tangled.org
oppi.li
+15
-5
appview/state/middleware.go
+15
-5
appview/state/middleware.go
···
21
21
func AuthMiddleware(s *State) Middleware {
22
22
return func(next http.Handler) http.Handler {
23
23
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
24
+
redirectFunc := func(w http.ResponseWriter, r *http.Request) {
25
+
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
26
+
}
27
+
if r.Header.Get("HX-Request") == "true" {
28
+
redirectFunc = func(w http.ResponseWriter, _ *http.Request) {
29
+
w.Header().Set("HX-Redirect", "/login")
30
+
w.WriteHeader(http.StatusOK)
31
+
}
32
+
}
33
+
24
34
session, err := s.auth.GetSession(r)
25
35
if session.IsNew || err != nil {
26
36
log.Printf("not logged in, redirecting")
27
-
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
37
+
redirectFunc(w, r)
28
38
return
29
39
}
30
40
31
41
authorized, ok := session.Values[appview.SessionAuthenticated].(bool)
32
42
if !ok || !authorized {
33
43
log.Printf("not logged in, redirecting")
34
-
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
44
+
redirectFunc(w, r)
35
45
return
36
46
}
37
47
···
41
51
expiry, err := time.Parse(time.RFC3339, expiryStr)
42
52
if err != nil {
43
53
log.Println("invalid expiry time", err)
44
-
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
54
+
redirectFunc(w, r)
45
55
return
46
56
}
47
57
pdsUrl, ok1 := session.Values[appview.SessionPds].(string)
···
50
60
51
61
if !ok1 || !ok2 || !ok3 {
52
62
log.Println("invalid expiry time", err)
53
-
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
63
+
redirectFunc(w, r)
54
64
return
55
65
}
56
66
···
68
78
atSession, err := comatproto.ServerRefreshSession(r.Context(), &client)
69
79
if err != nil {
70
80
log.Println("failed to refresh session", err)
71
-
http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
81
+
redirectFunc(w, r)
72
82
return
73
83
}
74
84