miniflux/fever/middleware.go

// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

package fever // import "miniflux.app/v2/fever"

import (
	"context"
	"net/http"

	"miniflux.app/v2/http/request"
	"miniflux.app/v2/http/response/json"
	"miniflux.app/v2/logger"
	"miniflux.app/v2/storage"
)

type middleware struct {
	store *storage.Storage
}

func newMiddleware(s *storage.Storage) *middleware {
	return &middleware{s}
}

func (m *middleware) serve(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		clientIP := request.ClientIP(r)
		apiKey := r.FormValue("api_key")
		if apiKey == "" {
			logger.Info("[Fever] [ClientIP=%s] No API key provided", clientIP)
			json.OK(w, r, newAuthFailureResponse())
			return
		}

		user, err := m.store.UserByFeverToken(apiKey)
		if err != nil {
			logger.Error("[Fever] %v", err)
			json.OK(w, r, newAuthFailureResponse())
			return
		}

		if user == nil {
			logger.Info("[Fever] [ClientIP=%s] No user found with this API key", clientIP)
			json.OK(w, r, newAuthFailureResponse())
			return
		}

		logger.Info("[Fever] [ClientIP=%s] User #%d is authenticated with user agent %q", clientIP, user.ID, r.UserAgent())
		m.store.SetLastLogin(user.ID)

		ctx := r.Context()
		ctx = context.WithValue(ctx, request.UserIDContextKey, user.ID)
		ctx = context.WithValue(ctx, request.UserTimezoneContextKey, user.Timezone)
		ctx = context.WithValue(ctx, request.IsAdminUserContextKey, user.IsAdmin)
		ctx = context.WithValue(ctx, request.IsAuthenticatedContextKey, true)

		next.ServeHTTP(w, r.WithContext(ctx))
	})
}
Replace copyright header with SPDX identifier 2023-06-19 17:42:47 -04:00			`// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.`
			`// SPDX-License-Identifier: Apache-2.0`
Add Fever API 2017-12-03 20:44:27 -05:00
Rename Miniflux package name to follow Go module naming convention For reference: https://go.dev/ref/mod#major-version-suffixes 2023-08-10 00:15:55 -04:00			`package fever // import "miniflux.app/v2/fever"`
Add Fever API 2017-12-03 20:44:27 -05:00
			`import (`
			`"context"`
			`"net/http"`

Rename Miniflux package name to follow Go module naming convention For reference: https://go.dev/ref/mod#major-version-suffixes 2023-08-10 00:15:55 -04:00			`"miniflux.app/v2/http/request"`
			`"miniflux.app/v2/http/response/json"`
			`"miniflux.app/v2/logger"`
			`"miniflux.app/v2/storage"`
Add Fever API 2017-12-03 20:44:27 -05:00			`)`

Move Fever middleware and routes to fever package 2018-11-11 12:52:12 -05:00			`type middleware struct {`
			`store *storage.Storage`
			`}`

			`func newMiddleware(s storage.Storage) middleware {`
			`return &middleware{s}`
			`}`
Improve Fever middleware and handle groupID=0 2018-10-26 22:49:49 -04:00
Move Fever middleware and routes to fever package 2018-11-11 12:52:12 -05:00			`func (m *middleware) serve(next http.Handler) http.Handler {`
Add Fever API 2017-12-03 20:44:27 -05:00			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
Fever API: add client IP in middleware logs 2020-08-09 00:51:52 -04:00			`clientIP := request.ClientIP(r)`
Add Fever API 2017-12-03 20:44:27 -05:00			`apiKey := r.FormValue("api_key")`
Improve Fever middleware and handle groupID=0 2018-10-26 22:49:49 -04:00			`if apiKey == "" {`
Fever API: add client IP in middleware logs 2020-08-09 00:51:52 -04:00			`logger.Info("[Fever] [ClientIP=%s] No API key provided", clientIP)`
Move Fever middleware and routes to fever package 2018-11-11 12:52:12 -05:00			`json.OK(w, r, newAuthFailureResponse())`
Improve Fever middleware and handle groupID=0 2018-10-26 22:49:49 -04:00			`return`
			`}`
Use vanilla HTTP handlers (refactoring) 2018-04-29 19:35:04 -04:00
Use Gorilla middleware (refactoring) 2018-04-27 23:38:46 -04:00			`user, err := m.store.UserByFeverToken(apiKey)`
Add Fever API 2017-12-03 20:44:27 -05:00			`if err != nil {`
Move Fever middleware and routes to fever package 2018-11-11 12:52:12 -05:00			`logger.Error("[Fever] %v", err)`
			`json.OK(w, r, newAuthFailureResponse())`
Add Fever API 2017-12-03 20:44:27 -05:00			`return`
			`}`

			`if user == nil {`
Fever API: add client IP in middleware logs 2020-08-09 00:51:52 -04:00			`logger.Info("[Fever] [ClientIP=%s] No user found with this API key", clientIP)`
Move Fever middleware and routes to fever package 2018-11-11 12:52:12 -05:00			`json.OK(w, r, newAuthFailureResponse())`
Add Fever API 2017-12-03 20:44:27 -05:00			`return`
			`}`

Fever API: add client IP in middleware logs 2020-08-09 00:51:52 -04:00			`logger.Info("[Fever] [ClientIP=%s] User #%d is authenticated with user agent %q", clientIP, user.ID, r.UserAgent())`
Use Gorilla middleware (refactoring) 2018-04-27 23:38:46 -04:00			`m.store.SetLastLogin(user.ID)`
Add Fever API 2017-12-03 20:44:27 -05:00
			`ctx := r.Context()`
Refactor HTTP context handling 2018-09-03 17:26:40 -04:00			`ctx = context.WithValue(ctx, request.UserIDContextKey, user.ID)`
			`ctx = context.WithValue(ctx, request.UserTimezoneContextKey, user.Timezone)`
			`ctx = context.WithValue(ctx, request.IsAdminUserContextKey, user.IsAdmin)`
			`ctx = context.WithValue(ctx, request.IsAuthenticatedContextKey, true)`
Add Fever API 2017-12-03 20:44:27 -05:00
			`next.ServeHTTP(w, r.WithContext(ctx))`
			`})`
			`}`