+32 -32

appview/issues/issues.go

··· 81 81 82 82 func (rp *Issues) RepoSingleIssue(w http.ResponseWriter, r *http.Request) { 83 83 l := rp.logger.With("handler", "RepoSingleIssue") 84 84 - user := rp.oauth.GetUser(r) 84 84 + user := rp.oauth.GetMultiAccountUser(r) 85 85 f, err := rp.repoResolver.Resolve(r) 86 86 if err != nil { 87 87 l.Error("failed to get repo and knot", "err", err) ··· 102 102 103 103 userReactions := map[models.ReactionKind]bool{} 104 104 if user != nil { 105 105 - userReactions = db.GetReactionStatusMap(rp.db, user.Did, issue.AtUri()) 105 105 + userReactions = db.GetReactionStatusMap(rp.db, user.Active.Did, issue.AtUri()) 106 106 } 107 107 108 108 backlinks, err := db.GetBacklinks(rp.db, issue.AtUri()) ··· 143 143 144 144 func (rp *Issues) EditIssue(w http.ResponseWriter, r *http.Request) { 145 145 l := rp.logger.With("handler", "EditIssue") 146 146 - user := rp.oauth.GetUser(r) 146 146 + user := rp.oauth.GetMultiAccountUser(r) 147 147 148 148 issue, ok := r.Context().Value("issue").(*models.Issue) 149 149 if !ok { ··· 182 182 return 183 183 } 184 184 185 185 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Did, newIssue.Rkey) 185 185 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueNSID, user.Active.Did, newIssue.Rkey) 186 186 if err != nil { 187 187 l.Error("failed to get record", "err", err) 188 188 rp.pages.Notice(w, noticeId, "Failed to edit issue, no record found on PDS.") ··· 191 191 192 192 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 193 193 Collection: tangled.RepoIssueNSID, 194 194 - Repo: user.Did, 194 194 + Repo: user.Active.Did, 195 195 Rkey: newIssue.Rkey, 196 196 SwapRecord: ex.Cid, 197 197 Record: &lexutil.LexiconTypeDecoder{ ··· 292 292 293 293 func (rp *Issues) CloseIssue(w http.ResponseWriter, r *http.Request) { 294 294 l := rp.logger.With("handler", "CloseIssue") 295 295 - user := rp.oauth.GetUser(r) 295 295 + user := rp.oauth.GetMultiAccountUser(r) 296 296 f, err := rp.repoResolver.Resolve(r) 297 297 if err != nil { 298 298 l.Error("failed to get repo and knot", "err", err) ··· 306 306 return 307 307 } 308 308 309 309 - roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 309 309 + roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 310 310 isRepoOwner := roles.IsOwner() 311 311 isCollaborator := roles.IsCollaborator() 312 312 - isIssueOwner := user.Did == issue.Did 312 312 + isIssueOwner := user.Active.Did == issue.Did 313 313 314 314 // TODO: make this more granular 315 315 if isIssueOwner || isRepoOwner || isCollaborator { ··· 326 326 issue.Open = false 327 327 328 328 // notify about the issue closure 329 329 - rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue) 329 329 + rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue) 330 330 331 331 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 332 332 rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId)) ··· 340 340 341 341 func (rp *Issues) ReopenIssue(w http.ResponseWriter, r *http.Request) { 342 342 l := rp.logger.With("handler", "ReopenIssue") 343 343 - user := rp.oauth.GetUser(r) 343 343 + user := rp.oauth.GetMultiAccountUser(r) 344 344 f, err := rp.repoResolver.Resolve(r) 345 345 if err != nil { 346 346 l.Error("failed to get repo and knot", "err", err) ··· 354 354 return 355 355 } 356 356 357 357 - roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 357 357 + roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 358 358 isRepoOwner := roles.IsOwner() 359 359 isCollaborator := roles.IsCollaborator() 360 360 - isIssueOwner := user.Did == issue.Did 360 360 + isIssueOwner := user.Active.Did == issue.Did 361 361 362 362 if isCollaborator || isRepoOwner || isIssueOwner { 363 363 err := db.ReopenIssues( ··· 373 373 issue.Open = true 374 374 375 375 // notify about the issue reopen 376 376 - rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Did), issue) 376 376 + rp.notifier.NewIssueState(r.Context(), syntax.DID(user.Active.Did), issue) 377 377 378 378 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 379 379 rp.pages.HxLocation(w, fmt.Sprintf("/%s/issues/%d", ownerSlashRepo, issue.IssueId)) ··· 387 387 388 388 func (rp *Issues) NewIssueComment(w http.ResponseWriter, r *http.Request) { 389 389 l := rp.logger.With("handler", "NewIssueComment") 390 390 - user := rp.oauth.GetUser(r) 390 390 + user := rp.oauth.GetMultiAccountUser(r) 391 391 f, err := rp.repoResolver.Resolve(r) 392 392 if err != nil { 393 393 l.Error("failed to get repo and knot", "err", err) ··· 416 416 mentions, references := rp.mentionsResolver.Resolve(r.Context(), body) 417 417 418 418 comment := models.IssueComment{ 419 419 - Did: user.Did, 419 419 + Did: user.Active.Did, 420 420 Rkey: tid.TID(), 421 421 IssueAt: issue.AtUri().String(), 422 422 ReplyTo: replyTo, ··· 495 495 496 496 func (rp *Issues) IssueComment(w http.ResponseWriter, r *http.Request) { 497 497 l := rp.logger.With("handler", "IssueComment") 498 498 - user := rp.oauth.GetUser(r) 498 498 + user := rp.oauth.GetMultiAccountUser(r) 499 499 500 500 issue, ok := r.Context().Value("issue").(*models.Issue) 501 501 if !ok { ··· 531 531 532 532 func (rp *Issues) EditIssueComment(w http.ResponseWriter, r *http.Request) { 533 533 l := rp.logger.With("handler", "EditIssueComment") 534 534 - user := rp.oauth.GetUser(r) 534 534 + user := rp.oauth.GetMultiAccountUser(r) 535 535 536 536 issue, ok := r.Context().Value("issue").(*models.Issue) 537 537 if !ok { ··· 557 557 } 558 558 comment := comments[0] 559 559 560 560 - if comment.Did != user.Did { 561 561 - l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Did) 560 560 + if comment.Did != user.Active.Did { 561 561 + l.Error("unauthorized comment edit", "expectedDid", comment.Did, "gotDid", user.Active.Did) 562 562 http.Error(w, "you are not the author of this comment", http.StatusUnauthorized) 563 563 return 564 564 } ··· 608 608 // rkey is optional, it was introduced later 609 609 if newComment.Rkey != "" { 610 610 // update the record on pds 611 611 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Did, comment.Rkey) 611 611 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoIssueCommentNSID, user.Active.Did, comment.Rkey) 612 612 if err != nil { 613 613 l.Error("failed to get record", "err", err, "did", newComment.Did, "rkey", newComment.Rkey) 614 614 rp.pages.Notice(w, fmt.Sprintf("comment-%s-status", commentId), "Failed to update description, no record found on PDS.") ··· 617 617 618 618 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 619 619 Collection: tangled.RepoIssueCommentNSID, 620 620 - Repo: user.Did, 620 620 + Repo: user.Active.Did, 621 621 Rkey: newComment.Rkey, 622 622 SwapRecord: ex.Cid, 623 623 Record: &lexutil.LexiconTypeDecoder{ ··· 641 641 642 642 func (rp *Issues) ReplyIssueCommentPlaceholder(w http.ResponseWriter, r *http.Request) { 643 643 l := rp.logger.With("handler", "ReplyIssueCommentPlaceholder") 644 644 - user := rp.oauth.GetUser(r) 644 644 + user := rp.oauth.GetMultiAccountUser(r) 645 645 646 646 issue, ok := r.Context().Value("issue").(*models.Issue) 647 647 if !ok { ··· 677 677 678 678 func (rp *Issues) ReplyIssueComment(w http.ResponseWriter, r *http.Request) { 679 679 l := rp.logger.With("handler", "ReplyIssueComment") 680 680 - user := rp.oauth.GetUser(r) 680 680 + user := rp.oauth.GetMultiAccountUser(r) 681 681 682 682 issue, ok := r.Context().Value("issue").(*models.Issue) 683 683 if !ok { ··· 713 713 714 714 func (rp *Issues) DeleteIssueComment(w http.ResponseWriter, r *http.Request) { 715 715 l := rp.logger.With("handler", "DeleteIssueComment") 716 716 - user := rp.oauth.GetUser(r) 716 716 + user := rp.oauth.GetMultiAccountUser(r) 717 717 718 718 issue, ok := r.Context().Value("issue").(*models.Issue) 719 719 if !ok { ··· 739 739 } 740 740 comment := comments[0] 741 741 742 742 - if comment.Did != user.Did { 743 743 - l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Did) 742 742 + if comment.Did != user.Active.Did { 743 743 + l.Error("unauthorized action", "expectedDid", comment.Did, "gotDid", user.Active.Did) 744 744 http.Error(w, "you are not the author of this comment", http.StatusUnauthorized) 745 745 return 746 746 } ··· 769 769 } 770 770 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 771 771 Collection: tangled.RepoIssueCommentNSID, 772 772 - Repo: user.Did, 772 772 + Repo: user.Active.Did, 773 773 Rkey: comment.Rkey, 774 774 }) 775 775 if err != nil { ··· 807 807 808 808 page := pagination.FromContext(r.Context()) 809 809 810 810 - user := rp.oauth.GetUser(r) 810 810 + user := rp.oauth.GetMultiAccountUser(r) 811 811 f, err := rp.repoResolver.Resolve(r) 812 812 if err != nil { 813 813 l.Error("failed to get repo and knot", "err", err) ··· 884 884 } 885 885 886 886 rp.pages.RepoIssues(w, pages.RepoIssuesParams{ 887 887 - LoggedInUser: rp.oauth.GetUser(r), 887 887 + LoggedInUser: rp.oauth.GetMultiAccountUser(r), 888 888 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), 889 889 Issues: issues, 890 890 IssueCount: totalIssues, ··· 897 897 898 898 func (rp *Issues) NewIssue(w http.ResponseWriter, r *http.Request) { 899 899 l := rp.logger.With("handler", "NewIssue") 900 900 - user := rp.oauth.GetUser(r) 900 900 + user := rp.oauth.GetMultiAccountUser(r) 901 901 902 902 f, err := rp.repoResolver.Resolve(r) 903 903 if err != nil { ··· 921 921 Title: r.FormValue("title"), 922 922 Body: body, 923 923 Open: true, 924 924 - Did: user.Did, 924 924 + Did: user.Active.Did, 925 925 Created: time.Now(), 926 926 Mentions: mentions, 927 927 References: references, ··· 945 945 } 946 946 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 947 947 Collection: tangled.RepoIssueNSID, 948 948 - Repo: user.Did, 948 948 + Repo: user.Active.Did, 949 949 Rkey: issue.Rkey, 950 950 Record: &lexutil.LexiconTypeDecoder{ 951 951 Val: &record,

+31 -31

appview/knots/knots.go

··· 70 70 } 71 71 72 72 func (k *Knots) knots(w http.ResponseWriter, r *http.Request) { 73 73 - user := k.OAuth.GetUser(r) 73 73 + user := k.OAuth.GetMultiAccountUser(r) 74 74 registrations, err := db.GetRegistrations( 75 75 k.Db, 76 76 - orm.FilterEq("did", user.Did), 76 76 + orm.FilterEq("did", user.Active.Did), 77 77 ) 78 78 if err != nil { 79 79 k.Logger.Error("failed to fetch knot registrations", "err", err) ··· 92 92 func (k *Knots) dashboard(w http.ResponseWriter, r *http.Request) { 93 93 l := k.Logger.With("handler", "dashboard") 94 94 95 95 - user := k.OAuth.GetUser(r) 96 96 - l = l.With("user", user.Did) 95 95 + user := k.OAuth.GetMultiAccountUser(r) 96 96 + l = l.With("user", user.Active.Did) 97 97 98 98 domain := chi.URLParam(r, "domain") 99 99 if domain == "" { ··· 103 103 104 104 registrations, err := db.GetRegistrations( 105 105 k.Db, 106 106 - orm.FilterEq("did", user.Did), 106 106 + orm.FilterEq("did", user.Active.Did), 107 107 orm.FilterEq("domain", domain), 108 108 ) 109 109 if err != nil { ··· 154 154 } 155 155 156 156 func (k *Knots) register(w http.ResponseWriter, r *http.Request) { 157 157 - user := k.OAuth.GetUser(r) 157 157 + user := k.OAuth.GetMultiAccountUser(r) 158 158 l := k.Logger.With("handler", "register") 159 159 160 160 noticeId := "register-error" ··· 175 175 return 176 176 } 177 177 l = l.With("domain", domain) 178 178 - l = l.With("user", user.Did) 178 178 + l = l.With("user", user.Active.Did) 179 179 180 180 tx, err := k.Db.Begin() 181 181 if err != nil { ··· 188 188 k.Enforcer.E.LoadPolicy() 189 189 }() 190 190 191 191 - err = db.AddKnot(tx, domain, user.Did) 191 191 + err = db.AddKnot(tx, domain, user.Active.Did) 192 192 if err != nil { 193 193 l.Error("failed to insert", "err", err) 194 194 fail() ··· 210 210 return 211 211 } 212 212 213 213 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain) 213 213 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain) 214 214 var exCid *string 215 215 if ex != nil { 216 216 exCid = ex.Cid ··· 219 219 // re-announce by registering under same rkey 220 220 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 221 221 Collection: tangled.KnotNSID, 222 222 - Repo: user.Did, 222 222 + Repo: user.Active.Did, 223 223 Rkey: domain, 224 224 Record: &lexutil.LexiconTypeDecoder{ 225 225 Val: &tangled.Knot{ ··· 250 250 } 251 251 252 252 // begin verification 253 253 - err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev) 253 253 + err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev) 254 254 if err != nil { 255 255 l.Error("verification failed", "err", err) 256 256 k.Pages.HxRefresh(w) 257 257 return 258 258 } 259 259 260 260 - err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did) 260 260 + err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did) 261 261 if err != nil { 262 262 l.Error("failed to mark verified", "err", err) 263 263 k.Pages.HxRefresh(w) ··· 275 275 } 276 276 277 277 func (k *Knots) delete(w http.ResponseWriter, r *http.Request) { 278 278 - user := k.OAuth.GetUser(r) 278 278 + user := k.OAuth.GetMultiAccountUser(r) 279 279 l := k.Logger.With("handler", "delete") 280 280 281 281 noticeId := "operation-error" ··· 294 294 // get record from db first 295 295 registrations, err := db.GetRegistrations( 296 296 k.Db, 297 297 - orm.FilterEq("did", user.Did), 297 297 + orm.FilterEq("did", user.Active.Did), 298 298 orm.FilterEq("domain", domain), 299 299 ) 300 300 if err != nil { ··· 322 322 323 323 err = db.DeleteKnot( 324 324 tx, 325 325 - orm.FilterEq("did", user.Did), 325 325 + orm.FilterEq("did", user.Active.Did), 326 326 orm.FilterEq("domain", domain), 327 327 ) 328 328 if err != nil { ··· 350 350 351 351 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 352 352 Collection: tangled.KnotNSID, 353 353 - Repo: user.Did, 353 353 + Repo: user.Active.Did, 354 354 Rkey: domain, 355 355 }) 356 356 if err != nil { ··· 382 382 } 383 383 384 384 func (k *Knots) retry(w http.ResponseWriter, r *http.Request) { 385 385 - user := k.OAuth.GetUser(r) 385 385 + user := k.OAuth.GetMultiAccountUser(r) 386 386 l := k.Logger.With("handler", "retry") 387 387 388 388 noticeId := "operation-error" ··· 398 398 return 399 399 } 400 400 l = l.With("domain", domain) 401 401 - l = l.With("user", user.Did) 401 401 + l = l.With("user", user.Active.Did) 402 402 403 403 // get record from db first 404 404 registrations, err := db.GetRegistrations( 405 405 k.Db, 406 406 - orm.FilterEq("did", user.Did), 406 406 + orm.FilterEq("did", user.Active.Did), 407 407 orm.FilterEq("domain", domain), 408 408 ) 409 409 if err != nil { ··· 419 419 registration := registrations[0] 420 420 421 421 // begin verification 422 422 - err = serververify.RunVerification(r.Context(), domain, user.Did, k.Config.Core.Dev) 422 422 + err = serververify.RunVerification(r.Context(), domain, user.Active.Did, k.Config.Core.Dev) 423 423 if err != nil { 424 424 l.Error("verification failed", "err", err) 425 425 ··· 437 437 return 438 438 } 439 439 440 440 - err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Did) 440 440 + err = serververify.MarkKnotVerified(k.Db, k.Enforcer, domain, user.Active.Did) 441 441 if err != nil { 442 442 l.Error("failed to mark verified", "err", err) 443 443 k.Pages.Notice(w, noticeId, err.Error()) ··· 456 456 return 457 457 } 458 458 459 459 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Did, domain) 459 459 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.KnotNSID, user.Active.Did, domain) 460 460 var exCid *string 461 461 if ex != nil { 462 462 exCid = ex.Cid ··· 465 465 // ignore the error here 466 466 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 467 467 Collection: tangled.KnotNSID, 468 468 - Repo: user.Did, 468 468 + Repo: user.Active.Did, 469 469 Rkey: domain, 470 470 Record: &lexutil.LexiconTypeDecoder{ 471 471 Val: &tangled.Knot{ ··· 494 494 // Get updated registration to show 495 495 registrations, err = db.GetRegistrations( 496 496 k.Db, 497 497 - orm.FilterEq("did", user.Did), 497 497 + orm.FilterEq("did", user.Active.Did), 498 498 orm.FilterEq("domain", domain), 499 499 ) 500 500 if err != nil { ··· 516 516 } 517 517 518 518 func (k *Knots) addMember(w http.ResponseWriter, r *http.Request) { 519 519 - user := k.OAuth.GetUser(r) 519 519 + user := k.OAuth.GetMultiAccountUser(r) 520 520 l := k.Logger.With("handler", "addMember") 521 521 522 522 domain := chi.URLParam(r, "domain") ··· 526 526 return 527 527 } 528 528 l = l.With("domain", domain) 529 529 - l = l.With("user", user.Did) 529 529 + l = l.With("user", user.Active.Did) 530 530 531 531 registrations, err := db.GetRegistrations( 532 532 k.Db, 533 533 - orm.FilterEq("did", user.Did), 533 533 + orm.FilterEq("did", user.Active.Did), 534 534 orm.FilterEq("domain", domain), 535 535 orm.FilterIsNot("registered", "null"), 536 536 ) ··· 583 583 584 584 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 585 585 Collection: tangled.KnotMemberNSID, 586 586 - Repo: user.Did, 586 586 + Repo: user.Active.Did, 587 587 Rkey: rkey, 588 588 Record: &lexutil.LexiconTypeDecoder{ 589 589 Val: &tangled.KnotMember{ ··· 618 618 } 619 619 620 620 func (k *Knots) removeMember(w http.ResponseWriter, r *http.Request) { 621 621 - user := k.OAuth.GetUser(r) 621 621 + user := k.OAuth.GetMultiAccountUser(r) 622 622 l := k.Logger.With("handler", "removeMember") 623 623 624 624 noticeId := "operation-error" ··· 634 634 return 635 635 } 636 636 l = l.With("domain", domain) 637 637 - l = l.With("user", user.Did) 637 637 + l = l.With("user", user.Active.Did) 638 638 639 639 registrations, err := db.GetRegistrations( 640 640 k.Db, 641 641 - orm.FilterEq("did", user.Did), 641 641 + orm.FilterEq("did", user.Active.Did), 642 642 orm.FilterEq("domain", domain), 643 643 orm.FilterIsNot("registered", "null"), 644 644 )

+2 -2

appview/labels/labels.go

··· 68 68 // - this handler should calculate the diff in order to create the labelop record 69 69 // - we need the diff in order to maintain a "history" of operations performed by users 70 70 func (l *Labels) PerformLabelOp(w http.ResponseWriter, r *http.Request) { 71 71 - user := l.oauth.GetUser(r) 71 71 + user := l.oauth.GetMultiAccountUser(r) 72 72 73 73 noticeId := "add-label-error" 74 74 ··· 82 82 return 83 83 } 84 84 85 85 - did := user.Did 85 85 + did := user.Active.Did 86 86 rkey := tid.TID() 87 87 performedAt := time.Now() 88 88 indexedAt := time.Now()

+6 -8

appview/middleware/middleware.go

··· 115 115 return func(next http.Handler) http.Handler { 116 116 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 117 117 // requires auth also 118 118 - actor := mw.oauth.GetUser(r) 118 118 + actor := mw.oauth.GetMultiAccountUser(r) 119 119 if actor == nil { 120 120 // we need a logged in user 121 121 log.Printf("not logged in, redirecting") ··· 128 128 return 129 129 } 130 130 131 131 - ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Did, group, domain) 131 131 + ok, err := mw.enforcer.E.HasGroupingPolicy(actor.Active.Did, group, domain) 132 132 if err != nil || !ok { 133 133 - // we need a logged in user 134 134 - log.Printf("%s does not have perms of a %s in domain %s", actor.Did, group, domain) 133 133 + log.Printf("%s does not have perms of a %s in domain %s", actor.Active.Did, group, domain) 135 134 http.Error(w, "Forbiden", http.StatusUnauthorized) 136 135 return 137 136 } ··· 149 148 return func(next http.Handler) http.Handler { 150 149 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 151 150 // requires auth also 152 152 - actor := mw.oauth.GetUser(r) 151 151 + actor := mw.oauth.GetMultiAccountUser(r) 153 152 if actor == nil { 154 153 // we need a logged in user 155 154 log.Printf("not logged in, redirecting") ··· 162 161 return 163 162 } 164 163 165 165 - ok, err := mw.enforcer.E.Enforce(actor.Did, f.Knot, f.DidSlashRepo(), requiredPerm) 164 164 + ok, err := mw.enforcer.E.Enforce(actor.Active.Did, f.Knot, f.DidSlashRepo(), requiredPerm) 166 165 if err != nil || !ok { 167 167 - // we need a logged in user 168 168 - log.Printf("%s does not have perms of a %s in repo %s", actor.Did, requiredPerm, f.DidSlashRepo()) 166 166 + log.Printf("%s does not have perms of a %s in repo %s", actor.Active.Did, requiredPerm, f.DidSlashRepo()) 169 167 http.Error(w, "Forbiden", http.StatusUnauthorized) 170 168 return 171 169 }

+6 -6

appview/notifications/notifications.go

··· 48 48 49 49 func (n *Notifications) notificationsPage(w http.ResponseWriter, r *http.Request) { 50 50 l := n.logger.With("handler", "notificationsPage") 51 51 - user := n.oauth.GetUser(r) 51 51 + user := n.oauth.GetMultiAccountUser(r) 52 52 53 53 page := pagination.FromContext(r.Context()) 54 54 55 55 total, err := db.CountNotifications( 56 56 n.db, 57 57 - orm.FilterEq("recipient_did", user.Did), 57 57 + orm.FilterEq("recipient_did", user.Active.Did), 58 58 ) 59 59 if err != nil { 60 60 l.Error("failed to get total notifications", "err", err) ··· 65 65 notifications, err := db.GetNotificationsWithEntities( 66 66 n.db, 67 67 page, 68 68 - orm.FilterEq("recipient_did", user.Did), 68 68 + orm.FilterEq("recipient_did", user.Active.Did), 69 69 ) 70 70 if err != nil { 71 71 l.Error("failed to get notifications", "err", err) ··· 73 73 return 74 74 } 75 75 76 76 - err = db.MarkAllNotificationsRead(n.db, user.Did) 76 76 + err = db.MarkAllNotificationsRead(n.db, user.Active.Did) 77 77 if err != nil { 78 78 l.Error("failed to mark notifications as read", "err", err) 79 79 } ··· 90 90 } 91 91 92 92 func (n *Notifications) getUnreadCount(w http.ResponseWriter, r *http.Request) { 93 93 - user := n.oauth.GetUser(r) 93 93 + user := n.oauth.GetMultiAccountUser(r) 94 94 if user == nil { 95 95 return 96 96 } 97 97 98 98 count, err := db.CountNotifications( 99 99 n.db, 100 100 - orm.FilterEq("recipient_did", user.Did), 100 100 + orm.FilterEq("recipient_did", user.Active.Did), 101 101 orm.FilterEq("read", 0), 102 102 ) 103 103 if err != nil {

+191

appview/oauth/accounts.go

··· 1 1 + package oauth 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "errors" 6 6 + "net/http" 7 7 + "time" 8 8 + ) 9 9 + 10 10 + const MaxAccounts = 20 11 11 + 12 12 + var ErrMaxAccountsReached = errors.New("maximum number of linked accounts reached") 13 13 + 14 14 + type AccountInfo struct { 15 15 + Did string `json:"did"` 16 16 + Handle string `json:"handle"` 17 17 + SessionId string `json:"session_id"` 18 18 + AddedAt int64 `json:"added_at"` 19 19 + } 20 20 + 21 21 + type AccountRegistry struct { 22 22 + Accounts []AccountInfo `json:"accounts"` 23 23 + } 24 24 + 25 25 + type MultiAccountUser struct { 26 26 + Active *User 27 27 + Accounts []AccountInfo 28 28 + } 29 29 + 30 30 + func (m *MultiAccountUser) Did() string { 31 31 + if m.Active == nil { 32 32 + return "" 33 33 + } 34 34 + return m.Active.Did 35 35 + } 36 36 + 37 37 + func (m *MultiAccountUser) Pds() string { 38 38 + if m.Active == nil { 39 39 + return "" 40 40 + } 41 41 + return m.Active.Pds 42 42 + } 43 43 + 44 44 + func (o *OAuth) GetAccounts(r *http.Request) *AccountRegistry { 45 45 + session, err := o.SessStore.Get(r, AccountsName) 46 46 + if err != nil || session.IsNew { 47 47 + return &AccountRegistry{Accounts: []AccountInfo{}} 48 48 + } 49 49 + 50 50 + data, ok := session.Values["accounts"].(string) 51 51 + if !ok { 52 52 + return &AccountRegistry{Accounts: []AccountInfo{}} 53 53 + } 54 54 + 55 55 + var registry AccountRegistry 56 56 + if err := json.Unmarshal([]byte(data), &registry); err != nil { 57 57 + return &AccountRegistry{Accounts: []AccountInfo{}} 58 58 + } 59 59 + 60 60 + return &registry 61 61 + } 62 62 + 63 63 + func (o *OAuth) SaveAccounts(w http.ResponseWriter, r *http.Request, registry *AccountRegistry) error { 64 64 + session, err := o.SessStore.Get(r, AccountsName) 65 65 + if err != nil { 66 66 + return err 67 67 + } 68 68 + 69 69 + data, err := json.Marshal(registry) 70 70 + if err != nil { 71 71 + return err 72 72 + } 73 73 + 74 74 + session.Values["accounts"] = string(data) 75 75 + session.Options.MaxAge = 60 * 60 * 24 * 365 76 76 + session.Options.HttpOnly = true 77 77 + session.Options.Secure = !o.Config.Core.Dev 78 78 + session.Options.SameSite = http.SameSiteLaxMode 79 79 + 80 80 + return session.Save(r, w) 81 81 + } 82 82 + 83 83 + func (r *AccountRegistry) AddAccount(did, handle, sessionId string) error { 84 84 + for i, acc := range r.Accounts { 85 85 + if acc.Did == did { 86 86 + r.Accounts[i].SessionId = sessionId 87 87 + r.Accounts[i].Handle = handle 88 88 + return nil 89 89 + } 90 90 + } 91 91 + 92 92 + if len(r.Accounts) >= MaxAccounts { 93 93 + return ErrMaxAccountsReached 94 94 + } 95 95 + 96 96 + r.Accounts = append(r.Accounts, AccountInfo{ 97 97 + Did: did, 98 98 + Handle: handle, 99 99 + SessionId: sessionId, 100 100 + AddedAt: time.Now().Unix(), 101 101 + }) 102 102 + return nil 103 103 + } 104 104 + 105 105 + func (r *AccountRegistry) RemoveAccount(did string) { 106 106 + filtered := make([]AccountInfo, 0, len(r.Accounts)) 107 107 + for _, acc := range r.Accounts { 108 108 + if acc.Did != did { 109 109 + filtered = append(filtered, acc) 110 110 + } 111 111 + } 112 112 + r.Accounts = filtered 113 113 + } 114 114 + 115 115 + func (r *AccountRegistry) FindAccount(did string) *AccountInfo { 116 116 + for i := range r.Accounts { 117 117 + if r.Accounts[i].Did == did { 118 118 + return &r.Accounts[i] 119 119 + } 120 120 + } 121 121 + return nil 122 122 + } 123 123 + 124 124 + func (r *AccountRegistry) OtherAccounts(activeDid string) []AccountInfo { 125 125 + result := make([]AccountInfo, 0, len(r.Accounts)) 126 126 + for _, acc := range r.Accounts { 127 127 + if acc.Did != activeDid { 128 128 + result = append(result, acc) 129 129 + } 130 130 + } 131 131 + return result 132 132 + } 133 133 + 134 134 + func (o *OAuth) GetMultiAccountUser(r *http.Request) *MultiAccountUser { 135 135 + user := o.GetUser(r) 136 136 + if user == nil { 137 137 + return nil 138 138 + } 139 139 + 140 140 + registry := o.GetAccounts(r) 141 141 + return &MultiAccountUser{ 142 142 + Active: user, 143 143 + Accounts: registry.Accounts, 144 144 + } 145 145 + } 146 146 + 147 147 + type AuthReturnInfo struct { 148 148 + ReturnURL string 149 149 + AddAccount bool 150 150 + } 151 151 + 152 152 + func (o *OAuth) SetAuthReturn(w http.ResponseWriter, r *http.Request, returnURL string, addAccount bool) error { 153 153 + session, err := o.SessStore.Get(r, AuthReturnName) 154 154 + if err != nil { 155 155 + return err 156 156 + } 157 157 + 158 158 + session.Values[AuthReturnURL] = returnURL 159 159 + session.Values[AuthAddAccount] = addAccount 160 160 + session.Options.MaxAge = 60 * 30 161 161 + session.Options.HttpOnly = true 162 162 + session.Options.Secure = !o.Config.Core.Dev 163 163 + session.Options.SameSite = http.SameSiteLaxMode 164 164 + 165 165 + return session.Save(r, w) 166 166 + } 167 167 + 168 168 + func (o *OAuth) GetAuthReturn(r *http.Request) *AuthReturnInfo { 169 169 + session, err := o.SessStore.Get(r, AuthReturnName) 170 170 + if err != nil || session.IsNew { 171 171 + return &AuthReturnInfo{} 172 172 + } 173 173 + 174 174 + returnURL, _ := session.Values[AuthReturnURL].(string) 175 175 + addAccount, _ := session.Values[AuthAddAccount].(bool) 176 176 + 177 177 + return &AuthReturnInfo{ 178 178 + ReturnURL: returnURL, 179 179 + AddAccount: addAccount, 180 180 + } 181 181 + } 182 182 + 183 183 + func (o *OAuth) ClearAuthReturn(w http.ResponseWriter, r *http.Request) error { 184 184 + session, err := o.SessStore.Get(r, AuthReturnName) 185 185 + if err != nil { 186 186 + return err 187 187 + } 188 188 + 189 189 + session.Options.MaxAge = -1 190 190 + return session.Save(r, w) 191 191 + }

+265

appview/oauth/accounts_test.go

··· 1 1 + package oauth 2 2 + 3 3 + import ( 4 4 + "testing" 5 5 + ) 6 6 + 7 7 + func TestAccountRegistry_AddAccount(t *testing.T) { 8 8 + tests := []struct { 9 9 + name string 10 10 + initial []AccountInfo 11 11 + addDid string 12 12 + addHandle string 13 13 + addSessionId string 14 14 + wantErr error 15 15 + wantLen int 16 16 + wantSessionId string 17 17 + }{ 18 18 + { 19 19 + name: "add first account", 20 20 + initial: []AccountInfo{}, 21 21 + addDid: "did:plc:abc123", 22 22 + addHandle: "alice.bsky.social", 23 23 + addSessionId: "session-1", 24 24 + wantErr: nil, 25 25 + wantLen: 1, 26 26 + wantSessionId: "session-1", 27 27 + }, 28 28 + { 29 29 + name: "add second account", 30 30 + initial: []AccountInfo{ 31 31 + {Did: "did:plc:abc123", Handle: "alice.bsky.social", SessionId: "session-1", AddedAt: 1000}, 32 32 + }, 33 33 + addDid: "did:plc:def456", 34 34 + addHandle: "bob.bsky.social", 35 35 + addSessionId: "session-2", 36 36 + wantErr: nil, 37 37 + wantLen: 2, 38 38 + wantSessionId: "session-2", 39 39 + }, 40 40 + { 41 41 + name: "update existing account session", 42 42 + initial: []AccountInfo{ 43 43 + {Did: "did:plc:abc123", Handle: "alice.bsky.social", SessionId: "old-session", AddedAt: 1000}, 44 44 + }, 45 45 + addDid: "did:plc:abc123", 46 46 + addHandle: "alice.bsky.social", 47 47 + addSessionId: "new-session", 48 48 + wantErr: nil, 49 49 + wantLen: 1, 50 50 + wantSessionId: "new-session", 51 51 + }, 52 52 + } 53 53 + 54 54 + for _, tt := range tests { 55 55 + t.Run(tt.name, func(t *testing.T) { 56 56 + registry := &AccountRegistry{Accounts: tt.initial} 57 57 + err := registry.AddAccount(tt.addDid, tt.addHandle, tt.addSessionId) 58 58 + 59 59 + if err != tt.wantErr { 60 60 + t.Errorf("AddAccount() error = %v, want %v", err, tt.wantErr) 61 61 + } 62 62 + 63 63 + if len(registry.Accounts) != tt.wantLen { 64 64 + t.Errorf("AddAccount() len = %d, want %d", len(registry.Accounts), tt.wantLen) 65 65 + } 66 66 + 67 67 + found := registry.FindAccount(tt.addDid) 68 68 + if found == nil { 69 69 + t.Errorf("AddAccount() account not found after add") 70 70 + return 71 71 + } 72 72 + 73 73 + if found.SessionId != tt.wantSessionId { 74 74 + t.Errorf("AddAccount() sessionId = %s, want %s", found.SessionId, tt.wantSessionId) 75 75 + } 76 76 + }) 77 77 + } 78 78 + } 79 79 + 80 80 + func TestAccountRegistry_AddAccount_MaxLimit(t *testing.T) { 81 81 + registry := &AccountRegistry{Accounts: make([]AccountInfo, 0, MaxAccounts)} 82 82 + 83 83 + for i := range MaxAccounts { 84 84 + err := registry.AddAccount("did:plc:user"+string(rune('a'+i)), "handle", "session") 85 85 + if err != nil { 86 86 + t.Fatalf("AddAccount() unexpected error on account %d: %v", i, err) 87 87 + } 88 88 + } 89 89 + 90 90 + if len(registry.Accounts) != MaxAccounts { 91 91 + t.Errorf("expected %d accounts, got %d", MaxAccounts, len(registry.Accounts)) 92 92 + } 93 93 + 94 94 + err := registry.AddAccount("did:plc:overflow", "overflow", "session-overflow") 95 95 + if err != ErrMaxAccountsReached { 96 96 + t.Errorf("AddAccount() error = %v, want %v", err, ErrMaxAccountsReached) 97 97 + } 98 98 + 99 99 + if len(registry.Accounts) != MaxAccounts { 100 100 + t.Errorf("account added despite max limit, got %d", len(registry.Accounts)) 101 101 + } 102 102 + } 103 103 + 104 104 + func TestAccountRegistry_RemoveAccount(t *testing.T) { 105 105 + tests := []struct { 106 106 + name string 107 107 + initial []AccountInfo 108 108 + removeDid string 109 109 + wantLen int 110 110 + wantDids []string 111 111 + }{ 112 112 + { 113 113 + name: "remove existing account", 114 114 + initial: []AccountInfo{ 115 115 + {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 116 116 + {Did: "did:plc:def456", Handle: "bob", SessionId: "s2"}, 117 117 + }, 118 118 + removeDid: "did:plc:abc123", 119 119 + wantLen: 1, 120 120 + wantDids: []string{"did:plc:def456"}, 121 121 + }, 122 122 + { 123 123 + name: "remove non-existing account", 124 124 + initial: []AccountInfo{ 125 125 + {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 126 126 + }, 127 127 + removeDid: "did:plc:notfound", 128 128 + wantLen: 1, 129 129 + wantDids: []string{"did:plc:abc123"}, 130 130 + }, 131 131 + { 132 132 + name: "remove last account", 133 133 + initial: []AccountInfo{ 134 134 + {Did: "did:plc:abc123", Handle: "alice", SessionId: "s1"}, 135 135 + }, 136 136 + removeDid: "did:plc:abc123", 137 137 + wantLen: 0, 138 138 + wantDids: []string{}, 139 139 + }, 140 140 + { 141 141 + name: "remove from empty registry", 142 142 + initial: []AccountInfo{}, 143 143 + removeDid: "did:plc:abc123", 144 144 + wantLen: 0, 145 145 + wantDids: []string{}, 146 146 + }, 147 147 + } 148 148 + 149 149 + for _, tt := range tests { 150 150 + t.Run(tt.name, func(t *testing.T) { 151 151 + registry := &AccountRegistry{Accounts: tt.initial} 152 152 + registry.RemoveAccount(tt.removeDid) 153 153 + 154 154 + if len(registry.Accounts) != tt.wantLen { 155 155 + t.Errorf("RemoveAccount() len = %d, want %d", len(registry.Accounts), tt.wantLen) 156 156 + } 157 157 + 158 158 + for _, wantDid := range tt.wantDids { 159 159 + if registry.FindAccount(wantDid) == nil { 160 160 + t.Errorf("RemoveAccount() expected %s to remain", wantDid) 161 161 + } 162 162 + } 163 163 + 164 164 + if registry.FindAccount(tt.removeDid) != nil && tt.wantLen < len(tt.initial) { 165 165 + t.Errorf("RemoveAccount() %s should have been removed", tt.removeDid) 166 166 + } 167 167 + }) 168 168 + } 169 169 + } 170 170 + 171 171 + func TestAccountRegistry_FindAccount(t *testing.T) { 172 172 + registry := &AccountRegistry{ 173 173 + Accounts: []AccountInfo{ 174 174 + {Did: "did:plc:first", Handle: "first", SessionId: "s1", AddedAt: 1000}, 175 175 + {Did: "did:plc:second", Handle: "second", SessionId: "s2", AddedAt: 2000}, 176 176 + {Did: "did:plc:third", Handle: "third", SessionId: "s3", AddedAt: 3000}, 177 177 + }, 178 178 + } 179 179 + 180 180 + t.Run("find existing account", func(t *testing.T) { 181 181 + found := registry.FindAccount("did:plc:second") 182 182 + if found == nil { 183 183 + t.Fatal("FindAccount() returned nil for existing account") 184 184 + } 185 185 + if found.Handle != "second" { 186 186 + t.Errorf("FindAccount() handle = %s, want second", found.Handle) 187 187 + } 188 188 + if found.SessionId != "s2" { 189 189 + t.Errorf("FindAccount() sessionId = %s, want s2", found.SessionId) 190 190 + } 191 191 + }) 192 192 + 193 193 + t.Run("find non-existing account", func(t *testing.T) { 194 194 + found := registry.FindAccount("did:plc:notfound") 195 195 + if found != nil { 196 196 + t.Errorf("FindAccount() = %v, want nil", found) 197 197 + } 198 198 + }) 199 199 + 200 200 + t.Run("returned pointer is mutable", func(t *testing.T) { 201 201 + found := registry.FindAccount("did:plc:first") 202 202 + if found == nil { 203 203 + t.Fatal("FindAccount() returned nil") 204 204 + } 205 205 + found.SessionId = "modified" 206 206 + 207 207 + refetch := registry.FindAccount("did:plc:first") 208 208 + if refetch.SessionId != "modified" { 209 209 + t.Errorf("FindAccount() pointer not referencing original, got %s", refetch.SessionId) 210 210 + } 211 211 + }) 212 212 + } 213 213 + 214 214 + func TestAccountRegistry_OtherAccounts(t *testing.T) { 215 215 + registry := &AccountRegistry{ 216 216 + Accounts: []AccountInfo{ 217 217 + {Did: "did:plc:active", Handle: "active", SessionId: "s1"}, 218 218 + {Did: "did:plc:other1", Handle: "other1", SessionId: "s2"}, 219 219 + {Did: "did:plc:other2", Handle: "other2", SessionId: "s3"}, 220 220 + }, 221 221 + } 222 222 + 223 223 + others := registry.OtherAccounts("did:plc:active") 224 224 + 225 225 + if len(others) != 2 { 226 226 + t.Errorf("OtherAccounts() len = %d, want 2", len(others)) 227 227 + } 228 228 + 229 229 + for _, acc := range others { 230 230 + if acc.Did == "did:plc:active" { 231 231 + t.Errorf("OtherAccounts() should not include active account") 232 232 + } 233 233 + } 234 234 + 235 235 + hasDid := func(did string) bool { 236 236 + for _, acc := range others { 237 237 + if acc.Did == did { 238 238 + return true 239 239 + } 240 240 + } 241 241 + return false 242 242 + } 243 243 + 244 244 + if !hasDid("did:plc:other1") || !hasDid("did:plc:other2") { 245 245 + t.Errorf("OtherAccounts() missing expected accounts") 246 246 + } 247 247 + } 248 248 + 249 249 + func TestMultiAccountUser_Did(t *testing.T) { 250 250 + t.Run("with active user", func(t *testing.T) { 251 251 + user := &MultiAccountUser{ 252 252 + Active: &User{Did: "did:plc:test", Pds: "https://bsky.social"}, 253 253 + } 254 254 + if user.Did() != "did:plc:test" { 255 255 + t.Errorf("Did() = %s, want did:plc:test", user.Did()) 256 256 + } 257 257 + }) 258 258 + 259 259 + t.Run("with nil active", func(t *testing.T) { 260 260 + user := &MultiAccountUser{Active: nil} 261 261 + if user.Did() != "" { 262 262 + t.Errorf("Did() = %s, want empty string", user.Did()) 263 263 + } 264 264 + }) 265 265 + }

+5 -1

appview/oauth/consts.go

··· 1 1 package oauth 2 2 3 3 const ( 4 4 - SessionName = "appview-session-v2" 4 4 + SessionName = "appview-session-v2" 5 5 + AccountsName = "appview-accounts-v2" 6 6 + AuthReturnName = "appview-auth-return" 7 7 + AuthReturnURL = "return_url" 8 8 + AuthAddAccount = "add_account" 5 9 SessionHandle = "handle" 6 10 SessionDid = "did" 7 11 SessionId = "id"

+14 -2

appview/oauth/handler.go

··· 55 55 ctx := r.Context() 56 56 l := o.Logger.With("query", r.URL.Query()) 57 57 58 58 + authReturn := o.GetAuthReturn(r) 59 59 + _ = o.ClearAuthReturn(w, r) 60 60 + 58 61 sessData, err := o.ClientApp.ProcessCallback(ctx, r.URL.Query()) 59 62 if err != nil { 60 63 var callbackErr *oauth.AuthRequestCallbackError ··· 70 73 71 74 if err := o.SaveSession(w, r, sessData); err != nil { 72 75 l.Error("failed to save session", "data", sessData, "err", err) 73 73 - http.Redirect(w, r, "/login?error=session", http.StatusFound) 76 76 + errorCode := "session" 77 77 + if errors.Is(err, ErrMaxAccountsReached) { 78 78 + errorCode = "max_accounts" 79 79 + } 80 80 + http.Redirect(w, r, fmt.Sprintf("/login?error=%s", errorCode), http.StatusFound) 74 81 return 75 82 } 76 83 ··· 88 95 } 89 96 } 90 97 91 91 - http.Redirect(w, r, "/", http.StatusFound) 98 98 + redirectURL := "/" 99 99 + if authReturn.ReturnURL != "" { 100 100 + redirectURL = authReturn.ReturnURL 101 101 + } 102 102 + 103 103 + http.Redirect(w, r, redirectURL, http.StatusFound) 92 104 } 93 105 94 106 func (o *OAuth) addToDefaultSpindle(did string) {

+66 -4

appview/oauth/oauth.go

··· 98 98 } 99 99 100 100 func (o *OAuth) SaveSession(w http.ResponseWriter, r *http.Request, sessData *oauth.ClientSessionData) error { 101 101 - // first we save the did in the user session 102 101 userSession, err := o.SessStore.Get(r, SessionName) 103 102 if err != nil { 104 103 return err ··· 108 107 userSession.Values[SessionPds] = sessData.HostURL 109 108 userSession.Values[SessionId] = sessData.SessionID 110 109 userSession.Values[SessionAuthenticated] = true 111 111 - return userSession.Save(r, w) 110 110 + 111 111 + if err := userSession.Save(r, w); err != nil { 112 112 + return err 113 113 + } 114 114 + 115 115 + handle := "" 116 116 + resolved, err := o.IdResolver.ResolveIdent(r.Context(), sessData.AccountDID.String()) 117 117 + if err == nil && resolved.Handle.String() != "" { 118 118 + handle = resolved.Handle.String() 119 119 + } 120 120 + 121 121 + registry := o.GetAccounts(r) 122 122 + if err := registry.AddAccount(sessData.AccountDID.String(), handle, sessData.SessionID); err != nil { 123 123 + return err 124 124 + } 125 125 + return o.SaveAccounts(w, r, registry) 112 126 } 113 127 114 128 func (o *OAuth) ResumeSession(r *http.Request) (*oauth.ClientSession, error) { ··· 163 177 return errors.Join(err1, err2) 164 178 } 165 179 180 180 + func (o *OAuth) SwitchAccount(w http.ResponseWriter, r *http.Request, targetDid string) error { 181 181 + registry := o.GetAccounts(r) 182 182 + account := registry.FindAccount(targetDid) 183 183 + if account == nil { 184 184 + return fmt.Errorf("account not found in registry: %s", targetDid) 185 185 + } 186 186 + 187 187 + did, err := syntax.ParseDID(targetDid) 188 188 + if err != nil { 189 189 + return fmt.Errorf("invalid DID: %w", err) 190 190 + } 191 191 + 192 192 + sess, err := o.ClientApp.ResumeSession(r.Context(), did, account.SessionId) 193 193 + if err != nil { 194 194 + registry.RemoveAccount(targetDid) 195 195 + _ = o.SaveAccounts(w, r, registry) 196 196 + return fmt.Errorf("session expired for account: %w", err) 197 197 + } 198 198 + 199 199 + userSession, err := o.SessStore.Get(r, SessionName) 200 200 + if err != nil { 201 201 + return err 202 202 + } 203 203 + 204 204 + userSession.Values[SessionDid] = sess.Data.AccountDID.String() 205 205 + userSession.Values[SessionPds] = sess.Data.HostURL 206 206 + userSession.Values[SessionId] = sess.Data.SessionID 207 207 + userSession.Values[SessionAuthenticated] = true 208 208 + 209 209 + return userSession.Save(r, w) 210 210 + } 211 211 + 212 212 + func (o *OAuth) RemoveAccount(w http.ResponseWriter, r *http.Request, targetDid string) error { 213 213 + registry := o.GetAccounts(r) 214 214 + account := registry.FindAccount(targetDid) 215 215 + if account == nil { 216 216 + return nil 217 217 + } 218 218 + 219 219 + did, err := syntax.ParseDID(targetDid) 220 220 + if err == nil { 221 221 + _ = o.ClientApp.Logout(r.Context(), did, account.SessionId) 222 222 + } 223 223 + 224 224 + registry.RemoveAccount(targetDid) 225 225 + return o.SaveAccounts(w, r, registry) 226 226 + } 227 227 + 166 228 type User struct { 167 229 Did string 168 230 Pds string ··· 181 243 } 182 244 183 245 func (o *OAuth) GetDid(r *http.Request) string { 184 184 - if u := o.GetUser(r); u != nil { 185 185 - return u.Did 246 246 + if u := o.GetMultiAccountUser(r); u != nil { 247 247 + return u.Did() 186 248 } 187 249 188 250 return ""

+10

appview/pages/funcmap.go

··· 28 28 emoji "github.com/yuin/goldmark-emoji" 29 29 "tangled.org/core/appview/filetree" 30 30 "tangled.org/core/appview/models" 31 31 + "tangled.org/core/appview/oauth" 31 32 "tangled.org/core/appview/pages/markup" 32 33 "tangled.org/core/crypto" 33 34 ) ··· 384 385 return "error" 385 386 } 386 387 return fp 388 388 + }, 389 389 + "otherAccounts": func(activeDid string, accounts []oauth.AccountInfo) []oauth.AccountInfo { 390 390 + result := make([]oauth.AccountInfo, 0, len(accounts)) 391 391 + for _, acc := range accounts { 392 392 + if acc.Did != activeDid { 393 393 + result = append(result, acc) 394 394 + } 395 395 + } 396 396 + return result 387 397 }, 388 398 } 389 399 }

+68 -66

appview/pages/pages.go

··· 215 215 } 216 216 217 217 type LoginParams struct { 218 218 - ReturnUrl string 219 219 - ErrorCode string 218 218 + ReturnUrl string 219 219 + ErrorCode string 220 220 + AddAccount bool 221 221 + LoggedInUser *oauth.MultiAccountUser 220 222 } 221 223 222 224 func (p *Pages) Login(w io.Writer, params LoginParams) error { ··· 236 238 } 237 239 238 240 type TermsOfServiceParams struct { 239 239 - LoggedInUser *oauth.User 241 241 + LoggedInUser *oauth.MultiAccountUser 240 242 Content template.HTML 241 243 } 242 244 ··· 264 266 } 265 267 266 268 type PrivacyPolicyParams struct { 267 267 - LoggedInUser *oauth.User 269 269 + LoggedInUser *oauth.MultiAccountUser 268 270 Content template.HTML 269 271 } 270 272 ··· 292 294 } 293 295 294 296 type BrandParams struct { 295 295 - LoggedInUser *oauth.User 297 297 + LoggedInUser *oauth.MultiAccountUser 296 298 } 297 299 298 300 func (p *Pages) Brand(w io.Writer, params BrandParams) error { ··· 300 302 } 301 303 302 304 type TimelineParams struct { 303 303 - LoggedInUser *oauth.User 305 305 + LoggedInUser *oauth.MultiAccountUser 304 306 Timeline []models.TimelineEvent 305 307 Repos []models.Repo 306 308 GfiLabel *models.LabelDefinition ··· 311 313 } 312 314 313 315 type GoodFirstIssuesParams struct { 314 314 - LoggedInUser *oauth.User 316 316 + LoggedInUser *oauth.MultiAccountUser 315 317 Issues []models.Issue 316 318 RepoGroups []*models.RepoGroup 317 319 LabelDefs map[string]*models.LabelDefinition ··· 324 326 } 325 327 326 328 type UserProfileSettingsParams struct { 327 327 - LoggedInUser *oauth.User 329 329 + LoggedInUser *oauth.MultiAccountUser 328 330 Tabs []map[string]any 329 331 Tab string 330 332 } ··· 334 336 } 335 337 336 338 type NotificationsParams struct { 337 337 - LoggedInUser *oauth.User 339 339 + LoggedInUser *oauth.MultiAccountUser 338 340 Notifications []*models.NotificationWithEntity 339 341 UnreadCount int 340 342 Page pagination.Page ··· 362 364 } 363 365 364 366 type UserKeysSettingsParams struct { 365 365 - LoggedInUser *oauth.User 367 367 + LoggedInUser *oauth.MultiAccountUser 366 368 PubKeys []models.PublicKey 367 369 Tabs []map[string]any 368 370 Tab string ··· 373 375 } 374 376 375 377 type UserEmailsSettingsParams struct { 376 376 - LoggedInUser *oauth.User 378 378 + LoggedInUser *oauth.MultiAccountUser 377 379 Emails []models.Email 378 380 Tabs []map[string]any 379 381 Tab string ··· 384 386 } 385 387 386 388 type UserNotificationSettingsParams struct { 387 387 - LoggedInUser *oauth.User 389 389 + LoggedInUser *oauth.MultiAccountUser 388 390 Preferences *models.NotificationPreferences 389 391 Tabs []map[string]any 390 392 Tab string ··· 404 406 } 405 407 406 408 type KnotsParams struct { 407 407 - LoggedInUser *oauth.User 409 409 + LoggedInUser *oauth.MultiAccountUser 408 410 Registrations []models.Registration 409 411 Tabs []map[string]any 410 412 Tab string ··· 415 417 } 416 418 417 419 type KnotParams struct { 418 418 - LoggedInUser *oauth.User 420 420 + LoggedInUser *oauth.MultiAccountUser 419 421 Registration *models.Registration 420 422 Members []string 421 423 Repos map[string][]models.Repo ··· 437 439 } 438 440 439 441 type SpindlesParams struct { 440 440 - LoggedInUser *oauth.User 442 442 + LoggedInUser *oauth.MultiAccountUser 441 443 Spindles []models.Spindle 442 444 Tabs []map[string]any 443 445 Tab string ··· 458 460 } 459 461 460 462 type SpindleDashboardParams struct { 461 461 - LoggedInUser *oauth.User 463 463 + LoggedInUser *oauth.MultiAccountUser 462 464 Spindle models.Spindle 463 465 Members []string 464 466 Repos map[string][]models.Repo ··· 471 473 } 472 474 473 475 type NewRepoParams struct { 474 474 - LoggedInUser *oauth.User 476 476 + LoggedInUser *oauth.MultiAccountUser 475 477 Knots []string 476 478 } 477 479 ··· 480 482 } 481 483 482 484 type ForkRepoParams struct { 483 483 - LoggedInUser *oauth.User 485 485 + LoggedInUser *oauth.MultiAccountUser 484 486 Knots []string 485 487 RepoInfo repoinfo.RepoInfo 486 488 } ··· 518 520 } 519 521 520 522 type ProfileOverviewParams struct { 521 521 - LoggedInUser *oauth.User 523 523 + LoggedInUser *oauth.MultiAccountUser 522 524 Repos []models.Repo 523 525 CollaboratingRepos []models.Repo 524 526 ProfileTimeline *models.ProfileTimeline ··· 532 534 } 533 535 534 536 type ProfileReposParams struct { 535 535 - LoggedInUser *oauth.User 537 537 + LoggedInUser *oauth.MultiAccountUser 536 538 Repos []models.Repo 537 539 Card *ProfileCard 538 540 Active string ··· 544 546 } 545 547 546 548 type ProfileStarredParams struct { 547 547 - LoggedInUser *oauth.User 549 549 + LoggedInUser *oauth.MultiAccountUser 548 550 Repos []models.Repo 549 551 Card *ProfileCard 550 552 Active string ··· 556 558 } 557 559 558 560 type ProfileStringsParams struct { 559 559 - LoggedInUser *oauth.User 561 561 + LoggedInUser *oauth.MultiAccountUser 560 562 Strings []models.String 561 563 Card *ProfileCard 562 564 Active string ··· 569 571 570 572 type FollowCard struct { 571 573 UserDid string 572 572 - LoggedInUser *oauth.User 574 574 + LoggedInUser *oauth.MultiAccountUser 573 575 FollowStatus models.FollowStatus 574 576 FollowersCount int64 575 577 FollowingCount int64 ··· 577 579 } 578 580 579 581 type ProfileFollowersParams struct { 580 580 - LoggedInUser *oauth.User 582 582 + LoggedInUser *oauth.MultiAccountUser 581 583 Followers []FollowCard 582 584 Card *ProfileCard 583 585 Active string ··· 589 591 } 590 592 591 593 type ProfileFollowingParams struct { 592 592 - LoggedInUser *oauth.User 594 594 + LoggedInUser *oauth.MultiAccountUser 593 595 Following []FollowCard 594 596 Card *ProfileCard 595 597 Active string ··· 610 612 } 611 613 612 614 type EditBioParams struct { 613 613 - LoggedInUser *oauth.User 615 615 + LoggedInUser *oauth.MultiAccountUser 614 616 Profile *models.Profile 615 617 } 616 618 ··· 619 621 } 620 622 621 623 type EditPinsParams struct { 622 622 - LoggedInUser *oauth.User 624 624 + LoggedInUser *oauth.MultiAccountUser 623 625 Profile *models.Profile 624 626 AllRepos []PinnedRepo 625 627 } ··· 644 646 } 645 647 646 648 type RepoIndexParams struct { 647 647 - LoggedInUser *oauth.User 649 649 + LoggedInUser *oauth.MultiAccountUser 648 650 RepoInfo repoinfo.RepoInfo 649 651 Active string 650 652 TagMap map[string][]string ··· 693 695 } 694 696 695 697 type RepoLogParams struct { 696 696 - LoggedInUser *oauth.User 698 698 + LoggedInUser *oauth.MultiAccountUser 697 699 RepoInfo repoinfo.RepoInfo 698 700 TagMap map[string][]string 699 701 Active string ··· 710 712 } 711 713 712 714 type RepoCommitParams struct { 713 713 - LoggedInUser *oauth.User 715 715 + LoggedInUser *oauth.MultiAccountUser 714 716 RepoInfo repoinfo.RepoInfo 715 717 Active string 716 718 EmailToDid map[string]string ··· 729 731 } 730 732 731 733 type RepoTreeParams struct { 732 732 - LoggedInUser *oauth.User 734 734 + LoggedInUser *oauth.MultiAccountUser 733 735 RepoInfo repoinfo.RepoInfo 734 736 Active string 735 737 BreadCrumbs [][]string ··· 784 786 } 785 787 786 788 type RepoBranchesParams struct { 787 787 - LoggedInUser *oauth.User 789 789 + LoggedInUser *oauth.MultiAccountUser 788 790 RepoInfo repoinfo.RepoInfo 789 791 Active string 790 792 types.RepoBranchesResponse ··· 796 798 } 797 799 798 800 type RepoTagsParams struct { 799 799 - LoggedInUser *oauth.User 801 801 + LoggedInUser *oauth.MultiAccountUser 800 802 RepoInfo repoinfo.RepoInfo 801 803 Active string 802 804 types.RepoTagsResponse ··· 810 812 } 811 813 812 814 type RepoArtifactParams struct { 813 813 - LoggedInUser *oauth.User 815 815 + LoggedInUser *oauth.MultiAccountUser 814 816 RepoInfo repoinfo.RepoInfo 815 817 Artifact models.Artifact 816 818 } ··· 820 822 } 821 823 822 824 type RepoBlobParams struct { 823 823 - LoggedInUser *oauth.User 825 825 + LoggedInUser *oauth.MultiAccountUser 824 826 RepoInfo repoinfo.RepoInfo 825 827 Active string 826 828 BreadCrumbs [][]string ··· 844 846 } 845 847 846 848 type RepoSettingsParams struct { 847 847 - LoggedInUser *oauth.User 849 849 + LoggedInUser *oauth.MultiAccountUser 848 850 RepoInfo repoinfo.RepoInfo 849 851 Collaborators []Collaborator 850 852 Active string ··· 863 865 } 864 866 865 867 type RepoGeneralSettingsParams struct { 866 866 - LoggedInUser *oauth.User 868 868 + LoggedInUser *oauth.MultiAccountUser 867 869 RepoInfo repoinfo.RepoInfo 868 870 Labels []models.LabelDefinition 869 871 DefaultLabels []models.LabelDefinition ··· 881 883 } 882 884 883 885 type RepoAccessSettingsParams struct { 884 884 - LoggedInUser *oauth.User 886 886 + LoggedInUser *oauth.MultiAccountUser 885 887 RepoInfo repoinfo.RepoInfo 886 888 Active string 887 889 Tabs []map[string]any ··· 895 897 } 896 898 897 899 type RepoPipelineSettingsParams struct { 898 898 - LoggedInUser *oauth.User 900 900 + LoggedInUser *oauth.MultiAccountUser 899 901 RepoInfo repoinfo.RepoInfo 900 902 Active string 901 903 Tabs []map[string]any ··· 911 913 } 912 914 913 915 type RepoIssuesParams struct { 914 914 - LoggedInUser *oauth.User 916 916 + LoggedInUser *oauth.MultiAccountUser 915 917 RepoInfo repoinfo.RepoInfo 916 918 Active string 917 919 Issues []models.Issue ··· 928 930 } 929 931 930 932 type RepoSingleIssueParams struct { 931 931 - LoggedInUser *oauth.User 933 933 + LoggedInUser *oauth.MultiAccountUser 932 934 RepoInfo repoinfo.RepoInfo 933 935 Active string 934 936 Issue *models.Issue ··· 947 949 } 948 950 949 951 type EditIssueParams struct { 950 950 - LoggedInUser *oauth.User 952 952 + LoggedInUser *oauth.MultiAccountUser 951 953 RepoInfo repoinfo.RepoInfo 952 954 Issue *models.Issue 953 955 Action string ··· 971 973 } 972 974 973 975 type RepoNewIssueParams struct { 974 974 - LoggedInUser *oauth.User 976 976 + LoggedInUser *oauth.MultiAccountUser 975 977 RepoInfo repoinfo.RepoInfo 976 978 Issue *models.Issue // existing issue if any -- passed when editing 977 979 Active string ··· 985 987 } 986 988 987 989 type EditIssueCommentParams struct { 988 988 - LoggedInUser *oauth.User 990 990 + LoggedInUser *oauth.MultiAccountUser 989 991 RepoInfo repoinfo.RepoInfo 990 992 Issue *models.Issue 991 993 Comment *models.IssueComment ··· 996 998 } 997 999 998 1000 type ReplyIssueCommentPlaceholderParams struct { 999 999 - LoggedInUser *oauth.User 1001 1001 + LoggedInUser *oauth.MultiAccountUser 1000 1002 RepoInfo repoinfo.RepoInfo 1001 1003 Issue *models.Issue 1002 1004 Comment *models.IssueComment ··· 1007 1009 } 1008 1010 1009 1011 type ReplyIssueCommentParams struct { 1010 1010 - LoggedInUser *oauth.User 1012 1012 + LoggedInUser *oauth.MultiAccountUser 1011 1013 RepoInfo repoinfo.RepoInfo 1012 1014 Issue *models.Issue 1013 1015 Comment *models.IssueComment ··· 1018 1020 } 1019 1021 1020 1022 type IssueCommentBodyParams struct { 1021 1021 - LoggedInUser *oauth.User 1023 1023 + LoggedInUser *oauth.MultiAccountUser 1022 1024 RepoInfo repoinfo.RepoInfo 1023 1025 Issue *models.Issue 1024 1026 Comment *models.IssueComment ··· 1029 1031 } 1030 1032 1031 1033 type RepoNewPullParams struct { 1032 1032 - LoggedInUser *oauth.User 1034 1034 + LoggedInUser *oauth.MultiAccountUser 1033 1035 RepoInfo repoinfo.RepoInfo 1034 1036 Branches []types.Branch 1035 1037 Strategy string ··· 1046 1048 } 1047 1049 1048 1050 type RepoPullsParams struct { 1049 1049 - LoggedInUser *oauth.User 1051 1051 + LoggedInUser *oauth.MultiAccountUser 1050 1052 RepoInfo repoinfo.RepoInfo 1051 1053 Pulls []*models.Pull 1052 1054 Active string ··· 1081 1083 } 1082 1084 1083 1085 type RepoSinglePullParams struct { 1084 1084 - LoggedInUser *oauth.User 1086 1086 + LoggedInUser *oauth.MultiAccountUser 1085 1087 RepoInfo repoinfo.RepoInfo 1086 1088 Active string 1087 1089 Pull *models.Pull ··· 1106 1108 } 1107 1109 1108 1110 type RepoPullPatchParams struct { 1109 1109 - LoggedInUser *oauth.User 1111 1111 + LoggedInUser *oauth.MultiAccountUser 1110 1112 RepoInfo repoinfo.RepoInfo 1111 1113 Pull *models.Pull 1112 1114 Stack models.Stack ··· 1123 1125 } 1124 1126 1125 1127 type RepoPullInterdiffParams struct { 1126 1126 - LoggedInUser *oauth.User 1128 1128 + LoggedInUser *oauth.MultiAccountUser 1127 1129 RepoInfo repoinfo.RepoInfo 1128 1130 Pull *models.Pull 1129 1131 Round int ··· 1176 1178 } 1177 1179 1178 1180 type PullResubmitParams struct { 1179 1179 - LoggedInUser *oauth.User 1181 1181 + LoggedInUser *oauth.MultiAccountUser 1180 1182 RepoInfo repoinfo.RepoInfo 1181 1183 Pull *models.Pull 1182 1184 SubmissionId int ··· 1187 1189 } 1188 1190 1189 1191 type PullActionsParams struct { 1190 1190 - LoggedInUser *oauth.User 1192 1192 + LoggedInUser *oauth.MultiAccountUser 1191 1193 RepoInfo repoinfo.RepoInfo 1192 1194 Pull *models.Pull 1193 1195 RoundNumber int ··· 1202 1204 } 1203 1205 1204 1206 type PullNewCommentParams struct { 1205 1205 - LoggedInUser *oauth.User 1207 1207 + LoggedInUser *oauth.MultiAccountUser 1206 1208 RepoInfo repoinfo.RepoInfo 1207 1209 Pull *models.Pull 1208 1210 RoundNumber int ··· 1213 1215 } 1214 1216 1215 1217 type RepoCompareParams struct { 1216 1216 - LoggedInUser *oauth.User 1218 1218 + LoggedInUser *oauth.MultiAccountUser 1217 1219 RepoInfo repoinfo.RepoInfo 1218 1220 Forks []models.Repo 1219 1221 Branches []types.Branch ··· 1232 1234 } 1233 1235 1234 1236 type RepoCompareNewParams struct { 1235 1235 - LoggedInUser *oauth.User 1237 1237 + LoggedInUser *oauth.MultiAccountUser 1236 1238 RepoInfo repoinfo.RepoInfo 1237 1239 Forks []models.Repo 1238 1240 Branches []types.Branch ··· 1249 1251 } 1250 1252 1251 1253 type RepoCompareAllowPullParams struct { 1252 1252 - LoggedInUser *oauth.User 1254 1254 + LoggedInUser *oauth.MultiAccountUser 1253 1255 RepoInfo repoinfo.RepoInfo 1254 1256 Base string 1255 1257 Head string ··· 1269 1271 } 1270 1272 1271 1273 type LabelPanelParams struct { 1272 1272 - LoggedInUser *oauth.User 1274 1274 + LoggedInUser *oauth.MultiAccountUser 1273 1275 RepoInfo repoinfo.RepoInfo 1274 1276 Defs map[string]*models.LabelDefinition 1275 1277 Subject string ··· 1281 1283 } 1282 1284 1283 1285 type EditLabelPanelParams struct { 1284 1284 - LoggedInUser *oauth.User 1286 1286 + LoggedInUser *oauth.MultiAccountUser 1285 1287 RepoInfo repoinfo.RepoInfo 1286 1288 Defs map[string]*models.LabelDefinition 1287 1289 Subject string ··· 1293 1295 } 1294 1296 1295 1297 type PipelinesParams struct { 1296 1296 - LoggedInUser *oauth.User 1298 1298 + LoggedInUser *oauth.MultiAccountUser 1297 1299 RepoInfo repoinfo.RepoInfo 1298 1300 Pipelines []models.Pipeline 1299 1301 Active string ··· 1336 1338 } 1337 1339 1338 1340 type WorkflowParams struct { 1339 1339 - LoggedInUser *oauth.User 1341 1341 + LoggedInUser *oauth.MultiAccountUser 1340 1342 RepoInfo repoinfo.RepoInfo 1341 1343 Pipeline models.Pipeline 1342 1344 Workflow string ··· 1350 1352 } 1351 1353 1352 1354 type PutStringParams struct { 1353 1353 - LoggedInUser *oauth.User 1355 1355 + LoggedInUser *oauth.MultiAccountUser 1354 1356 Action string 1355 1357 1356 1358 // this is supplied in the case of editing an existing string ··· 1362 1364 } 1363 1365 1364 1366 type StringsDashboardParams struct { 1365 1365 - LoggedInUser *oauth.User 1367 1367 + LoggedInUser *oauth.MultiAccountUser 1366 1368 Card ProfileCard 1367 1369 Strings []models.String 1368 1370 } ··· 1372 1374 } 1373 1375 1374 1376 type StringTimelineParams struct { 1375 1375 - LoggedInUser *oauth.User 1377 1377 + LoggedInUser *oauth.MultiAccountUser 1376 1378 Strings []models.String 1377 1379 } 1378 1380 ··· 1381 1383 } 1382 1384 1383 1385 type SingleStringParams struct { 1384 1384 - LoggedInUser *oauth.User 1386 1386 + LoggedInUser *oauth.MultiAccountUser 1385 1387 ShowRendered bool 1386 1388 RenderToggle bool 1387 1389 RenderedContents template.HTML

+49 -11

appview/pages/templates/layouts/fragments/topbar.html

··· 49 49 {{ define "profileDropdown" }} 50 50 <details class="relative inline-block text-left nav-dropdown"> 51 51 <summary class="cursor-pointer list-none flex items-center gap-1"> 52 52 - {{ $user := .Did }} 52 52 + {{ $user := .Active.Did }} 53 53 <img 54 54 src="{{ tinyAvatar $user }}" 55 55 alt="" ··· 57 57 /> 58 58 <span class="hidden md:inline">{{ $user | resolve | truncateAt30 }}</span> 59 59 </summary> 60 60 - <div class="absolute flex flex-col right-0 mt-4 p-4 rounded w-48 bg-white dark:bg-gray-800 dark:text-white border border-gray-200 dark:border-gray-700"> 61 61 - <a href="/{{ $user }}">profile</a> 62 62 - <a href="/{{ $user }}?tab=repos">repositories</a> 63 63 - <a href="/{{ $user }}?tab=strings">strings</a> 64 64 - <a href="/settings">settings</a> 65 65 - <a href="#" 66 66 - hx-post="/logout" 67 67 - hx-swap="none" 68 68 - class="text-red-400 hover:text-red-700 dark:text-red-400 dark:hover:text-red-300"> 69 69 - logout 60 60 + <div class="absolute right-0 mt-4 p-4 rounded bg-white dark:bg-gray-800 dark:text-white border border-gray-200 dark:border-gray-700 shadow-lg z-50" style="width: 14rem;"> 61 61 + {{ $active := .Active.Did }} 62 62 + 63 63 + <div class="pb-2 mb-2 border-b border-gray-200 dark:border-gray-700"> 64 64 + <div class="flex items-center gap-2"> 65 65 + <img src="{{ tinyAvatar $active }}" alt="" class="rounded-full h-8 w-8 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 66 66 + <div class="flex-1 overflow-hidden"> 67 67 + <p class="font-medium text-sm truncate">{{ $active | resolve }}</p> 68 68 + <p class="text-xs text-green-600 dark:text-green-400">active</p> 69 69 + </div> 70 70 + </div> 71 71 + </div> 72 72 + 73 73 + {{ $others := .Accounts | otherAccounts $active }} 74 74 + {{ if $others }} 75 75 + <div class="pb-2 mb-2 border-b border-gray-200 dark:border-gray-700"> 76 76 + <p class="text-xs text-gray-500 dark:text-gray-400 uppercase tracking-wide mb-1">Switch Account</p> 77 77 + {{ range $others }} 78 78 + <button 79 79 + type="button" 80 80 + hx-post="/account/switch" 81 81 + hx-vals='{"did": "{{ .Did }}"}' 82 82 + hx-swap="none" 83 83 + class="flex items-center gap-2 w-full py-1.5 rounded hover:bg-gray-100 dark:hover:bg-gray-700 text-left" 84 84 + > 85 85 + <img src="{{ tinyAvatar .Did }}" alt="" class="rounded-full h-6 w-6 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 86 86 + <span class="text-sm truncate flex-1">{{ .Did | resolve }}</span> 87 87 + </button> 88 88 + {{ end }} 89 89 + </div> 90 90 + {{ end }} 91 91 + 92 92 + <a href="/login?mode=add_account" class="flex items-center gap-2 py-1 text-sm"> 93 93 + {{ i "plus" "w-4 h-4 flex-shrink-0" }} 94 94 + <span>Add another account</span> 70 95 </a> 96 96 + 97 97 + <div class="pt-2 mt-2 border-t border-gray-200 dark:border-gray-700 space-y-1"> 98 98 + <a href="/{{ $active }}" class="block py-1 text-sm">profile</a> 99 99 + <a href="/{{ $active }}?tab=repos" class="block py-1 text-sm">repositories</a> 100 100 + <a href="/{{ $active }}?tab=strings" class="block py-1 text-sm">strings</a> 101 101 + <a href="/settings" class="block py-1 text-sm">settings</a> 102 102 + <a href="#" 103 103 + hx-post="/logout" 104 104 + hx-swap="none" 105 105 + class="block py-1 text-sm text-red-400 hover:text-red-700 dark:text-red-400 dark:hover:text-red-300"> 106 106 + logout 107 107 + </a> 108 108 + </div> 71 109 </div> 72 110 </details> 73 111

+53

appview/pages/templates/user/login.html

··· 20 20 <h2 class="text-center text-xl italic dark:text-white"> 21 21 tightly-knit social coding. 22 22 </h2> 23 23 + 24 24 + {{ if .AddAccount }} 25 25 + <div class="flex gap-2 my-4 bg-blue-50 dark:bg-blue-900/30 border border-blue-300 dark:border-sky-800 rounded px-3 py-2 text-blue-600 dark:text-blue-300"> 26 26 + <span class="py-1">{{ i "user-plus" "w-4 h-4" }}</span> 27 27 + <div> 28 28 + <h5 class="font-medium">Add another account</h5> 29 29 + <p class="text-sm">Sign in with a different account to add it to your account list.</p> 30 30 + </div> 31 31 + </div> 32 32 + {{ end }} 33 33 + 34 34 + {{ if and .LoggedInUser .LoggedInUser.Accounts }} 35 35 + {{ $accounts := .LoggedInUser.Accounts }} 36 36 + {{ if $accounts }} 37 37 + <div class="my-4 border border-gray-200 dark:border-gray-700 rounded overflow-hidden"> 38 38 + <div class="px-3 py-2 bg-gray-50 dark:bg-gray-800 border-b border-gray-200 dark:border-gray-700"> 39 39 + <span class="text-xs text-gray-500 dark:text-gray-400 uppercase tracking-wide font-medium">Saved accounts</span> 40 40 + </div> 41 41 + <div class="divide-y divide-gray-200 dark:divide-gray-700"> 42 42 + {{ range $accounts }} 43 43 + <div class="flex items-center justify-between px-3 py-2 hover:bg-gray-100 dark:hover:bg-gray-700"> 44 44 + <button 45 45 + type="button" 46 46 + hx-post="/account/switch" 47 47 + hx-vals='{"did": "{{ .Did }}"}' 48 48 + hx-swap="none" 49 49 + class="flex items-center gap-2 flex-1 text-left min-w-0" 50 50 + > 51 51 + <img src="{{ tinyAvatar .Did }}" alt="" class="rounded-full h-8 w-8 flex-shrink-0 border border-gray-300 dark:border-gray-700" /> 52 52 + <div class="flex flex-col min-w-0"> 53 53 + <span class="text-sm font-medium dark:text-white truncate">{{ .Did | resolve | truncateAt30 }}</span> 54 54 + <span class="text-xs text-gray-500 dark:text-gray-400">Click to switch</span> 55 55 + </div> 56 56 + </button> 57 57 + <button 58 58 + type="button" 59 59 + hx-delete="/account/{{ .Did }}" 60 60 + hx-swap="none" 61 61 + class="p-1 text-gray-400 hover:text-red-500 dark:hover:text-red-400 flex-shrink-0" 62 62 + title="Remove account" 63 63 + > 64 64 + {{ i "x" "w-4 h-4" }} 65 65 + </button> 66 66 + </div> 67 67 + {{ end }} 68 68 + </div> 69 69 + </div> 70 70 + {{ end }} 71 71 + {{ end }} 72 72 + 23 73 <form 24 74 class="mt-4" 25 75 hx-post="/login" ··· 46 96 </span> 47 97 </div> 48 98 <input type="hidden" name="return_url" value="{{ .ReturnUrl }}"> 99 99 + <input type="hidden" name="add_account" value="{{ if .AddAccount }}true{{ end }}"> 49 100 50 101 <button 51 102 class="btn w-full my-2 mt-6 text-base " ··· 66 117 You have not authorized the app. 67 118 {{ else if eq .ErrorCode "session" }} 68 119 Server failed to create user session. 120 120 + {{ else if eq .ErrorCode "max_accounts" }} 121 121 + You have reached the maximum of 20 linked accounts. Please remove an account before adding a new one. 69 122 {{ else }} 70 123 Internal Server error. 71 124 {{ end }}

+2 -2

appview/pipelines/pipelines.go

··· 70 70 } 71 71 72 72 func (p *Pipelines) Index(w http.ResponseWriter, r *http.Request) { 73 73 - user := p.oauth.GetUser(r) 73 73 + user := p.oauth.GetMultiAccountUser(r) 74 74 l := p.logger.With("handler", "Index") 75 75 76 76 f, err := p.repoResolver.Resolve(r) ··· 99 99 } 100 100 101 101 func (p *Pipelines) Workflow(w http.ResponseWriter, r *http.Request) { 102 102 - user := p.oauth.GetUser(r) 102 102 + user := p.oauth.GetMultiAccountUser(r) 103 103 l := p.logger.With("handler", "Workflow") 104 104 105 105 f, err := p.repoResolver.Resolve(r)

+55 -55

appview/pulls/pulls.go

··· 93 93 func (s *Pulls) PullActions(w http.ResponseWriter, r *http.Request) { 94 94 switch r.Method { 95 95 case http.MethodGet: 96 96 - user := s.oauth.GetUser(r) 96 96 + user := s.oauth.GetMultiAccountUser(r) 97 97 f, err := s.repoResolver.Resolve(r) 98 98 if err != nil { 99 99 log.Println("failed to get repo and knot", err) ··· 124 124 mergeCheckResponse := s.mergeCheck(r, f, pull, stack) 125 125 branchDeleteStatus := s.branchDeleteStatus(r, f, pull) 126 126 resubmitResult := pages.Unknown 127 127 - if user.Did == pull.OwnerDid { 127 127 + if user.Active.Did == pull.OwnerDid { 128 128 resubmitResult = s.resubmitCheck(r, f, pull, stack) 129 129 } 130 130 ··· 143 143 } 144 144 145 145 func (s *Pulls) RepoSinglePull(w http.ResponseWriter, r *http.Request) { 146 146 - user := s.oauth.GetUser(r) 146 146 + user := s.oauth.GetMultiAccountUser(r) 147 147 f, err := s.repoResolver.Resolve(r) 148 148 if err != nil { 149 149 log.Println("failed to get repo and knot", err) ··· 171 171 mergeCheckResponse := s.mergeCheck(r, f, pull, stack) 172 172 branchDeleteStatus := s.branchDeleteStatus(r, f, pull) 173 173 resubmitResult := pages.Unknown 174 174 - if user != nil && user.Did == pull.OwnerDid { 174 174 + if user != nil && user.Active != nil && user.Active.Did == pull.OwnerDid { 175 175 resubmitResult = s.resubmitCheck(r, f, pull, stack) 176 176 } 177 177 ··· 213 213 214 214 userReactions := map[models.ReactionKind]bool{} 215 215 if user != nil { 216 216 - userReactions = db.GetReactionStatusMap(s.db, user.Did, pull.AtUri()) 216 216 + userReactions = db.GetReactionStatusMap(s.db, user.Active.Did, pull.AtUri()) 217 217 } 218 218 219 219 labelDefs, err := db.GetLabelDefinitions( ··· 324 324 return nil 325 325 } 326 326 327 327 - user := s.oauth.GetUser(r) 327 327 + user := s.oauth.GetMultiAccountUser(r) 328 328 if user == nil { 329 329 return nil 330 330 } ··· 347 347 } 348 348 349 349 // user can only delete branch if they are a collaborator in the repo that the branch belongs to 350 350 - perms := s.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo()) 350 350 + perms := s.enforcer.GetPermissionsInRepo(user.Active.Did, repo.Knot, repo.DidSlashRepo()) 351 351 if !slices.Contains(perms, "repo:push") { 352 352 return nil 353 353 } ··· 434 434 } 435 435 436 436 func (s *Pulls) RepoPullPatch(w http.ResponseWriter, r *http.Request) { 437 437 - user := s.oauth.GetUser(r) 437 437 + user := s.oauth.GetMultiAccountUser(r) 438 438 439 439 var diffOpts types.DiffOpts 440 440 if d := r.URL.Query().Get("diff"); d == "split" { ··· 475 475 } 476 476 477 477 func (s *Pulls) RepoPullInterdiff(w http.ResponseWriter, r *http.Request) { 478 478 - user := s.oauth.GetUser(r) 478 478 + user := s.oauth.GetMultiAccountUser(r) 479 479 480 480 var diffOpts types.DiffOpts 481 481 if d := r.URL.Query().Get("diff"); d == "split" { ··· 520 520 interdiff := patchutil.Interdiff(previousPatch, currentPatch) 521 521 522 522 s.pages.RepoPullInterdiffPage(w, pages.RepoPullInterdiffParams{ 523 523 - LoggedInUser: s.oauth.GetUser(r), 523 523 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 524 524 RepoInfo: s.repoResolver.GetRepoInfo(r, user), 525 525 Pull: pull, 526 526 Round: roundIdInt, ··· 552 552 func (s *Pulls) RepoPulls(w http.ResponseWriter, r *http.Request) { 553 553 l := s.logger.With("handler", "RepoPulls") 554 554 555 555 - user := s.oauth.GetUser(r) 555 555 + user := s.oauth.GetMultiAccountUser(r) 556 556 params := r.URL.Query() 557 557 558 558 state := models.PullOpen ··· 680 680 } 681 681 682 682 s.pages.RepoPulls(w, pages.RepoPullsParams{ 683 683 - LoggedInUser: s.oauth.GetUser(r), 683 683 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 684 684 RepoInfo: s.repoResolver.GetRepoInfo(r, user), 685 685 Pulls: pulls, 686 686 LabelDefs: defs, ··· 692 692 } 693 693 694 694 func (s *Pulls) PullComment(w http.ResponseWriter, r *http.Request) { 695 695 - user := s.oauth.GetUser(r) 695 695 + user := s.oauth.GetMultiAccountUser(r) 696 696 f, err := s.repoResolver.Resolve(r) 697 697 if err != nil { 698 698 log.Println("failed to get repo and knot", err) ··· 751 751 } 752 752 atResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 753 753 Collection: tangled.RepoPullCommentNSID, 754 754 - Repo: user.Did, 754 754 + Repo: user.Active.Did, 755 755 Rkey: tid.TID(), 756 756 Record: &lexutil.LexiconTypeDecoder{ 757 757 Val: &tangled.RepoPullComment{ ··· 768 768 } 769 769 770 770 comment := &models.PullComment{ 771 771 - OwnerDid: user.Did, 771 771 + OwnerDid: user.Active.Did, 772 772 RepoAt: f.RepoAt().String(), 773 773 PullId: pull.PullId, 774 774 Body: body, ··· 802 802 } 803 803 804 804 func (s *Pulls) NewPull(w http.ResponseWriter, r *http.Request) { 805 805 - user := s.oauth.GetUser(r) 805 805 + user := s.oauth.GetMultiAccountUser(r) 806 806 f, err := s.repoResolver.Resolve(r) 807 807 if err != nil { 808 808 log.Println("failed to get repo and knot", err) ··· 870 870 } 871 871 872 872 // Determine PR type based on input parameters 873 873 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 873 873 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 874 874 isPushAllowed := roles.IsPushAllowed() 875 875 isBranchBased := isPushAllowed && sourceBranch != "" && fromFork == "" 876 876 isForkBased := fromFork != "" && sourceBranch != "" ··· 970 970 w http.ResponseWriter, 971 971 r *http.Request, 972 972 repo *models.Repo, 973 973 - user *oauth.User, 973 973 + user *oauth.MultiAccountUser, 974 974 title, 975 975 body, 976 976 targetBranch, ··· 1027 1027 s.createPullRequest(w, r, repo, user, title, body, targetBranch, patch, combined, sourceRev, pullSource, recordPullSource, isStacked) 1028 1028 } 1029 1029 1030 1030 - func (s *Pulls) handlePatchBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.User, title, body, targetBranch, patch string, isStacked bool) { 1030 1030 + func (s *Pulls) handlePatchBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.MultiAccountUser, title, body, targetBranch, patch string, isStacked bool) { 1031 1031 if err := s.validator.ValidatePatch(&patch); err != nil { 1032 1032 s.logger.Error("patch validation failed", "err", err) 1033 1033 s.pages.Notice(w, "pull", "Invalid patch format. Please provide a valid diff.") ··· 1037 1037 s.createPullRequest(w, r, repo, user, title, body, targetBranch, patch, "", "", nil, nil, isStacked) 1038 1038 } 1039 1039 1040 1040 - func (s *Pulls) handleForkBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.User, forkRepo string, title, body, targetBranch, sourceBranch string, isStacked bool) { 1040 1040 + func (s *Pulls) handleForkBasedPull(w http.ResponseWriter, r *http.Request, repo *models.Repo, user *oauth.MultiAccountUser, forkRepo string, title, body, targetBranch, sourceBranch string, isStacked bool) { 1041 1041 repoString := strings.SplitN(forkRepo, "/", 2) 1042 1042 forkOwnerDid := repoString[0] 1043 1043 repoName := repoString[1] ··· 1146 1146 w http.ResponseWriter, 1147 1147 r *http.Request, 1148 1148 repo *models.Repo, 1149 1149 - user *oauth.User, 1149 1149 + user *oauth.MultiAccountUser, 1150 1150 title, body, targetBranch string, 1151 1151 patch string, 1152 1152 combined string, ··· 1218 1218 Title: title, 1219 1219 Body: body, 1220 1220 TargetBranch: targetBranch, 1221 1221 - OwnerDid: user.Did, 1221 1221 + OwnerDid: user.Active.Did, 1222 1222 RepoAt: repo.RepoAt(), 1223 1223 Rkey: rkey, 1224 1224 Mentions: mentions, ··· 1250 1250 1251 1251 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 1252 1252 Collection: tangled.RepoPullNSID, 1253 1253 - Repo: user.Did, 1253 1253 + Repo: user.Active.Did, 1254 1254 Rkey: rkey, 1255 1255 Record: &lexutil.LexiconTypeDecoder{ 1256 1256 Val: &tangled.RepoPull{ ··· 1287 1287 w http.ResponseWriter, 1288 1288 r *http.Request, 1289 1289 repo *models.Repo, 1290 1290 - user *oauth.User, 1290 1290 + user *oauth.MultiAccountUser, 1291 1291 targetBranch string, 1292 1292 patch string, 1293 1293 sourceRev string, ··· 1355 1355 }) 1356 1356 } 1357 1357 _, err = comatproto.RepoApplyWrites(r.Context(), client, &comatproto.RepoApplyWrites_Input{ 1358 1358 - Repo: user.Did, 1358 1358 + Repo: user.Active.Did, 1359 1359 Writes: writes, 1360 1360 }) 1361 1361 if err != nil { ··· 1427 1427 } 1428 1428 1429 1429 func (s *Pulls) PatchUploadFragment(w http.ResponseWriter, r *http.Request) { 1430 1430 - user := s.oauth.GetUser(r) 1430 1430 + user := s.oauth.GetMultiAccountUser(r) 1431 1431 1432 1432 s.pages.PullPatchUploadFragment(w, pages.PullPatchUploadParams{ 1433 1433 RepoInfo: s.repoResolver.GetRepoInfo(r, user), ··· 1435 1435 } 1436 1436 1437 1437 func (s *Pulls) CompareBranchesFragment(w http.ResponseWriter, r *http.Request) { 1438 1438 - user := s.oauth.GetUser(r) 1438 1438 + user := s.oauth.GetMultiAccountUser(r) 1439 1439 f, err := s.repoResolver.Resolve(r) 1440 1440 if err != nil { 1441 1441 log.Println("failed to get repo and knot", err) ··· 1490 1490 } 1491 1491 1492 1492 func (s *Pulls) CompareForksFragment(w http.ResponseWriter, r *http.Request) { 1493 1493 - user := s.oauth.GetUser(r) 1493 1493 + user := s.oauth.GetMultiAccountUser(r) 1494 1494 1495 1495 - forks, err := db.GetForksByDid(s.db, user.Did) 1495 1495 + forks, err := db.GetForksByDid(s.db, user.Active.Did) 1496 1496 if err != nil { 1497 1497 log.Println("failed to get forks", err) 1498 1498 return ··· 1506 1506 } 1507 1507 1508 1508 func (s *Pulls) CompareForksBranchesFragment(w http.ResponseWriter, r *http.Request) { 1509 1509 - user := s.oauth.GetUser(r) 1509 1509 + user := s.oauth.GetMultiAccountUser(r) 1510 1510 1511 1511 f, err := s.repoResolver.Resolve(r) 1512 1512 if err != nil { ··· 1599 1599 } 1600 1600 1601 1601 func (s *Pulls) ResubmitPull(w http.ResponseWriter, r *http.Request) { 1602 1602 - user := s.oauth.GetUser(r) 1602 1602 + user := s.oauth.GetMultiAccountUser(r) 1603 1603 1604 1604 pull, ok := r.Context().Value("pull").(*models.Pull) 1605 1605 if !ok { ··· 1630 1630 } 1631 1631 1632 1632 func (s *Pulls) resubmitPatch(w http.ResponseWriter, r *http.Request) { 1633 1633 - user := s.oauth.GetUser(r) 1633 1633 + user := s.oauth.GetMultiAccountUser(r) 1634 1634 1635 1635 pull, ok := r.Context().Value("pull").(*models.Pull) 1636 1636 if !ok { ··· 1645 1645 return 1646 1646 } 1647 1647 1648 1648 - if user.Did != pull.OwnerDid { 1648 1648 + if user.Active.Did != pull.OwnerDid { 1649 1649 log.Println("unauthorized user") 1650 1650 w.WriteHeader(http.StatusUnauthorized) 1651 1651 return ··· 1657 1657 } 1658 1658 1659 1659 func (s *Pulls) resubmitBranch(w http.ResponseWriter, r *http.Request) { 1660 1660 - user := s.oauth.GetUser(r) 1660 1660 + user := s.oauth.GetMultiAccountUser(r) 1661 1661 1662 1662 pull, ok := r.Context().Value("pull").(*models.Pull) 1663 1663 if !ok { ··· 1672 1672 return 1673 1673 } 1674 1674 1675 1675 - if user.Did != pull.OwnerDid { 1675 1675 + if user.Active.Did != pull.OwnerDid { 1676 1676 log.Println("unauthorized user") 1677 1677 w.WriteHeader(http.StatusUnauthorized) 1678 1678 return 1679 1679 } 1680 1680 1681 1681 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 1681 1681 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 1682 1682 if !roles.IsPushAllowed() { 1683 1683 log.Println("unauthorized user") 1684 1684 w.WriteHeader(http.StatusUnauthorized) ··· 1722 1722 } 1723 1723 1724 1724 func (s *Pulls) resubmitFork(w http.ResponseWriter, r *http.Request) { 1725 1725 - user := s.oauth.GetUser(r) 1725 1725 + user := s.oauth.GetMultiAccountUser(r) 1726 1726 1727 1727 pull, ok := r.Context().Value("pull").(*models.Pull) 1728 1728 if !ok { ··· 1737 1737 return 1738 1738 } 1739 1739 1740 1740 - if user.Did != pull.OwnerDid { 1740 1740 + if user.Active.Did != pull.OwnerDid { 1741 1741 log.Println("unauthorized user") 1742 1742 w.WriteHeader(http.StatusUnauthorized) 1743 1743 return ··· 1822 1822 w http.ResponseWriter, 1823 1823 r *http.Request, 1824 1824 repo *models.Repo, 1825 1825 - user *oauth.User, 1825 1825 + user *oauth.MultiAccountUser, 1826 1826 pull *models.Pull, 1827 1827 patch string, 1828 1828 combined string, ··· 1878 1878 return 1879 1879 } 1880 1880 1881 1881 - ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoPullNSID, user.Did, pull.Rkey) 1881 1881 + ex, err := comatproto.RepoGetRecord(r.Context(), client, "", tangled.RepoPullNSID, user.Active.Did, pull.Rkey) 1882 1882 if err != nil { 1883 1883 // failed to get record 1884 1884 s.pages.Notice(w, "resubmit-error", "Failed to update pull, no record found on PDS.") ··· 1897 1897 1898 1898 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 1899 1899 Collection: tangled.RepoPullNSID, 1900 1900 - Repo: user.Did, 1900 1900 + Repo: user.Active.Did, 1901 1901 Rkey: pull.Rkey, 1902 1902 SwapRecord: ex.Cid, 1903 1903 Record: &lexutil.LexiconTypeDecoder{ ··· 1924 1924 w http.ResponseWriter, 1925 1925 r *http.Request, 1926 1926 repo *models.Repo, 1927 1927 - user *oauth.User, 1927 1927 + user *oauth.MultiAccountUser, 1928 1928 pull *models.Pull, 1929 1929 patch string, 1930 1930 stackId string, ··· 2114 2114 } 2115 2115 2116 2116 _, err = comatproto.RepoApplyWrites(r.Context(), client, &comatproto.RepoApplyWrites_Input{ 2117 2117 - Repo: user.Did, 2117 2117 + Repo: user.Active.Did, 2118 2118 Writes: writes, 2119 2119 }) 2120 2120 if err != nil { ··· 2128 2128 } 2129 2129 2130 2130 func (s *Pulls) MergePull(w http.ResponseWriter, r *http.Request) { 2131 2131 - user := s.oauth.GetUser(r) 2131 2131 + user := s.oauth.GetMultiAccountUser(r) 2132 2132 f, err := s.repoResolver.Resolve(r) 2133 2133 if err != nil { 2134 2134 log.Println("failed to resolve repo:", err) ··· 2239 2239 2240 2240 // notify about the pull merge 2241 2241 for _, p := range pullsToMerge { 2242 2242 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2242 2242 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2243 2243 } 2244 2244 2245 2245 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) ··· 2247 2247 } 2248 2248 2249 2249 func (s *Pulls) ClosePull(w http.ResponseWriter, r *http.Request) { 2250 2250 - user := s.oauth.GetUser(r) 2250 2250 + user := s.oauth.GetMultiAccountUser(r) 2251 2251 2252 2252 f, err := s.repoResolver.Resolve(r) 2253 2253 if err != nil { ··· 2263 2263 } 2264 2264 2265 2265 // auth filter: only owner or collaborators can close 2266 2266 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 2266 2266 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 2267 2267 isOwner := roles.IsOwner() 2268 2268 isCollaborator := roles.IsCollaborator() 2269 2269 - isPullAuthor := user.Did == pull.OwnerDid 2269 2269 + isPullAuthor := user.Active.Did == pull.OwnerDid 2270 2270 isCloseAllowed := isOwner || isCollaborator || isPullAuthor 2271 2271 if !isCloseAllowed { 2272 2272 log.Println("failed to close pull") ··· 2312 2312 } 2313 2313 2314 2314 for _, p := range pullsToClose { 2315 2315 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2315 2315 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2316 2316 } 2317 2317 2318 2318 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) ··· 2320 2320 } 2321 2321 2322 2322 func (s *Pulls) ReopenPull(w http.ResponseWriter, r *http.Request) { 2323 2323 - user := s.oauth.GetUser(r) 2323 2323 + user := s.oauth.GetMultiAccountUser(r) 2324 2324 2325 2325 f, err := s.repoResolver.Resolve(r) 2326 2326 if err != nil { ··· 2337 2337 } 2338 2338 2339 2339 // auth filter: only owner or collaborators can close 2340 2340 - roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())} 2340 2340 + roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Active.Did, f.Knot, f.DidSlashRepo())} 2341 2341 isOwner := roles.IsOwner() 2342 2342 isCollaborator := roles.IsCollaborator() 2343 2343 - isPullAuthor := user.Did == pull.OwnerDid 2343 2343 + isPullAuthor := user.Active.Did == pull.OwnerDid 2344 2344 isCloseAllowed := isOwner || isCollaborator || isPullAuthor 2345 2345 if !isCloseAllowed { 2346 2346 log.Println("failed to close pull") ··· 2386 2386 } 2387 2387 2388 2388 for _, p := range pullsToReopen { 2389 2389 - s.notifier.NewPullState(r.Context(), syntax.DID(user.Did), p) 2389 2389 + s.notifier.NewPullState(r.Context(), syntax.DID(user.Active.Did), p) 2390 2390 } 2391 2391 2392 2392 ownerSlashRepo := reporesolver.GetBaseRepoPath(r, f) 2393 2393 s.pages.HxLocation(w, fmt.Sprintf("/%s/pulls/%d", ownerSlashRepo, pull.PullId)) 2394 2394 } 2395 2395 2396 2396 - func (s *Pulls) newStack(ctx context.Context, repo *models.Repo, user *oauth.User, targetBranch, patch string, pullSource *models.PullSource, stackId string) (models.Stack, error) { 2396 2396 + func (s *Pulls) newStack(ctx context.Context, repo *models.Repo, user *oauth.MultiAccountUser, targetBranch, patch string, pullSource *models.PullSource, stackId string) (models.Stack, error) { 2397 2397 formatPatches, err := patchutil.ExtractPatches(patch) 2398 2398 if err != nil { 2399 2399 return nil, fmt.Errorf("Failed to extract patches: %v", err) ··· 2429 2429 Title: title, 2430 2430 Body: body, 2431 2431 TargetBranch: targetBranch, 2432 2432 - OwnerDid: user.Did, 2432 2432 + OwnerDid: user.Active.Did, 2433 2433 RepoAt: repo.RepoAt(), 2434 2434 Rkey: rkey, 2435 2435 Mentions: mentions,

+6 -6

appview/repo/artifact.go

··· 30 30 31 31 // TODO: proper statuses here on early exit 32 32 func (rp *Repo) AttachArtifact(w http.ResponseWriter, r *http.Request) { 33 33 - user := rp.oauth.GetUser(r) 33 33 + user := rp.oauth.GetMultiAccountUser(r) 34 34 tagParam := chi.URLParam(r, "tag") 35 35 f, err := rp.repoResolver.Resolve(r) 36 36 if err != nil { ··· 75 75 76 76 putRecordResp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 77 77 Collection: tangled.RepoArtifactNSID, 78 78 - Repo: user.Did, 78 78 + Repo: user.Active.Did, 79 79 Rkey: rkey, 80 80 Record: &lexutil.LexiconTypeDecoder{ 81 81 Val: &tangled.RepoArtifact{ ··· 104 104 defer tx.Rollback() 105 105 106 106 artifact := models.Artifact{ 107 107 - Did: user.Did, 107 107 + Did: user.Active.Did, 108 108 Rkey: rkey, 109 109 RepoAt: f.RepoAt(), 110 110 Tag: tag.Tag.Hash, ··· 220 220 221 221 // TODO: proper statuses here on early exit 222 222 func (rp *Repo) DeleteArtifact(w http.ResponseWriter, r *http.Request) { 223 223 - user := rp.oauth.GetUser(r) 223 223 + user := rp.oauth.GetMultiAccountUser(r) 224 224 tagParam := chi.URLParam(r, "tag") 225 225 filename := chi.URLParam(r, "file") 226 226 f, err := rp.repoResolver.Resolve(r) ··· 251 251 252 252 artifact := artifacts[0] 253 253 254 254 - if user.Did != artifact.Did { 254 254 + if user.Active.Did != artifact.Did { 255 255 log.Println("user not authorized to delete artifact", err) 256 256 rp.pages.Notice(w, "remove", "Unauthorized deletion of artifact.") 257 257 return ··· 259 259 260 260 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 261 261 Collection: tangled.RepoArtifactNSID, 262 262 - Repo: user.Did, 262 262 + Repo: user.Active.Did, 263 263 Rkey: artifact.Rkey, 264 264 }) 265 265 if err != nil {

+1 -1

appview/repo/blob.go

··· 76 76 // Create the blob view 77 77 blobView := NewBlobView(resp, rp.config, f, ref, filePath, r.URL.Query()) 78 78 79 79 - user := rp.oauth.GetUser(r) 79 79 + user := rp.oauth.GetMultiAccountUser(r) 80 80 81 81 rp.pages.RepoBlob(w, pages.RepoBlobParams{ 82 82 LoggedInUser: user,

+1 -1

appview/repo/branches.go

··· 43 43 return 44 44 } 45 45 sortBranches(result.Branches) 46 46 - user := rp.oauth.GetUser(r) 46 46 + user := rp.oauth.GetMultiAccountUser(r) 47 47 rp.pages.RepoBranches(w, pages.RepoBranchesParams{ 48 48 LoggedInUser: user, 49 49 RepoInfo: rp.repoResolver.GetRepoInfo(r, user),

+2 -2

appview/repo/compare.go

··· 20 20 func (rp *Repo) CompareNew(w http.ResponseWriter, r *http.Request) { 21 21 l := rp.logger.With("handler", "RepoCompareNew") 22 22 23 23 - user := rp.oauth.GetUser(r) 23 23 + user := rp.oauth.GetMultiAccountUser(r) 24 24 f, err := rp.repoResolver.Resolve(r) 25 25 if err != nil { 26 26 l.Error("failed to get repo and knot", "err", err) ··· 101 101 func (rp *Repo) Compare(w http.ResponseWriter, r *http.Request) { 102 102 l := rp.logger.With("handler", "RepoCompare") 103 103 104 104 - user := rp.oauth.GetUser(r) 104 104 + user := rp.oauth.GetMultiAccountUser(r) 105 105 f, err := rp.repoResolver.Resolve(r) 106 106 if err != nil { 107 107 l.Error("failed to get repo and knot", "err", err)

+1 -1

appview/repo/index.go

··· 51 51 Host: host, 52 52 } 53 53 54 54 - user := rp.oauth.GetUser(r) 54 54 + user := rp.oauth.GetMultiAccountUser(r) 55 55 56 56 // Build index response from multiple XRPC calls 57 57 result, err := rp.buildIndexResponse(r.Context(), xrpcc, f, ref)

+2 -2

appview/repo/log.go

··· 109 109 } 110 110 } 111 111 112 112 - user := rp.oauth.GetUser(r) 112 112 + user := rp.oauth.GetMultiAccountUser(r) 113 113 114 114 emailToDidMap, err := db.GetEmailToDid(rp.db, uniqueEmails(xrpcResp.Commits), true) 115 115 if err != nil { ··· 197 197 l.Error("failed to GetVerifiedCommits", "err", err) 198 198 } 199 199 200 200 - user := rp.oauth.GetUser(r) 200 200 + user := rp.oauth.GetMultiAccountUser(r) 201 201 pipelines, err := getPipelineStatuses(rp.db, f, []string{result.Diff.Commit.This}) 202 202 if err != nil { 203 203 l.Error("failed to getPipelineStatuses", "err", err)

+34 -34

appview/repo/repo.go

··· 81 81 82 82 // modify the spindle configured for this repo 83 83 func (rp *Repo) EditSpindle(w http.ResponseWriter, r *http.Request) { 84 84 - user := rp.oauth.GetUser(r) 84 84 + user := rp.oauth.GetMultiAccountUser(r) 85 85 l := rp.logger.With("handler", "EditSpindle") 86 86 - l = l.With("did", user.Did) 86 86 + l = l.With("did", user.Active.Did) 87 87 88 88 errorId := "operation-error" 89 89 fail := func(msg string, err error) { ··· 107 107 108 108 if !removingSpindle { 109 109 // ensure that this is a valid spindle for this user 110 110 - validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Did) 110 110 + validSpindles, err := rp.enforcer.GetSpindlesForUser(user.Active.Did) 111 111 if err != nil { 112 112 fail("Failed to find spindles. Try again later.", err) 113 113 return ··· 168 168 } 169 169 170 170 func (rp *Repo) AddLabelDef(w http.ResponseWriter, r *http.Request) { 171 171 - user := rp.oauth.GetUser(r) 171 171 + user := rp.oauth.GetMultiAccountUser(r) 172 172 l := rp.logger.With("handler", "AddLabel") 173 173 - l = l.With("did", user.Did) 173 173 + l = l.With("did", user.Active.Did) 174 174 175 175 f, err := rp.repoResolver.Resolve(r) 176 176 if err != nil { ··· 216 216 } 217 217 218 218 label := models.LabelDefinition{ 219 219 - Did: user.Did, 219 219 + Did: user.Active.Did, 220 220 Rkey: tid.TID(), 221 221 Name: name, 222 222 ValueType: valueType, ··· 327 327 } 328 328 329 329 func (rp *Repo) DeleteLabelDef(w http.ResponseWriter, r *http.Request) { 330 330 - user := rp.oauth.GetUser(r) 330 330 + user := rp.oauth.GetMultiAccountUser(r) 331 331 l := rp.logger.With("handler", "DeleteLabel") 332 332 - l = l.With("did", user.Did) 332 332 + l = l.With("did", user.Active.Did) 333 333 334 334 f, err := rp.repoResolver.Resolve(r) 335 335 if err != nil { ··· 435 435 } 436 436 437 437 func (rp *Repo) SubscribeLabel(w http.ResponseWriter, r *http.Request) { 438 438 - user := rp.oauth.GetUser(r) 438 438 + user := rp.oauth.GetMultiAccountUser(r) 439 439 l := rp.logger.With("handler", "SubscribeLabel") 440 440 - l = l.With("did", user.Did) 440 440 + l = l.With("did", user.Active.Did) 441 441 442 442 f, err := rp.repoResolver.Resolve(r) 443 443 if err != nil { ··· 521 521 } 522 522 523 523 func (rp *Repo) UnsubscribeLabel(w http.ResponseWriter, r *http.Request) { 524 524 - user := rp.oauth.GetUser(r) 524 524 + user := rp.oauth.GetMultiAccountUser(r) 525 525 l := rp.logger.With("handler", "UnsubscribeLabel") 526 526 - l = l.With("did", user.Did) 526 526 + l = l.With("did", user.Active.Did) 527 527 528 528 f, err := rp.repoResolver.Resolve(r) 529 529 if err != nil { ··· 633 633 } 634 634 state := states[subject] 635 635 636 636 - user := rp.oauth.GetUser(r) 636 636 + user := rp.oauth.GetMultiAccountUser(r) 637 637 rp.pages.LabelPanel(w, pages.LabelPanelParams{ 638 638 LoggedInUser: user, 639 639 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), ··· 681 681 } 682 682 state := states[subject] 683 683 684 684 - user := rp.oauth.GetUser(r) 684 684 + user := rp.oauth.GetMultiAccountUser(r) 685 685 rp.pages.EditLabelPanel(w, pages.EditLabelPanelParams{ 686 686 LoggedInUser: user, 687 687 RepoInfo: rp.repoResolver.GetRepoInfo(r, user), ··· 692 692 } 693 693 694 694 func (rp *Repo) AddCollaborator(w http.ResponseWriter, r *http.Request) { 695 695 - user := rp.oauth.GetUser(r) 695 695 + user := rp.oauth.GetMultiAccountUser(r) 696 696 l := rp.logger.With("handler", "AddCollaborator") 697 697 - l = l.With("did", user.Did) 697 697 + l = l.With("did", user.Active.Did) 698 698 699 699 f, err := rp.repoResolver.Resolve(r) 700 700 if err != nil { ··· 723 723 return 724 724 } 725 725 726 726 - if collaboratorIdent.DID.String() == user.Did { 726 726 + if collaboratorIdent.DID.String() == user.Active.Did { 727 727 fail("You seem to be adding yourself as a collaborator.", nil) 728 728 return 729 729 } ··· 738 738 } 739 739 740 740 // emit a record 741 741 - currentUser := rp.oauth.GetUser(r) 741 741 + currentUser := rp.oauth.GetMultiAccountUser(r) 742 742 rkey := tid.TID() 743 743 createdAt := time.Now() 744 744 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 745 745 Collection: tangled.RepoCollaboratorNSID, 746 746 - Repo: currentUser.Did, 746 746 + Repo: currentUser.Active.Did, 747 747 Rkey: rkey, 748 748 Record: &lexutil.LexiconTypeDecoder{ 749 749 Val: &tangled.RepoCollaborator{ ··· 792 792 } 793 793 794 794 err = db.AddCollaborator(tx, models.Collaborator{ 795 795 - Did: syntax.DID(currentUser.Did), 795 795 + Did: syntax.DID(currentUser.Active.Did), 796 796 Rkey: rkey, 797 797 SubjectDid: collaboratorIdent.DID, 798 798 RepoAt: f.RepoAt(), ··· 822 822 } 823 823 824 824 func (rp *Repo) DeleteRepo(w http.ResponseWriter, r *http.Request) { 825 825 - user := rp.oauth.GetUser(r) 825 825 + user := rp.oauth.GetMultiAccountUser(r) 826 826 l := rp.logger.With("handler", "DeleteRepo") 827 827 828 828 noticeId := "operation-error" ··· 840 840 } 841 841 _, err = comatproto.RepoDeleteRecord(r.Context(), atpClient, &comatproto.RepoDeleteRecord_Input{ 842 842 Collection: tangled.RepoNSID, 843 843 - Repo: user.Did, 843 843 + Repo: user.Active.Did, 844 844 Rkey: f.Rkey, 845 845 }) 846 846 if err != nil { ··· 940 940 ref := chi.URLParam(r, "ref") 941 941 ref, _ = url.PathUnescape(ref) 942 942 943 943 - user := rp.oauth.GetUser(r) 943 943 + user := rp.oauth.GetMultiAccountUser(r) 944 944 f, err := rp.repoResolver.Resolve(r) 945 945 if err != nil { 946 946 l.Error("failed to resolve source repo", "err", err) ··· 969 969 r.Context(), 970 970 client, 971 971 &tangled.RepoForkSync_Input{ 972 972 - Did: user.Did, 972 972 + Did: user.Active.Did, 973 973 Name: f.Name, 974 974 Source: f.Source, 975 975 Branch: ref, ··· 988 988 func (rp *Repo) ForkRepo(w http.ResponseWriter, r *http.Request) { 989 989 l := rp.logger.With("handler", "ForkRepo") 990 990 991 991 - user := rp.oauth.GetUser(r) 991 991 + user := rp.oauth.GetMultiAccountUser(r) 992 992 f, err := rp.repoResolver.Resolve(r) 993 993 if err != nil { 994 994 l.Error("failed to resolve source repo", "err", err) ··· 997 997 998 998 switch r.Method { 999 999 case http.MethodGet: 1000 1000 - user := rp.oauth.GetUser(r) 1001 1001 - knots, err := rp.enforcer.GetKnotsForUser(user.Did) 1000 1000 + user := rp.oauth.GetMultiAccountUser(r) 1001 1001 + knots, err := rp.enforcer.GetKnotsForUser(user.Active.Did) 1002 1002 if err != nil { 1003 1003 rp.pages.Notice(w, "repo", "Invalid user account.") 1004 1004 return ··· 1020 1020 } 1021 1021 l = l.With("targetKnot", targetKnot) 1022 1022 1023 1023 - ok, err := rp.enforcer.E.Enforce(user.Did, targetKnot, targetKnot, "repo:create") 1023 1023 + ok, err := rp.enforcer.E.Enforce(user.Active.Did, targetKnot, targetKnot, "repo:create") 1024 1024 if err != nil || !ok { 1025 1025 rp.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.") 1026 1026 return ··· 1037 1037 // in the user's account. 1038 1038 existingRepo, err := db.GetRepo( 1039 1039 rp.db, 1040 1040 - orm.FilterEq("did", user.Did), 1040 1040 + orm.FilterEq("did", user.Active.Did), 1041 1041 orm.FilterEq("name", forkName), 1042 1042 ) 1043 1043 if err != nil { ··· 1066 1066 // create an atproto record for this fork 1067 1067 rkey := tid.TID() 1068 1068 repo := &models.Repo{ 1069 1069 - Did: user.Did, 1069 1069 + Did: user.Active.Did, 1070 1070 Name: forkName, 1071 1071 Knot: targetKnot, 1072 1072 Rkey: rkey, ··· 1086 1086 1087 1087 atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{ 1088 1088 Collection: tangled.RepoNSID, 1089 1089 - Repo: user.Did, 1089 1089 + Repo: user.Active.Did, 1090 1090 Rkey: rkey, 1091 1091 Record: &lexutil.LexiconTypeDecoder{ 1092 1092 Val: &record, ··· 1165 1165 } 1166 1166 1167 1167 // acls 1168 1168 - p, _ := securejoin.SecureJoin(user.Did, forkName) 1169 1169 - err = rp.enforcer.AddRepo(user.Did, targetKnot, p) 1168 1168 + p, _ := securejoin.SecureJoin(user.Active.Did, forkName) 1169 1169 + err = rp.enforcer.AddRepo(user.Active.Did, targetKnot, p) 1170 1170 if err != nil { 1171 1171 l.Error("failed to add ACLs", "err", err) 1172 1172 rp.pages.Notice(w, "repo", "Failed to set up repository permissions.") ··· 1191 1191 aturi = "" 1192 1192 1193 1193 rp.notifier.NewRepo(r.Context(), repo) 1194 1194 - rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, forkName)) 1194 1194 + rp.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, forkName)) 1195 1195 } 1196 1196 } 1197 1197

+5 -5

appview/repo/settings.go

··· 79 79 } 80 80 81 81 func (rp *Repo) Secrets(w http.ResponseWriter, r *http.Request) { 82 82 - user := rp.oauth.GetUser(r) 82 82 + user := rp.oauth.GetMultiAccountUser(r) 83 83 l := rp.logger.With("handler", "Secrets") 84 84 - l = l.With("did", user.Did) 84 84 + l = l.With("did", user.Active.Did) 85 85 86 86 f, err := rp.repoResolver.Resolve(r) 87 87 if err != nil { ··· 185 185 l := rp.logger.With("handler", "generalSettings") 186 186 187 187 f, err := rp.repoResolver.Resolve(r) 188 188 - user := rp.oauth.GetUser(r) 188 188 + user := rp.oauth.GetMultiAccountUser(r) 189 189 190 190 scheme := "http" 191 191 if !rp.config.Core.Dev { ··· 271 271 l := rp.logger.With("handler", "accessSettings") 272 272 273 273 f, err := rp.repoResolver.Resolve(r) 274 274 - user := rp.oauth.GetUser(r) 274 274 + user := rp.oauth.GetMultiAccountUser(r) 275 275 276 276 collaborators, err := func(repo *models.Repo) ([]pages.Collaborator, error) { 277 277 repoCollaborators, err := rp.enforcer.E.GetImplicitUsersForResourceByDomain(repo.DidSlashRepo(), repo.Knot) ··· 318 318 l := rp.logger.With("handler", "pipelineSettings") 319 319 320 320 f, err := rp.repoResolver.Resolve(r) 321 321 - user := rp.oauth.GetUser(r) 321 321 + user := rp.oauth.GetMultiAccountUser(r) 322 322 323 323 // all spindles that the repo owner is a member of 324 324 spindles, err := rp.enforcer.GetSpindlesForUser(f.Did)

+1 -1

appview/repo/tags.go

··· 69 69 danglingArtifacts = append(danglingArtifacts, a) 70 70 } 71 71 } 72 72 - user := rp.oauth.GetUser(r) 72 72 + user := rp.oauth.GetMultiAccountUser(r) 73 73 rp.pages.RepoTags(w, pages.RepoTagsParams{ 74 74 LoggedInUser: user, 75 75 RepoInfo: rp.repoResolver.GetRepoInfo(r, user),

+1 -1

appview/repo/tree.go

··· 88 88 http.Redirect(w, r, redirectTo, http.StatusFound) 89 89 return 90 90 } 91 91 - user := rp.oauth.GetUser(r) 91 91 + user := rp.oauth.GetMultiAccountUser(r) 92 92 var breadcrumbs [][]string 93 93 breadcrumbs = append(breadcrumbs, []string{f.Name, fmt.Sprintf("/%s/tree/%s", ownerSlashRepo, url.PathEscape(ref))}) 94 94 if treePath != "" {

+4 -4

appview/reporesolver/resolver.go

··· 55 55 // 2. [x] remove `rr`, `CurrentDir`, `Ref` fields from `ResolvedRepo` 56 56 // 3. [x] remove `ResolvedRepo` 57 57 // 4. [ ] replace reporesolver to reposervice 58 58 - func (rr *RepoResolver) GetRepoInfo(r *http.Request, user *oauth.User) repoinfo.RepoInfo { 58 58 + func (rr *RepoResolver) GetRepoInfo(r *http.Request, user *oauth.MultiAccountUser) repoinfo.RepoInfo { 59 59 ownerId, ook := r.Context().Value("resolvedId").(identity.Identity) 60 60 repo, rok := r.Context().Value("repo").(*models.Repo) 61 61 if !ook || !rok { ··· 69 69 repoAt := repo.RepoAt() 70 70 isStarred := false 71 71 roles := repoinfo.RolesInRepo{} 72 72 - if user != nil { 73 73 - isStarred = db.GetStarStatus(rr.execer, user.Did, repoAt) 74 74 - roles.Roles = rr.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo()) 72 72 + if user != nil && user.Active != nil { 73 73 + isStarred = db.GetStarStatus(rr.execer, user.Active.Did, repoAt) 74 74 + roles.Roles = rr.enforcer.GetPermissionsInRepo(user.Active.Did, repo.Knot, repo.DidSlashRepo()) 75 75 } 76 76 77 77 stats := repo.RepoStats

+6 -6

appview/settings/settings.go

··· 81 81 } 82 82 83 83 func (s *Settings) profileSettings(w http.ResponseWriter, r *http.Request) { 84 84 - user := s.OAuth.GetUser(r) 84 84 + user := s.OAuth.GetMultiAccountUser(r) 85 85 86 86 s.Pages.UserProfileSettings(w, pages.UserProfileSettingsParams{ 87 87 LoggedInUser: user, ··· 91 91 } 92 92 93 93 func (s *Settings) notificationsSettings(w http.ResponseWriter, r *http.Request) { 94 94 - user := s.OAuth.GetUser(r) 94 94 + user := s.OAuth.GetMultiAccountUser(r) 95 95 did := s.OAuth.GetDid(r) 96 96 97 97 prefs, err := db.GetNotificationPreference(s.Db, did) ··· 137 137 } 138 138 139 139 func (s *Settings) keysSettings(w http.ResponseWriter, r *http.Request) { 140 140 - user := s.OAuth.GetUser(r) 141 141 - pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Did) 140 140 + user := s.OAuth.GetMultiAccountUser(r) 141 141 + pubKeys, err := db.GetPublicKeysForDid(s.Db, user.Active.Did) 142 142 if err != nil { 143 143 log.Println(err) 144 144 } ··· 152 152 } 153 153 154 154 func (s *Settings) emailsSettings(w http.ResponseWriter, r *http.Request) { 155 155 - user := s.OAuth.GetUser(r) 156 156 - emails, err := db.GetAllEmails(s.Db, user.Did) 155 155 + user := s.OAuth.GetMultiAccountUser(r) 156 156 + emails, err := db.GetAllEmails(s.Db, user.Active.Did) 157 157 if err != nil { 158 158 log.Println(err) 159 159 }

+41 -41

appview/spindles/spindles.go

··· 69 69 } 70 70 71 71 func (s *Spindles) spindles(w http.ResponseWriter, r *http.Request) { 72 72 - user := s.OAuth.GetUser(r) 72 72 + user := s.OAuth.GetMultiAccountUser(r) 73 73 all, err := db.GetSpindles( 74 74 s.Db, 75 75 - orm.FilterEq("owner", user.Did), 75 75 + orm.FilterEq("owner", user.Active.Did), 76 76 ) 77 77 if err != nil { 78 78 s.Logger.Error("failed to fetch spindles", "err", err) ··· 91 91 func (s *Spindles) dashboard(w http.ResponseWriter, r *http.Request) { 92 92 l := s.Logger.With("handler", "dashboard") 93 93 94 94 - user := s.OAuth.GetUser(r) 95 95 - l = l.With("user", user.Did) 94 94 + user := s.OAuth.GetMultiAccountUser(r) 95 95 + l = l.With("user", user.Active.Did) 96 96 97 97 instance := chi.URLParam(r, "instance") 98 98 if instance == "" { ··· 103 103 spindles, err := db.GetSpindles( 104 104 s.Db, 105 105 orm.FilterEq("instance", instance), 106 106 - orm.FilterEq("owner", user.Did), 106 106 + orm.FilterEq("owner", user.Active.Did), 107 107 orm.FilterIsNot("verified", "null"), 108 108 ) 109 109 if err != nil || len(spindles) != 1 { ··· 155 155 // 156 156 // if the spindle is not up yet, the user is free to retry verification at a later point 157 157 func (s *Spindles) register(w http.ResponseWriter, r *http.Request) { 158 158 - user := s.OAuth.GetUser(r) 158 158 + user := s.OAuth.GetMultiAccountUser(r) 159 159 l := s.Logger.With("handler", "register") 160 160 161 161 noticeId := "register-error" ··· 176 176 return 177 177 } 178 178 l = l.With("instance", instance) 179 179 - l = l.With("user", user.Did) 179 179 + l = l.With("user", user.Active.Did) 180 180 181 181 tx, err := s.Db.Begin() 182 182 if err != nil { ··· 190 190 }() 191 191 192 192 err = db.AddSpindle(tx, models.Spindle{ 193 193 - Owner: syntax.DID(user.Did), 193 193 + Owner: syntax.DID(user.Active.Did), 194 194 Instance: instance, 195 195 }) 196 196 if err != nil { ··· 214 214 return 215 215 } 216 216 217 217 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Did, instance) 217 217 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.SpindleNSID, user.Active.Did, instance) 218 218 var exCid *string 219 219 if ex != nil { 220 220 exCid = ex.Cid ··· 223 223 // re-announce by registering under same rkey 224 224 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 225 225 Collection: tangled.SpindleNSID, 226 226 - Repo: user.Did, 226 226 + Repo: user.Active.Did, 227 227 Rkey: instance, 228 228 Record: &lexutil.LexiconTypeDecoder{ 229 229 Val: &tangled.Spindle{ ··· 254 254 } 255 255 256 256 // begin verification 257 257 - err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev) 257 257 + err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev) 258 258 if err != nil { 259 259 l.Error("verification failed", "err", err) 260 260 s.Pages.HxRefresh(w) 261 261 return 262 262 } 263 263 264 264 - _, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did) 264 264 + _, err = serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did) 265 265 if err != nil { 266 266 l.Error("failed to mark verified", "err", err) 267 267 s.Pages.HxRefresh(w) ··· 273 273 } 274 274 275 275 func (s *Spindles) delete(w http.ResponseWriter, r *http.Request) { 276 276 - user := s.OAuth.GetUser(r) 276 276 + user := s.OAuth.GetMultiAccountUser(r) 277 277 l := s.Logger.With("handler", "delete") 278 278 279 279 noticeId := "operation-error" ··· 291 291 292 292 spindles, err := db.GetSpindles( 293 293 s.Db, 294 294 - orm.FilterEq("owner", user.Did), 294 294 + orm.FilterEq("owner", user.Active.Did), 295 295 orm.FilterEq("instance", instance), 296 296 ) 297 297 if err != nil || len(spindles) != 1 { ··· 300 300 return 301 301 } 302 302 303 303 - if string(spindles[0].Owner) != user.Did { 304 304 - l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 303 303 + if string(spindles[0].Owner) != user.Active.Did { 304 304 + l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 305 305 s.Pages.Notice(w, noticeId, "Failed to delete spindle, unauthorized deletion attempt.") 306 306 return 307 307 } ··· 320 320 // remove spindle members first 321 321 err = db.RemoveSpindleMember( 322 322 tx, 323 323 - orm.FilterEq("did", user.Did), 323 323 + orm.FilterEq("did", user.Active.Did), 324 324 orm.FilterEq("instance", instance), 325 325 ) 326 326 if err != nil { ··· 331 331 332 332 err = db.DeleteSpindle( 333 333 tx, 334 334 - orm.FilterEq("owner", user.Did), 334 334 + orm.FilterEq("owner", user.Active.Did), 335 335 orm.FilterEq("instance", instance), 336 336 ) 337 337 if err != nil { ··· 359 359 360 360 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 361 361 Collection: tangled.SpindleNSID, 362 362 - Repo: user.Did, 362 362 + Repo: user.Active.Did, 363 363 Rkey: instance, 364 364 }) 365 365 if err != nil { ··· 391 391 } 392 392 393 393 func (s *Spindles) retry(w http.ResponseWriter, r *http.Request) { 394 394 - user := s.OAuth.GetUser(r) 394 394 + user := s.OAuth.GetMultiAccountUser(r) 395 395 l := s.Logger.With("handler", "retry") 396 396 397 397 noticeId := "operation-error" ··· 407 407 return 408 408 } 409 409 l = l.With("instance", instance) 410 410 - l = l.With("user", user.Did) 410 410 + l = l.With("user", user.Active.Did) 411 411 412 412 spindles, err := db.GetSpindles( 413 413 s.Db, 414 414 - orm.FilterEq("owner", user.Did), 414 414 + orm.FilterEq("owner", user.Active.Did), 415 415 orm.FilterEq("instance", instance), 416 416 ) 417 417 if err != nil || len(spindles) != 1 { ··· 420 420 return 421 421 } 422 422 423 423 - if string(spindles[0].Owner) != user.Did { 424 424 - l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 423 423 + if string(spindles[0].Owner) != user.Active.Did { 424 424 + l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 425 425 s.Pages.Notice(w, noticeId, "Failed to verify spindle, unauthorized verification attempt.") 426 426 return 427 427 } 428 428 429 429 // begin verification 430 430 - err = serververify.RunVerification(r.Context(), instance, user.Did, s.Config.Core.Dev) 430 430 + err = serververify.RunVerification(r.Context(), instance, user.Active.Did, s.Config.Core.Dev) 431 431 if err != nil { 432 432 l.Error("verification failed", "err", err) 433 433 ··· 445 445 return 446 446 } 447 447 448 448 - rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Did) 448 448 + rowId, err := serververify.MarkSpindleVerified(s.Db, s.Enforcer, instance, user.Active.Did) 449 449 if err != nil { 450 450 l.Error("failed to mark verified", "err", err) 451 451 s.Pages.Notice(w, noticeId, err.Error()) ··· 473 473 } 474 474 475 475 func (s *Spindles) addMember(w http.ResponseWriter, r *http.Request) { 476 476 - user := s.OAuth.GetUser(r) 476 476 + user := s.OAuth.GetMultiAccountUser(r) 477 477 l := s.Logger.With("handler", "addMember") 478 478 479 479 instance := chi.URLParam(r, "instance") ··· 483 483 return 484 484 } 485 485 l = l.With("instance", instance) 486 486 - l = l.With("user", user.Did) 486 486 + l = l.With("user", user.Active.Did) 487 487 488 488 spindles, err := db.GetSpindles( 489 489 s.Db, 490 490 - orm.FilterEq("owner", user.Did), 490 490 + orm.FilterEq("owner", user.Active.Did), 491 491 orm.FilterEq("instance", instance), 492 492 ) 493 493 if err != nil || len(spindles) != 1 { ··· 502 502 s.Pages.Notice(w, noticeId, defaultErr) 503 503 } 504 504 505 505 - if string(spindles[0].Owner) != user.Did { 506 506 - l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 505 505 + if string(spindles[0].Owner) != user.Active.Did { 506 506 + l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 507 507 s.Pages.Notice(w, noticeId, "Failed to add member, unauthorized attempt.") 508 508 return 509 509 } ··· 552 552 553 553 // add member to db 554 554 if err = db.AddSpindleMember(tx, models.SpindleMember{ 555 555 - Did: syntax.DID(user.Did), 555 555 + Did: syntax.DID(user.Active.Did), 556 556 Rkey: rkey, 557 557 Instance: instance, 558 558 Subject: memberId.DID, ··· 570 570 571 571 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 572 572 Collection: tangled.SpindleMemberNSID, 573 573 - Repo: user.Did, 573 573 + Repo: user.Active.Did, 574 574 Rkey: rkey, 575 575 Record: &lexutil.LexiconTypeDecoder{ 576 576 Val: &tangled.SpindleMember{ ··· 603 603 } 604 604 605 605 func (s *Spindles) removeMember(w http.ResponseWriter, r *http.Request) { 606 606 - user := s.OAuth.GetUser(r) 606 606 + user := s.OAuth.GetMultiAccountUser(r) 607 607 l := s.Logger.With("handler", "removeMember") 608 608 609 609 noticeId := "operation-error" ··· 619 619 return 620 620 } 621 621 l = l.With("instance", instance) 622 622 - l = l.With("user", user.Did) 622 622 + l = l.With("user", user.Active.Did) 623 623 624 624 spindles, err := db.GetSpindles( 625 625 s.Db, 626 626 - orm.FilterEq("owner", user.Did), 626 626 + orm.FilterEq("owner", user.Active.Did), 627 627 orm.FilterEq("instance", instance), 628 628 ) 629 629 if err != nil || len(spindles) != 1 { ··· 632 632 return 633 633 } 634 634 635 635 - if string(spindles[0].Owner) != user.Did { 636 636 - l.Error("unauthorized", "user", user.Did, "owner", spindles[0].Owner) 635 635 + if string(spindles[0].Owner) != user.Active.Did { 636 636 + l.Error("unauthorized", "user", user.Active.Did, "owner", spindles[0].Owner) 637 637 s.Pages.Notice(w, noticeId, "Failed to remove member, unauthorized attempt.") 638 638 return 639 639 } ··· 668 668 // get the record from the DB first: 669 669 members, err := db.GetSpindleMembers( 670 670 s.Db, 671 671 - orm.FilterEq("did", user.Did), 671 671 + orm.FilterEq("did", user.Active.Did), 672 672 orm.FilterEq("instance", instance), 673 673 orm.FilterEq("subject", memberId.DID), 674 674 ) ··· 681 681 // remove from db 682 682 if err = db.RemoveSpindleMember( 683 683 tx, 684 684 - orm.FilterEq("did", user.Did), 684 684 + orm.FilterEq("did", user.Active.Did), 685 685 orm.FilterEq("instance", instance), 686 686 orm.FilterEq("subject", memberId.DID), 687 687 ); err != nil { ··· 707 707 // remove from pds 708 708 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 709 709 Collection: tangled.SpindleMemberNSID, 710 710 - Repo: user.Did, 710 710 + Repo: user.Active.Did, 711 711 Rkey: members[0].Rkey, 712 712 }) 713 713 if err != nil {

+83

appview/state/accounts.go

··· 1 1 + package state 2 2 + 3 3 + import ( 4 4 + "net/http" 5 5 + 6 6 + "github.com/go-chi/chi/v5" 7 7 + ) 8 8 + 9 9 + func (s *State) SwitchAccount(w http.ResponseWriter, r *http.Request) { 10 10 + l := s.logger.With("handler", "SwitchAccount") 11 11 + 12 12 + if err := r.ParseForm(); err != nil { 13 13 + l.Error("failed to parse form", "err", err) 14 14 + http.Error(w, "invalid request", http.StatusBadRequest) 15 15 + return 16 16 + } 17 17 + 18 18 + did := r.FormValue("did") 19 19 + if did == "" { 20 20 + http.Error(w, "missing did", http.StatusBadRequest) 21 21 + return 22 22 + } 23 23 + 24 24 + if err := s.oauth.SwitchAccount(w, r, did); err != nil { 25 25 + l.Error("failed to switch account", "err", err) 26 26 + s.pages.HxRedirect(w, "/login?error=session") 27 27 + return 28 28 + } 29 29 + 30 30 + l.Info("switched account", "did", did) 31 31 + s.pages.HxRedirect(w, "/") 32 32 + } 33 33 + 34 34 + func (s *State) RemoveAccount(w http.ResponseWriter, r *http.Request) { 35 35 + l := s.logger.With("handler", "RemoveAccount") 36 36 + 37 37 + did := chi.URLParam(r, "did") 38 38 + if did == "" { 39 39 + http.Error(w, "missing did", http.StatusBadRequest) 40 40 + return 41 41 + } 42 42 + 43 43 + currentUser := s.oauth.GetMultiAccountUser(r) 44 44 + isCurrentAccount := currentUser != nil && currentUser.Active.Did == did 45 45 + 46 46 + var remainingAccounts []string 47 47 + if currentUser != nil { 48 48 + for _, acc := range currentUser.Accounts { 49 49 + if acc.Did != did { 50 50 + remainingAccounts = append(remainingAccounts, acc.Did) 51 51 + } 52 52 + } 53 53 + } 54 54 + 55 55 + if err := s.oauth.RemoveAccount(w, r, did); err != nil { 56 56 + l.Error("failed to remove account", "err", err) 57 57 + http.Error(w, "failed to remove account", http.StatusInternalServerError) 58 58 + return 59 59 + } 60 60 + 61 61 + l.Info("removed account", "did", did) 62 62 + 63 63 + if isCurrentAccount { 64 64 + if len(remainingAccounts) > 0 { 65 65 + nextDid := remainingAccounts[0] 66 66 + if err := s.oauth.SwitchAccount(w, r, nextDid); err != nil { 67 67 + l.Error("failed to switch to next account", "err", err) 68 68 + s.pages.HxRedirect(w, "/login") 69 69 + return 70 70 + } 71 71 + s.pages.HxRefresh(w) 72 72 + return 73 73 + } 74 74 + 75 75 + if err := s.oauth.DeleteSession(w, r); err != nil { 76 76 + l.Error("failed to delete session", "err", err) 77 77 + } 78 78 + s.pages.HxRedirect(w, "/login") 79 79 + return 80 80 + } 81 81 + 82 82 + s.pages.HxRefresh(w) 83 83 + }

+7 -7

appview/state/follow.go

··· 15 15 ) 16 16 17 17 func (s *State) Follow(w http.ResponseWriter, r *http.Request) { 18 18 - currentUser := s.oauth.GetUser(r) 18 18 + currentUser := s.oauth.GetMultiAccountUser(r) 19 19 20 20 subject := r.URL.Query().Get("subject") 21 21 if subject == "" { ··· 29 29 return 30 30 } 31 31 32 32 - if currentUser.Did == subjectIdent.DID.String() { 32 32 + if currentUser.Active.Did == subjectIdent.DID.String() { 33 33 log.Println("cant follow or unfollow yourself") 34 34 return 35 35 } ··· 46 46 rkey := tid.TID() 47 47 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 48 48 Collection: tangled.GraphFollowNSID, 49 49 - Repo: currentUser.Did, 49 49 + Repo: currentUser.Active.Did, 50 50 Rkey: rkey, 51 51 Record: &lexutil.LexiconTypeDecoder{ 52 52 Val: &tangled.GraphFollow{ ··· 62 62 log.Println("created atproto record: ", resp.Uri) 63 63 64 64 follow := &models.Follow{ 65 65 - UserDid: currentUser.Did, 65 65 + UserDid: currentUser.Active.Did, 66 66 SubjectDid: subjectIdent.DID.String(), 67 67 Rkey: rkey, 68 68 } ··· 83 83 return 84 84 case http.MethodDelete: 85 85 // find the record in the db 86 86 - follow, err := db.GetFollow(s.db, currentUser.Did, subjectIdent.DID.String()) 86 86 + follow, err := db.GetFollow(s.db, currentUser.Active.Did, subjectIdent.DID.String()) 87 87 if err != nil { 88 88 log.Println("failed to get follow relationship") 89 89 return ··· 91 91 92 92 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 93 93 Collection: tangled.GraphFollowNSID, 94 94 - Repo: currentUser.Did, 94 94 + Repo: currentUser.Active.Did, 95 95 Rkey: follow.Rkey, 96 96 }) 97 97 ··· 100 100 return 101 101 } 102 102 103 103 - err = db.DeleteFollowByRkey(s.db, currentUser.Did, follow.Rkey) 103 103 + err = db.DeleteFollowByRkey(s.db, currentUser.Active.Did, follow.Rkey) 104 104 if err != nil { 105 105 log.Println("failed to delete follow from DB") 106 106 // this is not an issue, the firehose event might have already done this

+1 -1

appview/state/gfi.go

··· 15 15 ) 16 16 17 17 func (s *State) GoodFirstIssues(w http.ResponseWriter, r *http.Request) { 18 18 - user := s.oauth.GetUser(r) 18 18 + user := s.oauth.GetMultiAccountUser(r) 19 19 20 20 page := pagination.FromContext(r.Context()) 21 21

+57 -7

appview/state/login.go

··· 5 5 "net/http" 6 6 "strings" 7 7 8 8 + "tangled.org/core/appview/oauth" 8 9 "tangled.org/core/appview/pages" 9 10 ) 10 11 ··· 15 16 case http.MethodGet: 16 17 returnURL := r.URL.Query().Get("return_url") 17 18 errorCode := r.URL.Query().Get("error") 19 19 + addAccount := r.URL.Query().Get("mode") == "add_account" 20 20 + 21 21 + user := s.oauth.GetMultiAccountUser(r) 22 22 + if user == nil { 23 23 + registry := s.oauth.GetAccounts(r) 24 24 + if len(registry.Accounts) > 0 { 25 25 + user = &oauth.MultiAccountUser{ 26 26 + Active: nil, 27 27 + Accounts: registry.Accounts, 28 28 + } 29 29 + } 30 30 + } 18 31 s.pages.Login(w, pages.LoginParams{ 19 19 - ReturnUrl: returnURL, 20 20 - ErrorCode: errorCode, 32 32 + ReturnUrl: returnURL, 33 33 + ErrorCode: errorCode, 34 34 + AddAccount: addAccount, 35 35 + LoggedInUser: user, 21 36 }) 22 37 case http.MethodPost: 23 38 handle := r.FormValue("handle") 39 39 + returnURL := r.FormValue("return_url") 40 40 + addAccount := r.FormValue("add_account") == "true" 24 41 25 42 // when users copy their handle from bsky.app, it tends to have these characters around it: 26 43 // ··· 44 61 return 45 62 } 46 63 64 64 + if err := s.oauth.SetAuthReturn(w, r, returnURL, addAccount); err != nil { 65 65 + l.Error("failed to set auth return", "err", err) 66 66 + } 67 67 + 47 68 redirectURL, err := s.oauth.ClientApp.StartAuthFlow(r.Context(), handle) 48 69 if err != nil { 49 70 l.Error("failed to start auth", "err", err) ··· 58 79 func (s *State) Logout(w http.ResponseWriter, r *http.Request) { 59 80 l := s.logger.With("handler", "Logout") 60 81 61 61 - err := s.oauth.DeleteSession(w, r) 62 62 - if err != nil { 63 63 - l.Error("failed to logout", "err", err) 64 64 - } else { 65 65 - l.Info("logged out successfully") 82 82 + currentUser := s.oauth.GetMultiAccountUser(r) 83 83 + if currentUser == nil || currentUser.Active == nil { 84 84 + s.pages.HxRedirect(w, "/login") 85 85 + return 66 86 } 67 87 88 88 + currentDid := currentUser.Active.Did 89 89 + 90 90 + var remainingAccounts []string 91 91 + for _, acc := range currentUser.Accounts { 92 92 + if acc.Did != currentDid { 93 93 + remainingAccounts = append(remainingAccounts, acc.Did) 94 94 + } 95 95 + } 96 96 + 97 97 + if err := s.oauth.RemoveAccount(w, r, currentDid); err != nil { 98 98 + l.Error("failed to remove account from registry", "err", err) 99 99 + } 100 100 + 101 101 + if err := s.oauth.DeleteSession(w, r); err != nil { 102 102 + l.Error("failed to delete session", "err", err) 103 103 + } 104 104 + 105 105 + if len(remainingAccounts) > 0 { 106 106 + nextDid := remainingAccounts[0] 107 107 + if err := s.oauth.SwitchAccount(w, r, nextDid); err != nil { 108 108 + l.Error("failed to switch to next account", "err", err) 109 109 + s.pages.HxRedirect(w, "/login") 110 110 + return 111 111 + } 112 112 + l.Info("switched to next account after logout", "did", nextDid) 113 113 + s.pages.HxRefresh(w) 114 114 + return 115 115 + } 116 116 + 117 117 + l.Info("logged out last account") 68 118 s.pages.HxRedirect(w, "/login") 69 119 }

+32 -32

appview/state/profile.go

··· 77 77 return nil, fmt.Errorf("failed to get follower stats: %w", err) 78 78 } 79 79 80 80 - loggedInUser := s.oauth.GetUser(r) 80 80 + loggedInUser := s.oauth.GetMultiAccountUser(r) 81 81 followStatus := models.IsNotFollowing 82 82 if loggedInUser != nil { 83 83 - followStatus = db.GetFollowStatus(s.db, loggedInUser.Did, did) 83 83 + followStatus = db.GetFollowStatus(s.db, loggedInUser.Active.Did, did) 84 84 } 85 85 86 86 now := time.Now() ··· 174 174 } 175 175 176 176 s.pages.ProfileOverview(w, pages.ProfileOverviewParams{ 177 177 - LoggedInUser: s.oauth.GetUser(r), 177 177 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 178 178 Card: profile, 179 179 Repos: pinnedRepos, 180 180 CollaboratingRepos: pinnedCollaboratingRepos, ··· 205 205 } 206 206 207 207 err = s.pages.ProfileRepos(w, pages.ProfileReposParams{ 208 208 - LoggedInUser: s.oauth.GetUser(r), 208 208 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 209 209 Repos: repos, 210 210 Card: profile, 211 211 }) ··· 234 234 } 235 235 236 236 err = s.pages.ProfileStarred(w, pages.ProfileStarredParams{ 237 237 - LoggedInUser: s.oauth.GetUser(r), 237 237 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 238 238 Repos: repos, 239 239 Card: profile, 240 240 }) ··· 259 259 } 260 260 261 261 err = s.pages.ProfileStrings(w, pages.ProfileStringsParams{ 262 262 - LoggedInUser: s.oauth.GetUser(r), 262 262 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 263 263 Strings: strings, 264 264 Card: profile, 265 265 }) ··· 283 283 } 284 284 l = l.With("profileDid", profile.UserDid) 285 285 286 286 - loggedInUser := s.oauth.GetUser(r) 286 286 + loggedInUser := s.oauth.GetMultiAccountUser(r) 287 287 params := FollowsPageParams{ 288 288 Card: profile, 289 289 } ··· 316 316 317 317 loggedInUserFollowing := make(map[string]struct{}) 318 318 if loggedInUser != nil { 319 319 - following, err := db.GetFollowing(s.db, loggedInUser.Did) 319 319 + following, err := db.GetFollowing(s.db, loggedInUser.Active.Did) 320 320 if err != nil { 321 321 - l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Did) 321 321 + l.Error("failed to get follow list", "err", err, "loggedInUser", loggedInUser.Active.Did) 322 322 return &params, err 323 323 } 324 324 loggedInUserFollowing = make(map[string]struct{}, len(following)) ··· 333 333 followStatus := models.IsNotFollowing 334 334 if _, exists := loggedInUserFollowing[did]; exists { 335 335 followStatus = models.IsFollowing 336 336 - } else if loggedInUser != nil && loggedInUser.Did == did { 336 336 + } else if loggedInUser != nil && loggedInUser.Active.Did == did { 337 337 followStatus = models.IsSelf 338 338 } 339 339 ··· 367 367 } 368 368 369 369 s.pages.ProfileFollowers(w, pages.ProfileFollowersParams{ 370 370 - LoggedInUser: s.oauth.GetUser(r), 370 370 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 371 371 Followers: followPage.Follows, 372 372 Card: followPage.Card, 373 373 }) ··· 381 381 } 382 382 383 383 s.pages.ProfileFollowing(w, pages.ProfileFollowingParams{ 384 384 - LoggedInUser: s.oauth.GetUser(r), 384 384 + LoggedInUser: s.oauth.GetMultiAccountUser(r), 385 385 Following: followPage.Follows, 386 386 Card: followPage.Card, 387 387 }) ··· 530 530 } 531 531 532 532 func (s *State) UpdateProfileBio(w http.ResponseWriter, r *http.Request) { 533 533 - user := s.oauth.GetUser(r) 533 533 + user := s.oauth.GetMultiAccountUser(r) 534 534 535 535 err := r.ParseForm() 536 536 if err != nil { ··· 539 539 return 540 540 } 541 541 542 542 - profile, err := db.GetProfile(s.db, user.Did) 542 542 + profile, err := db.GetProfile(s.db, user.Active.Did) 543 543 if err != nil { 544 544 - log.Printf("getting profile data for %s: %s", user.Did, err) 544 544 + log.Printf("getting profile data for %s: %s", user.Active.Did, err) 545 545 } 546 546 547 547 profile.Description = r.FormValue("description") ··· 578 578 } 579 579 580 580 func (s *State) UpdateProfilePins(w http.ResponseWriter, r *http.Request) { 581 581 - user := s.oauth.GetUser(r) 581 581 + user := s.oauth.GetMultiAccountUser(r) 582 582 583 583 err := r.ParseForm() 584 584 if err != nil { ··· 587 587 return 588 588 } 589 589 590 590 - profile, err := db.GetProfile(s.db, user.Did) 590 590 + profile, err := db.GetProfile(s.db, user.Active.Did) 591 591 if err != nil { 592 592 - log.Printf("getting profile data for %s: %s", user.Did, err) 592 592 + log.Printf("getting profile data for %s: %s", user.Active.Did, err) 593 593 } 594 594 595 595 i := 0 ··· 617 617 } 618 618 619 619 func (s *State) updateProfile(profile *models.Profile, w http.ResponseWriter, r *http.Request) { 620 620 - user := s.oauth.GetUser(r) 620 620 + user := s.oauth.GetMultiAccountUser(r) 621 621 tx, err := s.db.BeginTx(r.Context(), nil) 622 622 if err != nil { 623 623 log.Println("failed to start transaction", err) ··· 644 644 vanityStats = append(vanityStats, string(v.Kind)) 645 645 } 646 646 647 647 - ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Did, "self") 647 647 + ex, _ := comatproto.RepoGetRecord(r.Context(), client, "", tangled.ActorProfileNSID, user.Active.Did, "self") 648 648 var cid *string 649 649 if ex != nil { 650 650 cid = ex.Cid ··· 652 652 653 653 _, err = comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 654 654 Collection: tangled.ActorProfileNSID, 655 655 - Repo: user.Did, 655 655 + Repo: user.Active.Did, 656 656 Rkey: "self", 657 657 Record: &lexutil.LexiconTypeDecoder{ 658 658 Val: &tangled.ActorProfile{ ··· 681 681 682 682 s.notifier.UpdateProfile(r.Context(), profile) 683 683 684 684 - s.pages.HxRedirect(w, "/"+user.Did) 684 684 + s.pages.HxRedirect(w, "/"+user.Active.Did) 685 685 } 686 686 687 687 func (s *State) EditBioFragment(w http.ResponseWriter, r *http.Request) { 688 688 - user := s.oauth.GetUser(r) 688 688 + user := s.oauth.GetMultiAccountUser(r) 689 689 690 690 - profile, err := db.GetProfile(s.db, user.Did) 690 690 + profile, err := db.GetProfile(s.db, user.Active.Did) 691 691 if err != nil { 692 692 - log.Printf("getting profile data for %s: %s", user.Did, err) 692 692 + log.Printf("getting profile data for %s: %s", user.Active.Did, err) 693 693 } 694 694 695 695 s.pages.EditBioFragment(w, pages.EditBioParams{ ··· 699 699 } 700 700 701 701 func (s *State) EditPinsFragment(w http.ResponseWriter, r *http.Request) { 702 702 - user := s.oauth.GetUser(r) 702 702 + user := s.oauth.GetMultiAccountUser(r) 703 703 704 704 - profile, err := db.GetProfile(s.db, user.Did) 704 704 + profile, err := db.GetProfile(s.db, user.Active.Did) 705 705 if err != nil { 706 706 - log.Printf("getting profile data for %s: %s", user.Did, err) 706 706 + log.Printf("getting profile data for %s: %s", user.Active.Did, err) 707 707 } 708 708 709 709 - repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Did)) 709 709 + repos, err := db.GetRepos(s.db, 0, orm.FilterEq("did", user.Active.Did)) 710 710 if err != nil { 711 711 - log.Printf("getting repos for %s: %s", user.Did, err) 711 711 + log.Printf("getting repos for %s: %s", user.Active.Did, err) 712 712 } 713 713 714 714 - collaboratingRepos, err := db.CollaboratingIn(s.db, user.Did) 714 714 + collaboratingRepos, err := db.CollaboratingIn(s.db, user.Active.Did) 715 715 if err != nil { 716 716 - log.Printf("getting collaborating repos for %s: %s", user.Did, err) 716 716 + log.Printf("getting collaborating repos for %s: %s", user.Active.Did, err) 717 717 } 718 718 719 719 allRepos := []pages.PinnedRepo{}

+7 -7

appview/state/reaction.go

··· 17 17 ) 18 18 19 19 func (s *State) React(w http.ResponseWriter, r *http.Request) { 20 20 - currentUser := s.oauth.GetUser(r) 20 20 + currentUser := s.oauth.GetMultiAccountUser(r) 21 21 22 22 subject := r.URL.Query().Get("subject") 23 23 if subject == "" { ··· 49 49 rkey := tid.TID() 50 50 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 51 51 Collection: tangled.FeedReactionNSID, 52 52 - Repo: currentUser.Did, 52 52 + Repo: currentUser.Active.Did, 53 53 Rkey: rkey, 54 54 Record: &lexutil.LexiconTypeDecoder{ 55 55 Val: &tangled.FeedReaction{ ··· 64 64 return 65 65 } 66 66 67 67 - err = db.AddReaction(s.db, currentUser.Did, subjectUri, reactionKind, rkey) 67 67 + err = db.AddReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind, rkey) 68 68 if err != nil { 69 69 log.Println("failed to react", err) 70 70 return ··· 87 87 88 88 return 89 89 case http.MethodDelete: 90 90 - reaction, err := db.GetReaction(s.db, currentUser.Did, subjectUri, reactionKind) 90 90 + reaction, err := db.GetReaction(s.db, currentUser.Active.Did, subjectUri, reactionKind) 91 91 if err != nil { 92 92 - log.Println("failed to get reaction relationship for", currentUser.Did, subjectUri) 92 92 + log.Println("failed to get reaction relationship for", currentUser.Active.Did, subjectUri) 93 93 return 94 94 } 95 95 96 96 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 97 97 Collection: tangled.FeedReactionNSID, 98 98 - Repo: currentUser.Did, 98 98 + Repo: currentUser.Active.Did, 99 99 Rkey: reaction.Rkey, 100 100 }) 101 101 ··· 104 104 return 105 105 } 106 106 107 107 - err = db.DeleteReactionByRkey(s.db, currentUser.Did, reaction.Rkey) 107 107 + err = db.DeleteReactionByRkey(s.db, currentUser.Active.Did, reaction.Rkey) 108 108 if err != nil { 109 109 log.Println("failed to delete reaction from DB") 110 110 // this is not an issue, the firehose event might have already done this

+3

appview/state/router.go

··· 132 132 r.Post("/login", s.Login) 133 133 r.Post("/logout", s.Logout) 134 134 135 135 + r.Post("/account/switch", s.SwitchAccount) 136 136 + r.With(middleware.AuthMiddleware(s.oauth)).Delete("/account/{did}", s.RemoveAccount) 137 137 + 135 138 r.Route("/repo", func(r chi.Router) { 136 139 r.Route("/new", func(r chi.Router) { 137 140 r.Use(middleware.AuthMiddleware(s.oauth))

+6 -6

appview/state/star.go

··· 16 16 ) 17 17 18 18 func (s *State) Star(w http.ResponseWriter, r *http.Request) { 19 19 - currentUser := s.oauth.GetUser(r) 19 19 + currentUser := s.oauth.GetMultiAccountUser(r) 20 20 21 21 subject := r.URL.Query().Get("subject") 22 22 if subject == "" { ··· 42 42 rkey := tid.TID() 43 43 resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 44 44 Collection: tangled.FeedStarNSID, 45 45 - Repo: currentUser.Did, 45 45 + Repo: currentUser.Active.Did, 46 46 Rkey: rkey, 47 47 Record: &lexutil.LexiconTypeDecoder{ 48 48 Val: &tangled.FeedStar{ ··· 57 57 log.Println("created atproto record: ", resp.Uri) 58 58 59 59 star := &models.Star{ 60 60 - Did: currentUser.Did, 60 60 + Did: currentUser.Active.Did, 61 61 RepoAt: subjectUri, 62 62 Rkey: rkey, 63 63 } ··· 84 84 return 85 85 case http.MethodDelete: 86 86 // find the record in the db 87 87 - star, err := db.GetStar(s.db, currentUser.Did, subjectUri) 87 87 + star, err := db.GetStar(s.db, currentUser.Active.Did, subjectUri) 88 88 if err != nil { 89 89 log.Println("failed to get star relationship") 90 90 return ··· 92 92 93 93 _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 94 94 Collection: tangled.FeedStarNSID, 95 95 - Repo: currentUser.Did, 95 95 + Repo: currentUser.Active.Did, 96 96 Rkey: star.Rkey, 97 97 }) 98 98 ··· 101 101 return 102 102 } 103 103 104 104 - err = db.DeleteStarByRkey(s.db, currentUser.Did, star.Rkey) 104 104 + err = db.DeleteStarByRkey(s.db, currentUser.Active.Did, star.Rkey) 105 105 if err != nil { 106 106 log.Println("failed to delete star from DB") 107 107 // this is not an issue, the firehose event might have already done this

+22 -22

appview/state/state.go

··· 249 249 } 250 250 251 251 func (s *State) TermsOfService(w http.ResponseWriter, r *http.Request) { 252 252 - user := s.oauth.GetUser(r) 252 252 + user := s.oauth.GetMultiAccountUser(r) 253 253 s.pages.TermsOfService(w, pages.TermsOfServiceParams{ 254 254 LoggedInUser: user, 255 255 }) 256 256 } 257 257 258 258 func (s *State) PrivacyPolicy(w http.ResponseWriter, r *http.Request) { 259 259 - user := s.oauth.GetUser(r) 259 259 + user := s.oauth.GetMultiAccountUser(r) 260 260 s.pages.PrivacyPolicy(w, pages.PrivacyPolicyParams{ 261 261 LoggedInUser: user, 262 262 }) 263 263 } 264 264 265 265 func (s *State) Brand(w http.ResponseWriter, r *http.Request) { 266 266 - user := s.oauth.GetUser(r) 266 266 + user := s.oauth.GetMultiAccountUser(r) 267 267 s.pages.Brand(w, pages.BrandParams{ 268 268 LoggedInUser: user, 269 269 }) 270 270 } 271 271 272 272 func (s *State) HomeOrTimeline(w http.ResponseWriter, r *http.Request) { 273 273 - if s.oauth.GetUser(r) != nil { 273 273 + if s.oauth.GetMultiAccountUser(r) != nil { 274 274 s.Timeline(w, r) 275 275 return 276 276 } ··· 278 278 } 279 279 280 280 func (s *State) Timeline(w http.ResponseWriter, r *http.Request) { 281 281 - user := s.oauth.GetUser(r) 281 281 + user := s.oauth.GetMultiAccountUser(r) 282 282 283 283 // TODO: set this flag based on the UI 284 284 filtered := false 285 285 286 286 var userDid string 287 287 - if user != nil { 288 288 - userDid = user.Did 287 287 + if user != nil && user.Active != nil { 288 288 + userDid = user.Active.Did 289 289 } 290 290 timeline, err := db.MakeTimeline(s.db, 50, userDid, filtered) 291 291 if err != nil { ··· 314 314 } 315 315 316 316 func (s *State) UpgradeBanner(w http.ResponseWriter, r *http.Request) { 317 317 - user := s.oauth.GetUser(r) 317 317 + user := s.oauth.GetMultiAccountUser(r) 318 318 if user == nil { 319 319 return 320 320 } 321 321 322 322 l := s.logger.With("handler", "UpgradeBanner") 323 323 - l = l.With("did", user.Did) 323 323 + l = l.With("did", user.Active.Did) 324 324 325 325 regs, err := db.GetRegistrations( 326 326 s.db, 327 327 - orm.FilterEq("did", user.Did), 327 327 + orm.FilterEq("did", user.Active.Did), 328 328 orm.FilterEq("needs_upgrade", 1), 329 329 ) 330 330 if err != nil { ··· 333 333 334 334 spindles, err := db.GetSpindles( 335 335 s.db, 336 336 - orm.FilterEq("owner", user.Did), 336 336 + orm.FilterEq("owner", user.Active.Did), 337 337 orm.FilterEq("needs_upgrade", 1), 338 338 ) 339 339 if err != nil { ··· 447 447 func (s *State) NewRepo(w http.ResponseWriter, r *http.Request) { 448 448 switch r.Method { 449 449 case http.MethodGet: 450 450 - user := s.oauth.GetUser(r) 451 451 - knots, err := s.enforcer.GetKnotsForUser(user.Did) 450 450 + user := s.oauth.GetMultiAccountUser(r) 451 451 + knots, err := s.enforcer.GetKnotsForUser(user.Active.Did) 452 452 if err != nil { 453 453 s.pages.Notice(w, "repo", "Invalid user account.") 454 454 return ··· 462 462 case http.MethodPost: 463 463 l := s.logger.With("handler", "NewRepo") 464 464 465 465 - user := s.oauth.GetUser(r) 466 466 - l = l.With("did", user.Did) 465 465 + user := s.oauth.GetMultiAccountUser(r) 466 466 + l = l.With("did", user.Active.Did) 467 467 468 468 // form validation 469 469 domain := r.FormValue("domain") ··· 495 495 description := r.FormValue("description") 496 496 497 497 // ACL validation 498 498 - ok, err := s.enforcer.E.Enforce(user.Did, domain, domain, "repo:create") 498 498 + ok, err := s.enforcer.E.Enforce(user.Active.Did, domain, domain, "repo:create") 499 499 if err != nil || !ok { 500 500 l.Info("unauthorized") 501 501 s.pages.Notice(w, "repo", "You do not have permission to create a repo in this knot.") ··· 505 505 // Check for existing repos 506 506 existingRepo, err := db.GetRepo( 507 507 s.db, 508 508 - orm.FilterEq("did", user.Did), 508 508 + orm.FilterEq("did", user.Active.Did), 509 509 orm.FilterEq("name", repoName), 510 510 ) 511 511 if err == nil && existingRepo != nil { ··· 517 517 // create atproto record for this repo 518 518 rkey := tid.TID() 519 519 repo := &models.Repo{ 520 520 - Did: user.Did, 520 520 + Did: user.Active.Did, 521 521 Name: repoName, 522 522 Knot: domain, 523 523 Rkey: rkey, ··· 536 536 537 537 atresp, err := comatproto.RepoPutRecord(r.Context(), atpClient, &comatproto.RepoPutRecord_Input{ 538 538 Collection: tangled.RepoNSID, 539 539 - Repo: user.Did, 539 539 + Repo: user.Active.Did, 540 540 Rkey: rkey, 541 541 Record: &lexutil.LexiconTypeDecoder{ 542 542 Val: &record, ··· 613 613 } 614 614 615 615 // acls 616 616 - p, _ := securejoin.SecureJoin(user.Did, repoName) 617 617 - err = s.enforcer.AddRepo(user.Did, domain, p) 616 616 + p, _ := securejoin.SecureJoin(user.Active.Did, repoName) 617 617 + err = s.enforcer.AddRepo(user.Active.Did, domain, p) 618 618 if err != nil { 619 619 l.Error("acl setup failed", "err", err) 620 620 s.pages.Notice(w, "repo", "Failed to set up repository permissions.") ··· 639 639 aturi = "" 640 640 641 641 s.notifier.NewRepo(r.Context(), repo) 642 642 - s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Did, repoName)) 642 642 + s.pages.HxLocation(w, fmt.Sprintf("/%s/%s", user.Active.Did, repoName)) 643 643 } 644 644 } 645 645

+19 -19

appview/strings/strings.go

··· 82 82 } 83 83 84 84 s.Pages.StringsTimeline(w, pages.StringTimelineParams{ 85 85 - LoggedInUser: s.OAuth.GetUser(r), 85 85 + LoggedInUser: s.OAuth.GetMultiAccountUser(r), 86 86 Strings: strings, 87 87 }) 88 88 } ··· 153 153 if err != nil { 154 154 l.Error("failed to get star count", "err", err) 155 155 } 156 156 - user := s.OAuth.GetUser(r) 156 156 + user := s.OAuth.GetMultiAccountUser(r) 157 157 isStarred := false 158 158 if user != nil { 159 159 - isStarred = db.GetStarStatus(s.Db, user.Did, string.AtUri()) 159 159 + isStarred = db.GetStarStatus(s.Db, user.Active.Did, string.AtUri()) 160 160 } 161 161 162 162 s.Pages.SingleString(w, pages.SingleStringParams{ ··· 178 178 func (s *Strings) edit(w http.ResponseWriter, r *http.Request) { 179 179 l := s.Logger.With("handler", "edit") 180 180 181 181 - user := s.OAuth.GetUser(r) 181 181 + user := s.OAuth.GetMultiAccountUser(r) 182 182 183 183 id, ok := r.Context().Value("resolvedId").(identity.Identity) 184 184 if !ok { ··· 216 216 first := all[0] 217 217 218 218 // verify that the logged in user owns this string 219 219 - if user.Did != id.DID.String() { 220 220 - l.Error("unauthorized request", "expected", id.DID, "got", user.Did) 219 219 + if user.Active.Did != id.DID.String() { 220 220 + l.Error("unauthorized request", "expected", id.DID, "got", user.Active.Did) 221 221 w.WriteHeader(http.StatusUnauthorized) 222 222 return 223 223 } ··· 226 226 case http.MethodGet: 227 227 // return the form with prefilled fields 228 228 s.Pages.PutString(w, pages.PutStringParams{ 229 229 - LoggedInUser: s.OAuth.GetUser(r), 229 229 + LoggedInUser: s.OAuth.GetMultiAccountUser(r), 230 230 Action: "edit", 231 231 String: first, 232 232 }) ··· 299 299 s.Notifier.EditString(r.Context(), &entry) 300 300 301 301 // if that went okay, redir to the string 302 302 - s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+entry.Rkey) 302 302 + s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+entry.Rkey) 303 303 } 304 304 305 305 } 306 306 307 307 func (s *Strings) create(w http.ResponseWriter, r *http.Request) { 308 308 l := s.Logger.With("handler", "create") 309 309 - user := s.OAuth.GetUser(r) 309 309 + user := s.OAuth.GetMultiAccountUser(r) 310 310 311 311 switch r.Method { 312 312 case http.MethodGet: 313 313 s.Pages.PutString(w, pages.PutStringParams{ 314 314 - LoggedInUser: s.OAuth.GetUser(r), 314 314 + LoggedInUser: s.OAuth.GetMultiAccountUser(r), 315 315 Action: "new", 316 316 }) 317 317 case http.MethodPost: ··· 335 335 description := r.FormValue("description") 336 336 337 337 string := models.String{ 338 338 - Did: syntax.DID(user.Did), 338 338 + Did: syntax.DID(user.Active.Did), 339 339 Rkey: tid.TID(), 340 340 Filename: filename, 341 341 Description: description, ··· 353 353 354 354 resp, err := comatproto.RepoPutRecord(r.Context(), client, &atproto.RepoPutRecord_Input{ 355 355 Collection: tangled.StringNSID, 356 356 - Repo: user.Did, 356 356 + Repo: user.Active.Did, 357 357 Rkey: string.Rkey, 358 358 Record: &lexutil.LexiconTypeDecoder{ 359 359 Val: &record, ··· 375 375 s.Notifier.NewString(r.Context(), &string) 376 376 377 377 // successful 378 378 - s.Pages.HxRedirect(w, "/strings/"+user.Did+"/"+string.Rkey) 378 378 + s.Pages.HxRedirect(w, "/strings/"+user.Active.Did+"/"+string.Rkey) 379 379 } 380 380 } 381 381 382 382 func (s *Strings) delete(w http.ResponseWriter, r *http.Request) { 383 383 l := s.Logger.With("handler", "create") 384 384 - user := s.OAuth.GetUser(r) 384 384 + user := s.OAuth.GetMultiAccountUser(r) 385 385 fail := func(msg string, err error) { 386 386 l.Error(msg, "err", err) 387 387 s.Pages.Notice(w, "error", msg) ··· 402 402 return 403 403 } 404 404 405 405 - if user.Did != id.DID.String() { 406 406 - fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Did, id.DID.String())) 405 405 + if user.Active.Did != id.DID.String() { 406 406 + fail("You cannot delete this string", fmt.Errorf("unauthorized deletion, %s != %s", user.Active.Did, id.DID.String())) 407 407 return 408 408 } 409 409 410 410 if err := db.DeleteString( 411 411 s.Db, 412 412 - orm.FilterEq("did", user.Did), 412 412 + orm.FilterEq("did", user.Active.Did), 413 413 orm.FilterEq("rkey", rkey), 414 414 ); err != nil { 415 415 fail("Failed to delete string.", err) 416 416 return 417 417 } 418 418 419 419 - s.Notifier.DeleteString(r.Context(), user.Did, rkey) 419 419 + s.Notifier.DeleteString(r.Context(), user.Active.Did, rkey) 420 420 421 421 - s.Pages.HxRedirect(w, "/strings/"+user.Did) 421 421 + s.Pages.HxRedirect(w, "/strings/"+user.Active.Did) 422 422 } 423 423 424 424 func (s *Strings) comment(w http.ResponseWriter, r *http.Request) {