Fix existing auth_token check and comment fixes
This commit is contained in:
parent
007830ab33
commit
03bab76650
@ -22,7 +22,7 @@ type User struct {
|
|||||||
UpdatedAt string
|
UpdatedAt string
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetCurrentUser finds the currently logged in user by session cookie
|
// GetCurrentUser finds the currently logged-in user by session cookie
|
||||||
func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
|
func GetCurrentUser(app *app.App, r *http.Request) (User, error) {
|
||||||
cookie, err := r.Cookie("session")
|
cookie, err := r.Cookie("session")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -132,22 +132,22 @@ func createSessionCookie(app *app.App, w http.ResponseWriter, username string) (
|
|||||||
str := hex.EncodeToString(buff)
|
str := hex.EncodeToString(buff)
|
||||||
token := str[:64]
|
token := str[:64]
|
||||||
|
|
||||||
// Ensure no duplicate tokens exist in database
|
// If the auth_token column for any user matches the token, set existingAuthToken to true
|
||||||
var count int
|
var existingAuthToken bool
|
||||||
err = app.Db.QueryRow("SELECT COUNT(*) FROM sessions WHERE session = $1", token).Scan(&count)
|
err = app.Db.QueryRow("SELECT EXISTS(SELECT 1 FROM users WHERE auth_token = $1)", token).Scan(&existingAuthToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println("Error querying sessions table for duplicate token")
|
log.Println("Error checking for existing auth token")
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
// If duplicate token found, recursively call function until unique token is generated
|
// If duplicate token found, recursively call function until unique token is generated
|
||||||
if count > 0 {
|
if existingAuthToken == true {
|
||||||
log.Println("Duplicate token found in sessions table")
|
log.Println("Duplicate token found in sessions table")
|
||||||
return createSessionCookie(app, w, username)
|
return createSessionCookie(app, w, username)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Store token in auth_token column of users table
|
// Store token in auth_token column of the users table
|
||||||
sqlStatement := "UPDATE users SET auth_token = $1 WHERE username = $2"
|
sqlStatement := "UPDATE users SET auth_token = $1 WHERE username = $2"
|
||||||
_, err = app.Db.Exec(sqlStatement, token, username)
|
_, err = app.Db.Exec(sqlStatement, token, username)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user