moll.dev / core
forked from tangled.org/core
this repo has no description
fork atom

attempt to fix 400 from token refresh

oppi.li 985f3926 ec0558e5

+119 -104
unified split
+1 -1
appview/auth/auth.go
··· 140 140 clientSession.Values[appview.SessionPds] = pdsEndpoint 141 141 clientSession.Values[appview.SessionAccessJwt] = atSessionish.GetAccessJwt() 142 142 clientSession.Values[appview.SessionRefreshJwt] = atSessionish.GetRefreshJwt() 143 - clientSession.Values[appview.SessionExpiry] = time.Now().Add(time.Hour).Format(time.RFC3339) 143 + clientSession.Values[appview.SessionExpiry] = time.Now().Add(time.Minute * 15).Format(time.RFC3339) 144 144 clientSession.Values[appview.SessionAuthenticated] = true 145 145 return clientSession.Save(r, w) 146 146 }
+112
appview/state/follow.go
··· 1 + package state 2 + 3 + import ( 4 + "fmt" 5 + "log" 6 + "net/http" 7 + "time" 8 + 9 + comatproto "github.com/bluesky-social/indigo/api/atproto" 10 + lexutil "github.com/bluesky-social/indigo/lex/util" 11 + tangled "github.com/sotangled/tangled/api/tangled" 12 + ) 13 + 14 + func (s *State) Follow(w http.ResponseWriter, r *http.Request) { 15 + currentUser := s.auth.GetUser(r) 16 + 17 + subject := r.URL.Query().Get("subject") 18 + if subject == "" { 19 + log.Println("invalid form") 20 + return 21 + } 22 + 23 + subjectIdent, err := s.resolver.ResolveIdent(r.Context(), subject) 24 + if err != nil { 25 + log.Println("failed to follow, invalid did") 26 + } 27 + 28 + if currentUser.Did == subjectIdent.DID.String() { 29 + log.Println("cant follow or unfollow yourself") 30 + return 31 + } 32 + 33 + client, _ := s.auth.AuthorizedClient(r) 34 + 35 + switch r.Method { 36 + case http.MethodPost: 37 + createdAt := time.Now().Format(time.RFC3339) 38 + rkey := s.TID() 39 + resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 40 + Collection: tangled.GraphFollowNSID, 41 + Repo: currentUser.Did, 42 + Rkey: rkey, 43 + Record: &lexutil.LexiconTypeDecoder{ 44 + Val: &tangled.GraphFollow{ 45 + Subject: subjectIdent.DID.String(), 46 + CreatedAt: createdAt, 47 + }}, 48 + }) 49 + if err != nil { 50 + log.Println("failed to create atproto record", err) 51 + return 52 + } 53 + 54 + err = s.db.AddFollow(currentUser.Did, subjectIdent.DID.String(), rkey) 55 + if err != nil { 56 + log.Println("failed to follow", err) 57 + return 58 + } 59 + 60 + log.Println("created atproto record: ", resp.Uri) 61 + 62 + w.Write([]byte(fmt.Sprintf(` 63 + <button id="followBtn" 64 + class="btn mt-2" 65 + hx-delete="/follow?subject=%s" 66 + hx-trigger="click" 67 + hx-target="#followBtn" 68 + hx-swap="outerHTML"> 69 + Unfollow 70 + </button> 71 + `, subjectIdent.DID.String()))) 72 + 73 + return 74 + case http.MethodDelete: 75 + // find the record in the db 76 + follow, err := s.db.GetFollow(currentUser.Did, subjectIdent.DID.String()) 77 + if err != nil { 78 + log.Println("failed to get follow relationship") 79 + return 80 + } 81 + 82 + _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 83 + Collection: tangled.GraphFollowNSID, 84 + Repo: currentUser.Did, 85 + Rkey: follow.RKey, 86 + }) 87 + 88 + if err != nil { 89 + log.Println("failed to unfollow") 90 + return 91 + } 92 + 93 + err = s.db.DeleteFollow(currentUser.Did, subjectIdent.DID.String()) 94 + if err != nil { 95 + log.Println("failed to delete follow from DB") 96 + // this is not an issue, the firehose event might have already done this 97 + } 98 + 99 + w.Write([]byte(fmt.Sprintf(` 100 + <button id="followBtn" 101 + class="btn mt-2" 102 + hx-post="/follow?subject=%s" 103 + hx-trigger="click" 104 + hx-target="#followBtn" 105 + hx-swap="outerHTML"> 106 + Follow 107 + </button> 108 + `, subjectIdent.DID.String()))) 109 + return 110 + } 111 + 112 + }
+2 -1
appview/state/middleware.go
··· 54 54 } 55 55 atSession, err := comatproto.ServerRefreshSession(r.Context(), &client) 56 56 if err != nil { 57 - log.Println(err) 57 + log.Println("failed to refresh session", err) 58 + http.Redirect(w, r, "/login", http.StatusTemporaryRedirect) 58 59 return 59 60 } 60 61
+4 -102
appview/state/state.go
··· 682 682 }) 683 683 } 684 684 685 - func (s *State) Follow(w http.ResponseWriter, r *http.Request) { 686 - currentUser := s.auth.GetUser(r) 687 - 688 - subject := r.URL.Query().Get("subject") 689 - if subject == "" { 690 - log.Println("invalid form") 691 - return 692 - } 693 - 694 - subjectIdent, err := s.resolver.ResolveIdent(r.Context(), subject) 695 - if err != nil { 696 - log.Println("failed to follow, invalid did") 697 - } 698 - 699 - if currentUser.Did == subjectIdent.DID.String() { 700 - log.Println("cant follow or unfollow yourself") 701 - return 702 - } 703 - 704 - client, _ := s.auth.AuthorizedClient(r) 705 - 706 - switch r.Method { 707 - case http.MethodPost: 708 - createdAt := time.Now().Format(time.RFC3339) 709 - rkey := s.TID() 710 - resp, err := comatproto.RepoPutRecord(r.Context(), client, &comatproto.RepoPutRecord_Input{ 711 - Collection: tangled.GraphFollowNSID, 712 - Repo: currentUser.Did, 713 - Rkey: rkey, 714 - Record: &lexutil.LexiconTypeDecoder{ 715 - Val: &tangled.GraphFollow{ 716 - Subject: subjectIdent.DID.String(), 717 - CreatedAt: createdAt, 718 - }}, 719 - }) 720 - if err != nil { 721 - log.Println("failed to create atproto record", err) 722 - return 723 - } 724 - 725 - err = s.db.AddFollow(currentUser.Did, subjectIdent.DID.String(), rkey) 726 - if err != nil { 727 - log.Println("failed to follow", err) 728 - return 729 - } 730 - 731 - log.Println("created atproto record: ", resp.Uri) 732 - 733 - w.Write([]byte(fmt.Sprintf(` 734 - <button id="followBtn" 735 - class="btn mt-2" 736 - hx-delete="/follow?subject=%s" 737 - hx-trigger="click" 738 - hx-target="#followBtn" 739 - hx-swap="outerHTML"> 740 - Unfollow 741 - </button> 742 - `, subjectIdent.DID.String()))) 743 - 744 - return 745 - case http.MethodDelete: 746 - // find the record in the db 747 - follow, err := s.db.GetFollow(currentUser.Did, subjectIdent.DID.String()) 748 - if err != nil { 749 - log.Println("failed to get follow relationship") 750 - return 751 - } 752 - 753 - _, err = comatproto.RepoDeleteRecord(r.Context(), client, &comatproto.RepoDeleteRecord_Input{ 754 - Collection: tangled.GraphFollowNSID, 755 - Repo: currentUser.Did, 756 - Rkey: follow.RKey, 757 - }) 758 - 759 - if err != nil { 760 - log.Println("failed to unfollow") 761 - return 762 - } 763 - 764 - err = s.db.DeleteFollow(currentUser.Did, subjectIdent.DID.String()) 765 - if err != nil { 766 - log.Println("failed to delete follow from DB") 767 - // this is not an issue, the firehose event might have already done this 768 - } 769 - 770 - w.Write([]byte(fmt.Sprintf(` 771 - <button id="followBtn" 772 - class="btn mt-2" 773 - hx-post="/follow?subject=%s" 774 - hx-trigger="click" 775 - hx-target="#followBtn" 776 - hx-swap="outerHTML"> 777 - Follow 778 - </button> 779 - `, subjectIdent.DID.String()))) 780 - return 781 - } 782 - 783 - } 784 - 785 685 func (s *State) Router() http.Handler { 786 686 router := chi.NewRouter() 787 687 ··· 861 761 862 762 r.Get("/logout", s.Logout) 863 763 864 - r.Get("/login", s.Login) 865 - r.Post("/login", s.Login) 764 + r.Route("/login", func(r chi.Router) { 765 + r.Get("/", s.Login) 766 + r.Post("/", s.Login) 767 + }) 866 768 867 769 r.Route("/knots", func(r chi.Router) { 868 770 r.Use(AuthMiddleware(s))