package handlers import ( "context" "database/sql" "html/template" "log" "net/http" "github.com/gorilla/sessions" ) type PageData struct { Title string Navbar string LoggedIn bool ShowCookieBanner bool BasePath string StaticPath string CurrentURL string } type Config struct { DomainName string `json:"domain_name"` ThreadrDir string `json:"threadr_dir"` DBUsername string `json:"db_username"` DBPassword string `json:"db_password"` DBDatabase string `json:"db_database"` DBServerHost string `json:"db_svr_host"` FileStorageDir string `json:"file_storage_dir"` } type App struct { DB *sql.DB Store *sessions.CookieStore Config *Config Tmpl *template.Template } func (app *App) SessionMW(next http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { session, err := app.Store.Get(r, "session-name") if err != nil { session = sessions.NewSession(app.Store, "session-name") session.Options = &sessions.Options{ Path: "/", MaxAge: 86400 * 30, // 30 days HttpOnly: true, } } ctx := context.WithValue(r.Context(), "session", session) r = r.WithContext(ctx) next(w, r) if err := session.Save(r, w); err != nil { /* Ok, so here's the thing Errors coming from this function here "can" be ignored. They mostly come from errors while setting cookies, so in some environments this will trigger a lot, but they are harmless. */ log.Printf("Error saving session in SessionMW: %v", err) } } } func (app *App) RequireLoginMW(next http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*sessions.Session) if _, ok := session.Values["user_id"].(int); !ok { http.Redirect(w, r, app.Config.ThreadrDir+"/login/?error=session", http.StatusFound) return } next(w, r) } }