From 9b7509461340fa977b4f50a746d541bc167ca586 Mon Sep 17 00:00:00 2001 From: Roberto Hidalgo Date: Tue, 3 Jan 2023 22:51:35 -0600 Subject: [PATCH] even furhter sigh --- internal/auth/auth.go | 11 ++++------- internal/server/server.go | 4 +--- internal/server/static/admin.js | 2 ++ 3 files changed, 7 insertions(+), 10 deletions(-) diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 67ada4e..b7e7c14 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -21,14 +21,11 @@ var _db db.Session var _wan *webauthn.WebAuthn var _sess *scs.SessionManager -func Initialize(wan *webauthn.WebAuthn, db db.Session) { - sessionManager := scs.New() - sessionManager.Lifetime = 5 * time.Minute +func Route(wan *webauthn.WebAuthn, db db.Session, router http.Handler) http.Handler { _db = db _wan = wan -} - -func Route(router http.Handler) http.Handler { + _sess = scs.New() + _sess.Lifetime = 5 * time.Minute return _sess.LoadAndSave(router) } @@ -47,7 +44,7 @@ func LoginHandler(w http.ResponseWriter, req *http.Request, ps httprouter.Params password := req.FormValue("password") user := &user.User{} - if err := _db.Get(user, db.Cond{"name": username}); err != nil { + if err := _db.Get(user, db.Cond{"handle": username}); err != nil { err := &errors.InvalidCredentials{Status: http.StatusForbidden, Reason: fmt.Sprintf("User not found for name: %s (%s)", username, err)} err.Log() http.Error(w, err.Error(), err.Code()) diff --git a/internal/server/server.go b/internal/server/server.go index b11abdf..4312f47 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -191,8 +191,6 @@ func Initialize(config *Config) (http.Handler, error) { return nil, err } - auth.Initialize(wan, _db) - serverRoot, err := fs.Sub(staticFiles, "static") if err != nil { log.Fatal(err) @@ -216,7 +214,7 @@ func Initialize(config *Config) (http.Handler, error) { router.POST("/api/user/:id", allowCORS(auth.RequireAdmin(auth.Enforce2FA(updateUser)))) router.DELETE("/api/user/:id", allowCORS(auth.RequireAdmin(auth.Enforce2FA(deleteUser)))) - return auth.Route(router), nil + return auth.Route(wan, _db, router), nil } func renderTemplate(template []byte) httprouter.Handle { diff --git a/internal/server/static/admin.js b/internal/server/static/admin.js index 426327f..b0b9057 100644 --- a/internal/server/static/admin.js +++ b/internal/server/static/admin.js @@ -1,3 +1,5 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright © 2022 Roberto Hidalgo import * as webauthn from "./webauthn.js" const host = document.location.protocol + "//" + document.location.host