fix: get user from session correctly

B-urb · Jul 27, 2024 · 505e69f · 505e69f
1 parent 663bb3d
commit 505e69f
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/backend/internal/handlers/auth.go b/backend/internal/handlers/auth.go
@@ -320,6 +320,16 @@ func (h *Handler) logError(w http.ResponseWriter, message string, err error, sta
 	http.Error(w, message, statusCode)
 }
 
+func (h *Handler) getUserFromSession(r *http.Request) (string, error) {
+	session, err := store.Get(r, "session-cook")
+	if err != nil {
+		slog.Debug("Error retrieving user from session", err)
+		return "", err
+	}
+	user, _ := session.Values["user"].(string)
+	return user, nil
+}
+
 func (h *Handler) getUserEmailFromToken(r *http.Request) (string, error) {
 	cookie, err := r.Cookie("session-cook")
 	if err != nil {

diff --git a/backend/internal/handlers/requests.go b/backend/internal/handlers/requests.go
@@ -16,7 +16,7 @@ func (h *Handler) HandleRequests(w http.ResponseWriter, r *http.Request) {
 		sendJSONError(w, "Method not allowed", http.StatusMethodNotAllowed)
 		return
 	}
-	userEmail, err := h.getUserEmailFromToken(r)
+	userEmail, err := h.getUserFromSession(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusUnauthorized)
 		return
@@ -45,7 +45,7 @@ func (h *Handler) HandleRequests(w http.ResponseWriter, r *http.Request) {
 func (h *Handler) HandleRequestSite(w http.ResponseWriter, r *http.Request) {
 	var redirect models.Redirect
 
-	userEmail, err := h.getUserEmailFromToken(r)
+	userEmail, err := h.getUserFromSession(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusUnauthorized)
 		return
@@ -102,7 +102,7 @@ func (h *Handler) HandleUpdateSiteState(w http.ResponseWriter, r *http.Request)
 		http.Error(w, "Invalid state value", http.StatusBadRequest)
 		return
 	}
-	userEmail, err := h.getUserEmailFromToken(r)
+	userEmail, err := h.getUserFromSession(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusUnauthorized)
 		return