From 911c9b79937a82bd4574972fa24f45f5cb922092 Mon Sep 17 00:00:00 2001 From: r Date: Wed, 4 Mar 2020 15:59:59 +0000 Subject: [PATCH] Remove session details on signout --- go.mod | 2 ++ model/session.go | 1 + repo/sessionRepo.go | 5 +++++ service/auth.go | 13 +++++++++++++ service/logging.go | 8 ++++++++ service/service.go | 6 ++++++ service/transport.go | 8 ++++++-- static/style.css | 4 ++++ templates/nav.tmpl | 5 ++++- 9 files changed, 49 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6c5c642..508d0be 100644 --- a/go.mod +++ b/go.mod @@ -4,3 +4,5 @@ require ( github.com/gorilla/mux v1.7.3 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 ) + +go 1.13 diff --git a/model/session.go b/model/session.go index c18225c..5ff079b 100644 --- a/model/session.go +++ b/model/session.go @@ -20,6 +20,7 @@ type Session struct { type SessionRepo interface { Add(session Session) (err error) Get(sessionID string) (session Session, err error) + Remove(sessionID string) } func (s Session) IsLoggedIn() bool { diff --git a/repo/sessionRepo.go b/repo/sessionRepo.go index ce923b1..15e3d31 100644 --- a/repo/sessionRepo.go +++ b/repo/sessionRepo.go @@ -40,3 +40,8 @@ func (repo *sessionRepo) Get(id string) (s model.Session, err error) { return } + +func (repo *sessionRepo) Remove(id string) { + repo.db.Remove(id) + return +} diff --git a/service/auth.go b/service/auth.go index 9e6f709..7fd238b 100644 --- a/service/auth.go +++ b/service/auth.go @@ -204,6 +204,19 @@ func (s *as) Signin(ctx context.Context, c *model.Client, sessionID string, return } +func (s *as) Signout(ctx context.Context, c *model.Client) (err error) { + err = s.authenticateClient(ctx, c) + if err != nil { + return + } + err = checkCSRF(ctx, c) + if err != nil { + return + } + s.Service.Signout(ctx, c) + return +} + func (s *as) Post(ctx context.Context, c *model.Client, content string, replyToID string, format string, visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error) { diff --git a/service/logging.go b/service/logging.go index 795f329..2955959 100644 --- a/service/logging.go +++ b/service/logging.go @@ -162,6 +162,14 @@ func (s *ls) Signin(ctx context.Context, c *model.Client, sessionID string, return s.Service.Signin(ctx, c, sessionID, code) } +func (s *ls) Signout(ctx context.Context, c *model.Client) (err error) { + defer func(begin time.Time) { + s.logger.Printf("method=%v, took=%v, err=%v\n", + "Signout", time.Since(begin), err) + }(time.Now()) + return s.Service.Signout(ctx, c) +} + func (s *ls) Post(ctx context.Context, c *model.Client, content string, replyToID string, format string, visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error) { diff --git a/service/service.go b/service/service.go index e81e007..b039849 100644 --- a/service/service.go +++ b/service/service.go @@ -38,6 +38,7 @@ type Service interface { NewSession(ctx context.Context, instance string) (redirectUrl string, sessionID string, err error) Signin(ctx context.Context, c *model.Client, sessionID string, code string) (token string, userID string, err error) + Signout(ctx context.Context, c *model.Client) (err error) Post(ctx context.Context, c *model.Client, content string, replyToID string, format string, visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error) Like(ctx context.Context, c *model.Client, id string) (count int64, err error) @@ -722,6 +723,11 @@ func (svc *service) Signin(ctx context.Context, c *model.Client, return } +func (svc *service) Signout(ctx context.Context, c *model.Client) (err error) { + svc.sessionRepo.Remove(c.Session.ID) + return +} + func (svc *service) Post(ctx context.Context, c *model.Client, content string, replyToID string, format string, visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error) { diff --git a/service/transport.go b/service/transport.go index 48e2ee2..6540333 100644 --- a/service/transport.go +++ b/service/transport.go @@ -646,12 +646,16 @@ func NewHandler(s Service, staticDir string) http.Handler { } signout := func(w http.ResponseWriter, req *http.Request) { - // TODO remove session from database + c := newClient(w) + ctx := newCtxWithSesionCSRF(req, req.FormValue("csrf_token")) + + s.Signout(ctx, c) http.SetCookie(w, &http.Cookie{ Name: "session_id", Value: "", Expires: time.Now(), }) + w.Header().Add("Location", "/") w.WriteHeader(http.StatusFound) } @@ -763,7 +767,7 @@ func NewHandler(s Service, staticDir string) http.Handler { r.HandleFunc("/unmuteconv/{id}", unMuteConversation).Methods(http.MethodPost) r.HandleFunc("/delete/{id}", delete).Methods(http.MethodPost) r.HandleFunc("/notifications/read", readNotifications).Methods(http.MethodPost) - r.HandleFunc("/signout", signout).Methods(http.MethodGet) + r.HandleFunc("/signout", signout).Methods(http.MethodPost) r.HandleFunc("/fluoride/like/{id}", fLike).Methods(http.MethodPost) r.HandleFunc("/fluoride/unlike/{id}", fUnlike).Methods(http.MethodPost) r.HandleFunc("/fluoride/retweet/{id}", fRetweet).Methods(http.MethodPost) diff --git a/static/style.css b/static/style.css index 83250af..26b8d46 100644 --- a/static/style.css +++ b/static/style.css @@ -477,6 +477,10 @@ a:hover, margin: 12px 0; } +.signout { + display: inline; +} + .dark { background-color: #222222; background-image: none; diff --git a/templates/nav.tmpl b/templates/nav.tmpl index 8922ba7..3386a7b 100644 --- a/templates/nav.tmpl +++ b/templates/nav.tmpl @@ -23,7 +23,10 @@
settings - sign out +
+ + +