update schema

.gitignore

@@ -22,6 +22,7 @@ go.work
 
 sessions
 certs
+sslcerts
 
 *.env
 *.env.example

database/migrations/atlas.sum

@@ -1,2 +1,2 @@
-h1:Cm7vJ3GAMEEH7A63yih9zeu5Y7sCROVWxSu+3wYTmLo=
-schema.sql h1:oJuP4yJdNOdfTD8ekIQIDeGYuCxoVTdUDsp66sVye1c=
+h1:zrLeo6SFfYzfnY454gOuslG0TAveXl4Fg0Z1DmXMADI=
+schema.sql h1:UdvfNm4Fb8bC67XsF6HBuxhRZNTgUAf4fwpgrm2GY3k=

database/migrations/schema.sql

@@ -145,11 +145,12 @@ end;
 $$;
 
 create or replace
-procedure update_folder(
-folder_id text,
+function teldrive.update_folder(folder_id text,
 new_name text default null,
-new_path text default null
-) language plpgsql as $$
+new_path text default null)
+ returns setof teldrive.files
+ language plpgsql
+as $$
 declare folder record;
 
 path_items text [];
@@ -199,17 +200,24 @@ where
 	folder.name)
 );
 end loop;
-select * from teldrive.files where id = folder_id;
+
+return query
+select
+	*
+from
+	teldrive.files
+where
+	id = folder_id;
 end;
 
-$$;
+$$
+;
 
 create or replace
-procedure delete_files(file_ids text[],
-op text default 'bulk')
-    language plpgsql
-    as
-    $$
+procedure teldrive.delete_files(in file_ids text[],
+in op text default 'bulk')
+ language plpgsql
+as $$
     declare 
     rec record;
 
@@ -274,7 +282,8 @@ end loop;
 end if;
 end;
 
-$$;
+$$
+;
 
 create collation if not exists numeric (provider = icu, locale = 'en@colnumeric=yes');
 

main.go

@@ -53,7 +53,12 @@ func main() {
 
 	routes.GetRoutes(router)
 
-	//router.RunTLS(":8080", "./certs/cert.pem", "./certs/key.pem")
+	ok, _ := utils.PathExists("./sslcerts")
+	config := utils.GetConfig()
+	if ok && config.Https {
+		router.RunTLS(":8080", "./sslcerts/cert.pem", "./sslcerts/key.pem")
+	} else {
+		router.Run(":8080")
+	}
 	scheduler.StartAsync()
-	router.Run(":8080")
 }

routes/middleware.go

@@ -15,6 +15,8 @@ func Authmiddleware(c *gin.Context) {
 
 	if err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": "missing session cookie"})
+		c.Abort()
+		return
 	}
 
 	now := time.Now().UTC()
@@ -23,10 +25,14 @@ func Authmiddleware(c *gin.Context) {
 
 	if err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		c.Abort()
+		return
 	}
 
 	if *jwePayload.Expiry < *jwt.NewNumericDate(now) {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": "token expired"})
+		c.Abort()
+		return
 	}
 
 	c.Set("jwtUser", jwePayload)

services/auth.service.go

@@ -87,10 +87,9 @@ func generateTgSession(dcID int, authKey []byte, port int) string {
 }
 
 func GetUserSessionCookieName(c *gin.Context) string {
-
-	isHttps := c.Request.URL.Scheme == "https"
+	config := utils.GetConfig()
 	var cookieName string
-	if isHttps {
+	if config.Https {
 		cookieName = "__Secure-user-session"
 	} else {
 		cookieName = "user-session"
@@ -99,6 +98,19 @@ func GetUserSessionCookieName(c *gin.Context) string {
 	return cookieName
 }
 
+func setCookie(c *gin.Context, key string, value string, age int) {
+
+	config := utils.GetConfig()
+
+	if config.CookieSameSite {
+		c.SetSameSite(2)
+	} else {
+		c.SetSameSite(4)
+	}
+	c.SetCookie(key, value, age, "/", c.Request.Host, config.Https, true)
+
+}
+
 func (as *AuthService) LogIn(c *gin.Context) (*schemas.Message, *types.AppError) {
 	var session types.TgSession
 	if err := c.ShouldBindJSON(&session); err != nil {
@@ -161,10 +173,7 @@ func (as *AuthService) LogIn(c *gin.Context) (*schemas.Message, *types.AppError)
 			return nil, &types.AppError{Error: errors.New("failed to create or update user"), Code: http.StatusInternalServerError}
 		}
 	}
-
-	isHttps := c.Request.URL.Scheme == "https"
-	c.SetSameSite(2)
-	c.SetCookie(GetUserSessionCookieName(c), jweToken, as.SessionMaxAge, "/", c.Request.Host, isHttps, true)
+	setCookie(c, GetUserSessionCookieName(c), jweToken, as.SessionMaxAge)
 	return &schemas.Message{Status: true, Message: "login success"}, nil
 }
 
@@ -197,9 +206,7 @@ func (as *AuthService) GetSession(c *gin.Context) *types.Session {
 	if err != nil {
 		return nil
 	}
-	isHttps := c.Request.URL.Scheme == "https"
-	c.SetSameSite(2)
-	c.SetCookie(GetUserSessionCookieName(c), jweToken, as.SessionMaxAge, "/", c.Request.Host, isHttps, true)
+	setCookie(c, GetUserSessionCookieName(c), jweToken, as.SessionMaxAge)
 	return session
 }
 
@@ -215,9 +222,7 @@ func (as *AuthService) Logout(c *gin.Context) (*schemas.Message, *types.AppError
 
 	tgClient.Tg.API().AuthLogOut(c)
 	utils.StopClient(stop, userId)
-	isHttps := c.Request.URL.Scheme == "https"
-	c.SetSameSite(2)
-	c.SetCookie(GetUserSessionCookieName(c), "", -1, "/", c.Request.Host, isHttps, true)
+	setCookie(c, GetUserSessionCookieName(c), "", -1)
 	return &schemas.Message{Status: true, Message: "logout success"}, nil
 }
 

utils/config.go

@@ -7,12 +7,14 @@ import (
 type MultiToken string
 
 type Config struct {
-	AppId       int    `envconfig:"APP_ID" required:"true"`
-	AppHash     string `envconfig:"APP_HASH" required:"true"`
-	ChannelID   int64  `envconfig:"CHANNEL_ID" required:"true"`
-	JwtSecret   string `envconfig:"JWT_SECRET" required:"true"`
-	MultiClient bool   `envconfig:"MULTI_CLIENT" default:"false"`
-	DatabaseUrl string `envconfig:"DATABASE_URL" required:"true"`
+	AppId          int    `envconfig:"APP_ID" required:"true"`
+	AppHash        string `envconfig:"APP_HASH" required:"true"`
+	ChannelID      int64  `envconfig:"CHANNEL_ID" required:"true"`
+	JwtSecret      string `envconfig:"JWT_SECRET" required:"true"`
+	MultiClient    bool   `envconfig:"MULTI_CLIENT" default:"false"`
+	Https          bool   `envconfig:"HTTPS" default:"false"`
+	CookieSameSite bool   `envconfig:"COOKIE_SAME_SITE" default:"true"`
+	DatabaseUrl    string `envconfig:"DATABASE_URL" required:"true"`
 }
 
 var config Config

utils/main.go

@@ -3,6 +3,7 @@ package utils
 import (
 	"context"
 	"fmt"
+	"os"
 	"regexp"
 	"strings"
 	"time"
@@ -89,3 +90,14 @@ func BoolPointer(b bool) *bool {
 func IntPointer(b int) *int {
 	return &b
 }
+
+func PathExists(path string) (bool, error) {
+	_, err := os.Stat(path)
+	if err == nil {
+		return true, nil
+	}
+	if os.IsNotExist(err) {
+		return false, nil
+	}
+	return false, err
+}