Set long cache-control and add a hash to css and js urls, clean some things up
This commit is contained in:
Ken-Håvard Lieng
parent
2ccca3a778
commit
df02d27674
9 changed files with 171 additions and 77 deletions
|
|
@ -13,6 +13,37 @@ import (
|
|||
"github.com/khlieng/dispatch/storage"
|
||||
)
|
||||
|
||||
const (
|
||||
cookieName = "dispatch"
|
||||
)
|
||||
|
||||
var (
|
||||
hmacKey []byte
|
||||
)
|
||||
|
||||
func initAuth() {
|
||||
var err error
|
||||
hmacKey, err = getHMACKey()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
func getHMACKey() ([]byte, error) {
|
||||
key, err := ioutil.ReadFile(storage.Path.HMACKey())
|
||||
if err != nil {
|
||||
key = make([]byte, 32)
|
||||
rand.Read(key)
|
||||
|
||||
err = ioutil.WriteFile(storage.Path.HMACKey(), key, 0600)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return key, nil
|
||||
}
|
||||
|
||||
func handleAuth(w http.ResponseWriter, r *http.Request) *Session {
|
||||
var session *Session
|
||||
|
||||
|
|
@ -21,22 +52,14 @@ func handleAuth(w http.ResponseWriter, r *http.Request) *Session {
|
|||
authLog(r, "No cookie set")
|
||||
session = newUser(w, r)
|
||||
} else {
|
||||
token, err := jwt.Parse(cookie.Value, func(token *jwt.Token) (interface{}, error) {
|
||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
||||
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
||||
}
|
||||
return hmacKey, nil
|
||||
})
|
||||
token, err := parseToken(cookie.Value)
|
||||
|
||||
if err == nil && token.Valid {
|
||||
userID := uint64(token.Claims["UserID"].(float64))
|
||||
|
||||
log.Println(r.RemoteAddr, "[Auth] GET", r.URL.Path, "| Valid token | User ID:", userID)
|
||||
|
||||
sessionLock.Lock()
|
||||
session = sessions[userID]
|
||||
sessionLock.Unlock()
|
||||
|
||||
session = sessions.get(userID)
|
||||
if session == nil {
|
||||
// A previous anonymous session has been cleaned up, create a new one
|
||||
session = newUser(w, r)
|
||||
|
|
@ -47,6 +70,7 @@ func handleAuth(w http.ResponseWriter, r *http.Request) *Session {
|
|||
} else {
|
||||
authLog(r, "Invalid token")
|
||||
}
|
||||
|
||||
session = newUser(w, r)
|
||||
}
|
||||
}
|
||||
|
|
@ -63,11 +87,7 @@ func newUser(w http.ResponseWriter, r *http.Request) *Session {
|
|||
log.Println(r.RemoteAddr, "[Auth] Create session | User ID:", user.ID)
|
||||
|
||||
session := NewSession(user)
|
||||
|
||||
sessionLock.Lock()
|
||||
sessions[user.ID] = session
|
||||
sessionLock.Unlock()
|
||||
|
||||
sessions.set(user.ID, session)
|
||||
go session.run()
|
||||
|
||||
token := jwt.New(jwt.SigningMethodHS256)
|
||||
|
|
@ -89,19 +109,14 @@ func newUser(w http.ResponseWriter, r *http.Request) *Session {
|
|||
return session
|
||||
}
|
||||
|
||||
func getHMACKey() ([]byte, error) {
|
||||
key, err := ioutil.ReadFile(storage.Path.HMACKey())
|
||||
if err != nil {
|
||||
key = make([]byte, 32)
|
||||
rand.Read(key)
|
||||
|
||||
err = ioutil.WriteFile(storage.Path.HMACKey(), key, 0600)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
func parseToken(cookie string) (*jwt.Token, error) {
|
||||
return jwt.Parse(cookie, func(token *jwt.Token) (interface{}, error) {
|
||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
||||
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
||||
}
|
||||
}
|
||||
return hmacKey, nil
|
||||
})
|
||||
|
||||
return key, nil
|
||||
}
|
||||
|
||||
func authLog(r *http.Request, s string) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue