diff --git a/.gitignore b/.gitignore index 1d42a2f..9261e20 100644 --- a/.gitignore +++ b/.gitignore @@ -22,6 +22,7 @@ go.work sessions certs +sslcerts *.env *.env.example diff --git a/database/migrations/atlas.sum b/database/migrations/atlas.sum index b944221..38fc71e 100644 --- a/database/migrations/atlas.sum +++ b/database/migrations/atlas.sum @@ -1,2 +1,2 @@ -h1:Cm7vJ3GAMEEH7A63yih9zeu5Y7sCROVWxSu+3wYTmLo= -schema.sql h1:oJuP4yJdNOdfTD8ekIQIDeGYuCxoVTdUDsp66sVye1c= +h1:zrLeo6SFfYzfnY454gOuslG0TAveXl4Fg0Z1DmXMADI= +schema.sql h1:UdvfNm4Fb8bC67XsF6HBuxhRZNTgUAf4fwpgrm2GY3k= diff --git a/database/migrations/schema.sql b/database/migrations/schema.sql index e0fd60e..9b8d16f 100644 --- a/database/migrations/schema.sql +++ b/database/migrations/schema.sql @@ -145,11 +145,12 @@ end; $$; create or replace -procedure update_folder( -folder_id text, +function teldrive.update_folder(folder_id text, new_name text default null, -new_path text default null -) language plpgsql as $$ +new_path text default null) + returns setof teldrive.files + language plpgsql +as $$ declare folder record; path_items text []; @@ -199,17 +200,24 @@ where folder.name) ); end loop; -select * from teldrive.files where id = folder_id; + +return query +select + * +from + teldrive.files +where + id = folder_id; end; -$$; +$$ +; create or replace -procedure delete_files(file_ids text[], -op text default 'bulk') - language plpgsql - as - $$ +procedure teldrive.delete_files(in file_ids text[], +in op text default 'bulk') + language plpgsql +as $$ declare rec record; @@ -274,7 +282,8 @@ end loop; end if; end; -$$; +$$ +; create collation if not exists numeric (provider = icu, locale = 'en@colnumeric=yes'); diff --git a/main.go b/main.go index 9d462f4..a8aa9a3 100644 --- a/main.go +++ b/main.go @@ -53,7 +53,12 @@ func main() { routes.GetRoutes(router) - //router.RunTLS(":8080", "./certs/cert.pem", "./certs/key.pem") + ok, _ := utils.PathExists("./sslcerts") + config := utils.GetConfig() + if ok && config.Https { + router.RunTLS(":8080", "./sslcerts/cert.pem", "./sslcerts/key.pem") + } else { + router.Run(":8080") + } scheduler.StartAsync() - router.Run(":8080") } diff --git a/routes/middleware.go b/routes/middleware.go index d14f162..50d737d 100644 --- a/routes/middleware.go +++ b/routes/middleware.go @@ -15,6 +15,8 @@ func Authmiddleware(c *gin.Context) { if err != nil { c.JSON(http.StatusUnauthorized, gin.H{"error": "missing session cookie"}) + c.Abort() + return } now := time.Now().UTC() @@ -23,10 +25,14 @@ func Authmiddleware(c *gin.Context) { if err != nil { c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()}) + c.Abort() + return } if *jwePayload.Expiry < *jwt.NewNumericDate(now) { c.JSON(http.StatusUnauthorized, gin.H{"error": "token expired"}) + c.Abort() + return } c.Set("jwtUser", jwePayload) diff --git a/services/auth.service.go b/services/auth.service.go index c58415f..8359d5e 100644 --- a/services/auth.service.go +++ b/services/auth.service.go @@ -87,10 +87,9 @@ func generateTgSession(dcID int, authKey []byte, port int) string { } func GetUserSessionCookieName(c *gin.Context) string { - - isHttps := c.Request.URL.Scheme == "https" + config := utils.GetConfig() var cookieName string - if isHttps { + if config.Https { cookieName = "__Secure-user-session" } else { cookieName = "user-session" @@ -99,6 +98,19 @@ func GetUserSessionCookieName(c *gin.Context) string { return cookieName } +func setCookie(c *gin.Context, key string, value string, age int) { + + config := utils.GetConfig() + + if config.CookieSameSite { + c.SetSameSite(2) + } else { + c.SetSameSite(4) + } + c.SetCookie(key, value, age, "/", c.Request.Host, config.Https, true) + +} + func (as *AuthService) LogIn(c *gin.Context) (*schemas.Message, *types.AppError) { var session types.TgSession if err := c.ShouldBindJSON(&session); err != nil { @@ -161,10 +173,7 @@ func (as *AuthService) LogIn(c *gin.Context) (*schemas.Message, *types.AppError) return nil, &types.AppError{Error: errors.New("failed to create or update user"), Code: http.StatusInternalServerError} } } - - isHttps := c.Request.URL.Scheme == "https" - c.SetSameSite(2) - c.SetCookie(GetUserSessionCookieName(c), jweToken, as.SessionMaxAge, "/", c.Request.Host, isHttps, true) + setCookie(c, GetUserSessionCookieName(c), jweToken, as.SessionMaxAge) return &schemas.Message{Status: true, Message: "login success"}, nil } @@ -197,9 +206,7 @@ func (as *AuthService) GetSession(c *gin.Context) *types.Session { if err != nil { return nil } - isHttps := c.Request.URL.Scheme == "https" - c.SetSameSite(2) - c.SetCookie(GetUserSessionCookieName(c), jweToken, as.SessionMaxAge, "/", c.Request.Host, isHttps, true) + setCookie(c, GetUserSessionCookieName(c), jweToken, as.SessionMaxAge) return session } @@ -215,9 +222,7 @@ func (as *AuthService) Logout(c *gin.Context) (*schemas.Message, *types.AppError tgClient.Tg.API().AuthLogOut(c) utils.StopClient(stop, userId) - isHttps := c.Request.URL.Scheme == "https" - c.SetSameSite(2) - c.SetCookie(GetUserSessionCookieName(c), "", -1, "/", c.Request.Host, isHttps, true) + setCookie(c, GetUserSessionCookieName(c), "", -1) return &schemas.Message{Status: true, Message: "logout success"}, nil } diff --git a/utils/config.go b/utils/config.go index 86adbc2..17e64a7 100644 --- a/utils/config.go +++ b/utils/config.go @@ -7,12 +7,14 @@ import ( type MultiToken string type Config struct { - AppId int `envconfig:"APP_ID" required:"true"` - AppHash string `envconfig:"APP_HASH" required:"true"` - ChannelID int64 `envconfig:"CHANNEL_ID" required:"true"` - JwtSecret string `envconfig:"JWT_SECRET" required:"true"` - MultiClient bool `envconfig:"MULTI_CLIENT" default:"false"` - DatabaseUrl string `envconfig:"DATABASE_URL" required:"true"` + AppId int `envconfig:"APP_ID" required:"true"` + AppHash string `envconfig:"APP_HASH" required:"true"` + ChannelID int64 `envconfig:"CHANNEL_ID" required:"true"` + JwtSecret string `envconfig:"JWT_SECRET" required:"true"` + MultiClient bool `envconfig:"MULTI_CLIENT" default:"false"` + Https bool `envconfig:"HTTPS" default:"false"` + CookieSameSite bool `envconfig:"COOKIE_SAME_SITE" default:"true"` + DatabaseUrl string `envconfig:"DATABASE_URL" required:"true"` } var config Config diff --git a/utils/main.go b/utils/main.go index 860405f..e744bb2 100644 --- a/utils/main.go +++ b/utils/main.go @@ -3,6 +3,7 @@ package utils import ( "context" "fmt" + "os" "regexp" "strings" "time" @@ -89,3 +90,14 @@ func BoolPointer(b bool) *bool { func IntPointer(b int) *int { return &b } + +func PathExists(path string) (bool, error) { + _, err := os.Stat(path) + if err == nil { + return true, nil + } + if os.IsNotExist(err) { + return false, nil + } + return false, err +}