55 lines
1.4 KiB
Go
55 lines
1.4 KiB
Go
package serve
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.sunturtle.xyz/studio/shotgun/player"
|
|
)
|
|
|
|
type ctxKey[T any] struct{}
|
|
|
|
func value[T any](ctx context.Context) T {
|
|
r, _ := ctx.Value(ctxKey[T]{}).(T)
|
|
return r
|
|
}
|
|
|
|
func with[T any](ctx context.Context, v T) context.Context {
|
|
return context.WithValue(ctx, ctxKey[T]{}, v)
|
|
}
|
|
|
|
const sessionCookie = "__Host-id-v1"
|
|
|
|
// WithPlayerID is a middleware that adds a player ID to the request context
|
|
// based on the session cookie content. If there is no such cookie, or its
|
|
// value is invalid, the request fails with a 403 error.
|
|
func WithPlayerID(sessions player.RowQuerier) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
c, err := r.Cookie(sessionCookie)
|
|
if err != nil {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
id, err := player.ParseSession(c.Value)
|
|
if err != nil {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
p, err := player.FromSession(r.Context(), sessions, id, time.Now())
|
|
if err != nil {
|
|
http.Error(w, "Forbidden", http.StatusForbidden)
|
|
return
|
|
}
|
|
ctx := with(r.Context(), p)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
})
|
|
}
|
|
}
|
|
|
|
// Player returns the player ID set by WithPlayerID in the request context.
|
|
func PlayerID(ctx context.Context) player.ID {
|
|
return value[player.ID](ctx)
|
|
}
|