||||
newKey, expired, err := session.Refresh()
|
||||
|
||||
if !session.Expired() {
|
||||
state = d.states.get(session.UserID)
|
||||
|
||||
if refresh {
|
||||
newKey, err := session.Refresh()
|
||||
if err != nil {
|
||||
return nil
|
||||
log.Println(err)
|
||||
}
|
||||
|
||||
if !expired {
|
||||
state = d.states.get(session.UserID)
|
||||
if newKey != "" {
|
||||
d.states.setSession(session)
|
||||
d.states.deleteSession(key)
|
||||
session.SetCookie(w, r)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
d.states.deleteSession(key)
|
||||
}
|
||||
|
@ -323,7 +323,7 @@ func (d *Dispatch) serveIndex(w http.ResponseWriter, r *http.Request) {
|
||||
var data *indexData
|
||||
inline := inlineScriptSW
|
||||
if !sw {
|
||||
data = getIndexData(r, r.URL.EscapedPath(), d.handleAuth(w, r, false))
|
||||
data = getIndexData(r, r.URL.EscapedPath(), d.handleAuth(w, r, false, true))
|
||||
inline = inlineScript
|
||||
}
|
||||
|
||||
|
@ -173,7 +173,7 @@ func (d *Dispatch) serve(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
state := d.handleAuth(w, r, true)
|
||||
state := d.handleAuth(w, r, true, true)
|
||||
if state == nil {
|
||||
log.Println("[Auth] No state")
|
||||
fail(w, http.StatusInternalServerError)
|
||||
@ -182,14 +182,10 @@ func (d *Dispatch) serve(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
d.upgradeWS(w, r, state)
|
||||
} else if strings.HasPrefix(r.URL.Path, "/data") {
|
||||
state := d.handleAuth(w, r, true)
|
||||
if state == nil {
|
||||
log.Println("[Auth] No state")
|
||||
fail(w, http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
state := d.handleAuth(w, r, false, false)
|
||||
data := getIndexData(r, r.URL.EscapedPath()[5:], state)
|
||||
|
||||
easyjson.MarshalToHTTPResponseWriter(getIndexData(r, r.URL.EscapedPath()[5:], state), w)
|
||||
easyjson.MarshalToHTTPResponseWriter(data, w)
|
||||
} else {
|
||||
d.serveFiles(w, r)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user