diff --git a/internal/config/config.go b/internal/config/config.go index 920288d..ad6f25f 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -127,18 +127,6 @@ type UserSearch struct { Type string // local, ldap or unknown } -type SessionCookie struct { - UUID string - Username string - Name string - Email string - Provider string - TotpPending bool - OAuthGroups string - OAuthName string - OAuthSub string -} - type UserContext struct { Username string Name string @@ -151,6 +139,7 @@ type UserContext struct { TotpEnabled bool OAuthName string OAuthSub string + LdapGroups string } // API responses and queries diff --git a/internal/controller/oauth_controller.go b/internal/controller/oauth_controller.go index 3635e85..3b62669 100644 --- a/internal/controller/oauth_controller.go +++ b/internal/controller/oauth_controller.go @@ -7,6 +7,7 @@ import ( "time" "github.com/steveiliop56/tinyauth/internal/config" + "github.com/steveiliop56/tinyauth/internal/repository" "github.com/steveiliop56/tinyauth/internal/service" "github.com/steveiliop56/tinyauth/internal/utils" @@ -190,7 +191,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) { username = strings.Replace(user.Email, "@", "_", -1) } - sessionCookie := config.SessionCookie{ + sessionCookie := repository.Session{ Username: username, Name: name, Email: user.Email, diff --git a/internal/controller/proxy_controller_test.go b/internal/controller/proxy_controller_test.go index 57711fc..8a196e7 100644 --- a/internal/controller/proxy_controller_test.go +++ b/internal/controller/proxy_controller_test.go @@ -140,7 +140,7 @@ func TestProxyHandler(t *testing.T) { // Test logged in user c := gin.CreateTestContextOnly(recorder, router) - err := authService.CreateSessionCookie(c, &config.SessionCookie{ + err := authService.CreateSessionCookie(c, &repository.Session{ Username: "testuser", Name: "testuser", Email: "testuser@example.com", diff --git a/internal/controller/user_controller.go b/internal/controller/user_controller.go index 5670dd2..8d32681 100644 --- a/internal/controller/user_controller.go +++ b/internal/controller/user_controller.go @@ -5,7 +5,7 @@ import ( "strings" "time" - "github.com/steveiliop56/tinyauth/internal/config" + "github.com/steveiliop56/tinyauth/internal/repository" "github.com/steveiliop56/tinyauth/internal/service" "github.com/steveiliop56/tinyauth/internal/utils" @@ -108,7 +108,7 @@ func (controller *UserController) loginHandler(c *gin.Context) { if user.TotpSecret != "" { log.Debug().Str("username", req.Username).Msg("User has TOTP enabled, requiring TOTP verification") - err := controller.auth.CreateSessionCookie(c, &config.SessionCookie{ + err := controller.auth.CreateSessionCookie(c, &repository.Session{ Username: user.Username, Name: utils.Capitalize(req.Username), Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.config.CookieDomain), @@ -134,7 +134,7 @@ func (controller *UserController) loginHandler(c *gin.Context) { } } - sessionCookie := config.SessionCookie{ + sessionCookie := repository.Session{ Username: req.Username, Name: utils.Capitalize(req.Username), Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.config.CookieDomain), @@ -237,7 +237,7 @@ func (controller *UserController) totpHandler(c *gin.Context) { controller.auth.RecordLoginAttempt(context.Username, true) - sessionCookie := config.SessionCookie{ + sessionCookie := repository.Session{ Username: user.Username, Name: utils.Capitalize(user.Username), Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.config.CookieDomain), diff --git a/internal/service/auth_service.go b/internal/service/auth_service.go index 6d829c6..cb93c92 100644 --- a/internal/service/auth_service.go +++ b/internal/service/auth_service.go @@ -190,7 +190,7 @@ func (auth *AuthService) IsEmailWhitelisted(email string) bool { return utils.CheckFilter(strings.Join(auth.config.OauthWhitelist, ","), email) } -func (auth *AuthService) CreateSessionCookie(c *gin.Context, data *config.SessionCookie) error { +func (auth *AuthService) CreateSessionCookie(c *gin.Context, data *repository.Session) error { uuid, err := uuid.NewRandom() if err != nil { @@ -300,20 +300,20 @@ func (auth *AuthService) DeleteSessionCookie(c *gin.Context) error { return nil } -func (auth *AuthService) GetSessionCookie(c *gin.Context) (config.SessionCookie, error) { +func (auth *AuthService) GetSessionCookie(c *gin.Context) (repository.Session, error) { cookie, err := c.Cookie(auth.config.SessionCookieName) if err != nil { - return config.SessionCookie{}, err + return repository.Session{}, err } session, err := auth.queries.GetSession(c, cookie) if err != nil { if errors.Is(err, sql.ErrNoRows) { - return config.SessionCookie{}, fmt.Errorf("session not found") + return repository.Session{}, fmt.Errorf("session not found") } - return config.SessionCookie{}, err + return repository.Session{}, err } currentTime := time.Now().Unix() @@ -324,7 +324,7 @@ func (auth *AuthService) GetSessionCookie(c *gin.Context) (config.SessionCookie, if err != nil { log.Error().Err(err).Msg("Failed to delete session exceeding max lifetime") } - return config.SessionCookie{}, fmt.Errorf("session expired due to max lifetime exceeded") + return repository.Session{}, fmt.Errorf("session expired due to max lifetime exceeded") } } @@ -333,10 +333,10 @@ func (auth *AuthService) GetSessionCookie(c *gin.Context) (config.SessionCookie, if err != nil { log.Error().Err(err).Msg("Failed to delete expired session") } - return config.SessionCookie{}, fmt.Errorf("session expired") + return repository.Session{}, fmt.Errorf("session expired") } - return config.SessionCookie{ + return repository.Session{ UUID: session.UUID, Username: session.Username, Email: session.Email,