From b0f280afaca0f657b7fa49552b1ec51d05d4f75c Mon Sep 17 00:00:00 2001 From: garrettladley Date: Wed, 12 Jun 2024 20:26:44 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=9D=20feat:=20auth=20updates=20for=20r?= =?UTF-8?q?eact=20native?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/entities/auth/base/handlers.go | 20 +------------------ .../integrations/oauth/soth/sothic/sothic.go | 4 +++- backend/middleware/auth/authorize.go | 15 +++----------- backend/middleware/auth/club.go | 13 +++--------- backend/middleware/auth/event.go | 14 +++---------- backend/middleware/auth/user.go | 14 +++---------- 6 files changed, 16 insertions(+), 64 deletions(-) diff --git a/backend/entities/auth/base/handlers.go b/backend/entities/auth/base/handlers.go index 8402fa43..b5e39179 100644 --- a/backend/entities/auth/base/handlers.go +++ b/backend/entities/auth/base/handlers.go @@ -4,8 +4,6 @@ import ( "context" "log/slog" "net/http" - "net/url" - "time" "github.com/GenerateNU/sac/backend/integrations/oauth/soth" "github.com/GenerateNU/sac/backend/integrations/oauth/soth/sothic" @@ -72,17 +70,6 @@ func (h *Handler) Provider(c *fiber.Ctx) error { } func (h *Handler) ProviderCallback(c *fiber.Ctx) error { - defer func() { - c.Cookie(&fiber.Cookie{ - Name: "redirect", - Value: "", - Expires: time.Now().Add(-1 * time.Hour), // expire the cookie immediately - // MARK: secure should be true in prod - // use go build tags to do this - HTTPOnly: true, - }) - }() - gfUser, err := sothic.CompleteUserAuth(c) if err != nil { return err @@ -102,12 +89,7 @@ func (h *Handler) ProviderCallback(c *fiber.Ctx) error { return err } - redirect, err := url.PathUnescape(c.Cookies("redirect", "/")) - if err != nil { - return err - } - - return c.Redirect(redirect) + return c.SendStatus(http.StatusOK) } func (h *Handler) ProviderLogout(c *fiber.Ctx) error { diff --git a/backend/integrations/oauth/soth/sothic/sothic.go b/backend/integrations/oauth/soth/sothic/sothic.go index 92a03d21..c375c3a3 100644 --- a/backend/integrations/oauth/soth/sothic/sothic.go +++ b/backend/integrations/oauth/soth/sothic/sothic.go @@ -9,6 +9,7 @@ import ( "fmt" "io" "log/slog" + "net/http" "net/url" "strings" @@ -72,7 +73,8 @@ func BeginAuthHandler(c *fiber.Ctx) error { return c.Status(fiber.StatusBadRequest).SendString(err.Error()) } - return c.Redirect(url, fiber.StatusTemporaryRedirect) + c.Set("redirect", url) + return c.SendStatus(http.StatusOK) } // SetState sets the state string associated with the given request. diff --git a/backend/middleware/auth/authorize.go b/backend/middleware/auth/authorize.go index c78a3a12..fa791251 100644 --- a/backend/middleware/auth/authorize.go +++ b/backend/middleware/auth/authorize.go @@ -1,9 +1,8 @@ package auth import ( - "net/url" + "net/http" "slices" - "time" "github.com/GenerateNU/sac/backend/entities/models" "github.com/GenerateNU/sac/backend/integrations/oauth/soth/sothic" @@ -18,16 +17,8 @@ func (m *AuthMiddlewareHandler) Authorize(requiredPermissions ...permission.Perm return func(c *fiber.Ctx) error { strUser, err := sothic.GetFromSession("user", c) if err != nil { - c.Cookie(&fiber.Cookie{ - Name: "redirect", - Value: url.PathEscape(c.OriginalURL()), - Expires: time.Now().Add(5 * time.Minute), - // MARK: secure should be true in prod - // use go build tags to do this - HTTPOnly: true, - }) - - return c.Redirect("/api/v1/auth/login") + c.Set("redirect", "/api/v1/auth/login") + return c.SendStatus(http.StatusUnauthorized) } user := models.UnmarshalUser(strUser) diff --git a/backend/middleware/auth/club.go b/backend/middleware/auth/club.go index 54d42980..883132cc 100644 --- a/backend/middleware/auth/club.go +++ b/backend/middleware/auth/club.go @@ -1,8 +1,8 @@ package auth import ( + "net/http" "slices" - "time" "github.com/GenerateNU/sac/backend/entities/clubs" "github.com/GenerateNU/sac/backend/entities/models" @@ -16,15 +16,8 @@ import ( func (m *AuthMiddlewareHandler) ClubAuthorizeById(c *fiber.Ctx, extractor ExtractID) error { strUser, err := sothic.GetFromSession("user", c) if err != nil { - c.Cookie(&fiber.Cookie{ - Name: "redirect", - Value: c.OriginalURL(), - Expires: time.Now().Add(5 * time.Minute), - // MARK: secure should be true in prod - // use go build tags to do this - HTTPOnly: true, - }) - return c.Redirect("/api/v1/auth/login") + c.Set("redirect", "/api/v1/auth/login") + return c.SendStatus(http.StatusUnauthorized) } user := models.UnmarshalUser(strUser) diff --git a/backend/middleware/auth/event.go b/backend/middleware/auth/event.go index 61945493..d4740bb4 100644 --- a/backend/middleware/auth/event.go +++ b/backend/middleware/auth/event.go @@ -1,8 +1,8 @@ package auth import ( + "net/http" "slices" - "time" "github.com/GenerateNU/sac/backend/entities/events" "github.com/GenerateNU/sac/backend/entities/models" @@ -17,16 +17,8 @@ import ( func (m *AuthMiddlewareHandler) EventAuthorizeById(c *fiber.Ctx, extractor ExtractID) error { strUser, err := sothic.GetFromSession("user", c) if err != nil { - c.Cookie(&fiber.Cookie{ - Name: "redirect", - Value: c.OriginalURL(), - Expires: time.Now().Add(5 * time.Minute), - // MARK: secure should be true in prod - // use go build tags to do this - HTTPOnly: true, - }) - - return c.Redirect("/api/v1/auth/login") + c.Set("redirect", "/api/v1/auth/login") + return c.SendStatus(http.StatusUnauthorized) } user := models.UnmarshalUser(strUser) diff --git a/backend/middleware/auth/user.go b/backend/middleware/auth/user.go index c9ab0107..fd5ee727 100644 --- a/backend/middleware/auth/user.go +++ b/backend/middleware/auth/user.go @@ -1,7 +1,7 @@ package auth import ( - "time" + "net/http" "github.com/GenerateNU/sac/backend/entities/models" "github.com/GenerateNU/sac/backend/integrations/oauth/soth/sothic" @@ -13,16 +13,8 @@ import ( func (m *AuthMiddlewareHandler) UserAuthorizeById(c *fiber.Ctx) error { strUser, err := sothic.GetFromSession("user", c) if err != nil { - c.Cookie(&fiber.Cookie{ - Name: "redirect", - Value: c.OriginalURL(), - Expires: time.Now().Add(5 * time.Minute), - // MARK: secure should be true in prod - // use go build tags to do this - HTTPOnly: true, - }) - - return c.Redirect("/api/v1/auth/login") + c.Set("redirect", "/api/v1/auth/login") + return c.SendStatus(http.StatusUnauthorized) } user := models.UnmarshalUser(strUser)