Readd URL token and cleanup

Fix session values.
2025-07-23 12:51:40 +02:00 · 2023-08-12 09:02:41 +02:00
parent b8273a9b02
commit 19d645f65c
7 changed files with 83 additions and 59 deletions
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -97,26 +97,29 @@ func (auth *Authentication) AuthViaSession(
 	if session.IsNew {
 		return nil, nil
 	}
-
-	var username string
-	var projects, roles []string
-
-	if val, ok := session.Values["username"]; ok {
-		username, _ = val.(string)
-	} else {
-		return nil, errors.New("No key username in session")
-	}
-	if val, ok := session.Values["projects"]; ok {
-		projects, _ = val.([]string)
-	} else {
-		return nil, errors.New("No key projects in session")
-	}
-	if val, ok := session.Values["projects"]; ok {
-		roles, _ = val.([]string)
-	} else {
-		return nil, errors.New("No key roles in session")
-	}
-
+	//
+	// var username string
+	// var projects, roles []string
+	//
+	// if val, ok := session.Values["username"]; ok {
+	// 	username, _ = val.(string)
+	// } else {
+	// 	return nil, errors.New("no key username in session")
+	// }
+	// if val, ok := session.Values["projects"]; ok {
+	// 	projects, _ = val.([]string)
+	// } else {
+	// 	return nil, errors.New("no key projects in session")
+	// }
+	// if val, ok := session.Values["projects"]; ok {
+	// 	roles, _ = val.([]string)
+	// } else {
+	// 	return nil, errors.New("no key roles in session")
+	// }
+	//
+	username, _ := session.Values["username"].(string)
+	projects, _ := session.Values["projects"].([]string)
+	roles, _ := session.Values["roles"].([]string)
 	return &User{
 		Username:   username,
 		Projects:   projects,
@@ -261,6 +264,12 @@ func (auth *Authentication) Auth(
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {

 		user, err := auth.JwtAuth.AuthViaJWT(rw, r)
+		if err != nil {
+			log.Infof("authentication failed: %s", err.Error())
+			http.Error(rw, err.Error(), http.StatusUnauthorized)
+			return
+		}
+
 		if user == nil {
 			user, err = auth.AuthViaSession(rw, r)
 			if err != nil {
@@ -276,7 +285,7 @@ func (auth *Authentication) Auth(
 			return
 		}

-		log.Debug("authentication failed: no authenticator applied")
+		log.Debug("authentication failed")
 		onfailure(rw, r, errors.New("unauthorized (please login first)"))
 	})
 }