miniflux/internal/http/request/context.go

// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

package request // import "miniflux.app/v2/internal/http/request"

import (
	"net/http"
	"strconv"

	"miniflux.app/v2/internal/model"
)

// ContextKey represents a context key.
type ContextKey int

// List of context keys.
const (
	UserIDContextKey ContextKey = iota
	UserTimezoneContextKey
	IsAdminUserContextKey
	IsAuthenticatedContextKey
	UserSessionTokenContextKey
	UserLanguageContextKey
	UserThemeContextKey
	SessionIDContextKey
	CSRFContextKey
	OAuth2StateContextKey
	OAuth2CodeVerifierContextKey
	FlashMessageContextKey
	FlashErrorMessageContextKey
	PocketRequestTokenContextKey
	LastForceRefreshContextKey
	ClientIPContextKey
	GoogleReaderToken
	WebAuthnDataContextKey
)

func WebAuthnSessionData(r *http.Request) *model.WebAuthnSession {
	if v := r.Context().Value(WebAuthnDataContextKey); v != nil {
		value, valid := v.(model.WebAuthnSession)
		if !valid {
			return nil
		}

		return &value
	}

	return nil
}

// GoolgeReaderToken returns the google reader token if it exists.
func GoolgeReaderToken(r *http.Request) string {
	return getContextStringValue(r, GoogleReaderToken)
}

// IsAdminUser checks if the logged user is administrator.
func IsAdminUser(r *http.Request) bool {
	return getContextBoolValue(r, IsAdminUserContextKey)
}

// IsAuthenticated returns a boolean if the user is authenticated.
func IsAuthenticated(r *http.Request) bool {
	return getContextBoolValue(r, IsAuthenticatedContextKey)
}

// UserID returns the UserID of the logged user.
func UserID(r *http.Request) int64 {
	return getContextInt64Value(r, UserIDContextKey)
}

// UserTimezone returns the timezone used by the logged user.
func UserTimezone(r *http.Request) string {
	value := getContextStringValue(r, UserTimezoneContextKey)
	if value == "" {
		value = "UTC"
	}
	return value
}

// UserLanguage get the locale used by the current logged user.
func UserLanguage(r *http.Request) string {
	language := getContextStringValue(r, UserLanguageContextKey)
	if language == "" {
		language = "en_US"
	}
	return language
}

// UserTheme get the theme used by the current logged user.
func UserTheme(r *http.Request) string {
	theme := getContextStringValue(r, UserThemeContextKey)
	if theme == "" {
		theme = "system_serif"
	}
	return theme
}

// CSRF returns the current CSRF token.
func CSRF(r *http.Request) string {
	return getContextStringValue(r, CSRFContextKey)
}

// SessionID returns the current session ID.
func SessionID(r *http.Request) string {
	return getContextStringValue(r, SessionIDContextKey)
}

// UserSessionToken returns the current user session token.
func UserSessionToken(r *http.Request) string {
	return getContextStringValue(r, UserSessionTokenContextKey)
}

// OAuth2State returns the current OAuth2 state.
func OAuth2State(r *http.Request) string {
	return getContextStringValue(r, OAuth2StateContextKey)
}

func OAuth2CodeVerifier(r *http.Request) string {
	return getContextStringValue(r, OAuth2CodeVerifierContextKey)
}

// FlashMessage returns the message message if any.
func FlashMessage(r *http.Request) string {
	return getContextStringValue(r, FlashMessageContextKey)
}

// FlashErrorMessage returns the message error message if any.
func FlashErrorMessage(r *http.Request) string {
	return getContextStringValue(r, FlashErrorMessageContextKey)
}

// PocketRequestToken returns the Pocket Request Token if any.
func PocketRequestToken(r *http.Request) string {
	return getContextStringValue(r, PocketRequestTokenContextKey)
}

// LastForceRefresh returns the last force refresh timestamp.
func LastForceRefresh(r *http.Request) int64 {
	jsonStringValue := getContextStringValue(r, LastForceRefreshContextKey)
	timestamp, err := strconv.ParseInt(jsonStringValue, 10, 64)
	if err != nil {
		return 0
	}
	return timestamp
}

// ClientIP returns the client IP address stored in the context.
func ClientIP(r *http.Request) string {
	return getContextStringValue(r, ClientIPContextKey)
}

func getContextStringValue(r *http.Request, key ContextKey) string {
	if v := r.Context().Value(key); v != nil {
		value, valid := v.(string)
		if !valid {
			return ""
		}

		return value
	}

	return ""
}

func getContextBoolValue(r *http.Request, key ContextKey) bool {
	if v := r.Context().Value(key); v != nil {
		value, valid := v.(bool)
		if !valid {
			return false
		}

		return value
	}

	return false
}

func getContextInt64Value(r *http.Request, key ContextKey) int64 {
	if v := r.Context().Value(key); v != nil {
		value, valid := v.(int64)
		if !valid {
			return 0
		}

		return value
	}

	return 0
}
Replace copyright header with SPDX identifier 2023-06-19 23:42:47 +02:00			`// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.`
			`// SPDX-License-Identifier: Apache-2.0`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00
Move internal packages to an internal folder For reference: https://go.dev/doc/go1.4#internalpackages 2023-08-11 04:46:45 +02:00			`package request // import "miniflux.app/v2/internal/http/request"`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00
Refactor Batch Builder and prevent accidental and excessive refreshes from the web ui 2023-10-21 00:12:02 +02:00			`import (`
			`"net/http"`
			`"strconv"`
Add WebAuthn / Passkey integration This is a rebase of #1618 in which @dave-atx added WebAuthn support. Closes #1618 2023-11-05 18:57:35 +01:00
			`"miniflux.app/v2/internal/model"`
Refactor Batch Builder and prevent accidental and excessive refreshes from the web ui 2023-10-21 00:12:02 +02:00			`)`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00
			`// ContextKey represents a context key.`
			`type ContextKey int`

			`// List of context keys.`
			`const (`
			`UserIDContextKey ContextKey = iota`
			`UserTimezoneContextKey`
			`IsAdminUserContextKey`
			`IsAuthenticatedContextKey`
			`UserSessionTokenContextKey`
			`UserLanguageContextKey`
			`UserThemeContextKey`
			`SessionIDContextKey`
			`CSRFContextKey`
			`OAuth2StateContextKey`
Add OAuth2 PKCE support 2023-09-03 06:35:10 +02:00			`OAuth2CodeVerifierContextKey`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`FlashMessageContextKey`
			`FlashErrorMessageContextKey`
			`PocketRequestTokenContextKey`
Refactor Batch Builder and prevent accidental and excessive refreshes from the web ui 2023-10-21 00:12:02 +02:00			`LastForceRefreshContextKey`
Store client IP address in request context 2018-09-10 00:15:14 +02:00			`ClientIPContextKey`
Add Google Reader API implementation (experimental) Co-authored-by: Sebastian Kempken <sebastian@kempken.io> Co-authored-by: Gergan Penkov <gergan@gmail.com> Co-authored-by: Dave Marquard <dave@marquard.org> Co-authored-by: Moritz Fago <4459068+MoritzFago@users.noreply.github.com> 2022-01-03 04:45:12 +01:00			`GoogleReaderToken`
Add WebAuthn / Passkey integration This is a rebase of #1618 in which @dave-atx added WebAuthn support. Closes #1618 2023-11-05 18:57:35 +01:00			`WebAuthnDataContextKey`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`)`

Add WebAuthn / Passkey integration This is a rebase of #1618 in which @dave-atx added WebAuthn support. Closes #1618 2023-11-05 18:57:35 +01:00			`func WebAuthnSessionData(r http.Request) model.WebAuthnSession {`
			`if v := r.Context().Value(WebAuthnDataContextKey); v != nil {`
			`value, valid := v.(model.WebAuthnSession)`
			`if !valid {`
			`return nil`
			`}`

			`return &value`
			`}`

			`return nil`
			`}`

Add Google Reader API implementation (experimental) Co-authored-by: Sebastian Kempken <sebastian@kempken.io> Co-authored-by: Gergan Penkov <gergan@gmail.com> Co-authored-by: Dave Marquard <dave@marquard.org> Co-authored-by: Moritz Fago <4459068+MoritzFago@users.noreply.github.com> 2022-01-03 04:45:12 +01:00			`// GoolgeReaderToken returns the google reader token if it exists.`
			`func GoolgeReaderToken(r *http.Request) string {`
			`return getContextStringValue(r, GoogleReaderToken)`
			`}`

Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`// IsAdminUser checks if the logged user is administrator.`
			`func IsAdminUser(r *http.Request) bool {`
			`return getContextBoolValue(r, IsAdminUserContextKey)`
			`}`

			`// IsAuthenticated returns a boolean if the user is authenticated.`
			`func IsAuthenticated(r *http.Request) bool {`
			`return getContextBoolValue(r, IsAuthenticatedContextKey)`
			`}`

			`// UserID returns the UserID of the logged user.`
			`func UserID(r *http.Request) int64 {`
			`return getContextInt64Value(r, UserIDContextKey)`
			`}`

			`// UserTimezone returns the timezone used by the logged user.`
			`func UserTimezone(r *http.Request) string {`
			`value := getContextStringValue(r, UserTimezoneContextKey)`
			`if value == "" {`
			`value = "UTC"`
			`}`
			`return value`
			`}`

			`// UserLanguage get the locale used by the current logged user.`
			`func UserLanguage(r *http.Request) string {`
			`language := getContextStringValue(r, UserLanguageContextKey)`
			`if language == "" {`
			`language = "en_US"`
			`}`
			`return language`
			`}`

			`// UserTheme get the theme used by the current logged user.`
			`func UserTheme(r *http.Request) string {`
			`theme := getContextStringValue(r, UserThemeContextKey)`
			`if theme == "" {`
Change default theme to "system_serif" 2020-03-20 04:45:05 +01:00			`theme = "system_serif"`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`}`
			`return theme`
			`}`

			`// CSRF returns the current CSRF token.`
			`func CSRF(r *http.Request) string {`
			`return getContextStringValue(r, CSRFContextKey)`
			`}`

			`// SessionID returns the current session ID.`
			`func SessionID(r *http.Request) string {`
			`return getContextStringValue(r, SessionIDContextKey)`
			`}`

			`// UserSessionToken returns the current user session token.`
			`func UserSessionToken(r *http.Request) string {`
			`return getContextStringValue(r, UserSessionTokenContextKey)`
			`}`

			`// OAuth2State returns the current OAuth2 state.`
			`func OAuth2State(r *http.Request) string {`
			`return getContextStringValue(r, OAuth2StateContextKey)`
			`}`

Add OAuth2 PKCE support 2023-09-03 06:35:10 +02:00			`func OAuth2CodeVerifier(r *http.Request) string {`
			`return getContextStringValue(r, OAuth2CodeVerifierContextKey)`
			`}`

Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`// FlashMessage returns the message message if any.`
			`func FlashMessage(r *http.Request) string {`
			`return getContextStringValue(r, FlashMessageContextKey)`
			`}`

			`// FlashErrorMessage returns the message error message if any.`
			`func FlashErrorMessage(r *http.Request) string {`
			`return getContextStringValue(r, FlashErrorMessageContextKey)`
			`}`

			`// PocketRequestToken returns the Pocket Request Token if any.`
			`func PocketRequestToken(r *http.Request) string {`
			`return getContextStringValue(r, PocketRequestTokenContextKey)`
			`}`

Refactor Batch Builder and prevent accidental and excessive refreshes from the web ui 2023-10-21 00:12:02 +02:00			`// LastForceRefresh returns the last force refresh timestamp.`
			`func LastForceRefresh(r *http.Request) int64 {`
			`jsonStringValue := getContextStringValue(r, LastForceRefreshContextKey)`
			`timestamp, err := strconv.ParseInt(jsonStringValue, 10, 64)`
			`if err != nil {`
			`return 0`
			`}`
			`return timestamp`
			`}`

Store client IP address in request context 2018-09-10 00:15:14 +02:00			`// ClientIP returns the client IP address stored in the context.`
			`func ClientIP(r *http.Request) string {`
			`return getContextStringValue(r, ClientIPContextKey)`
			`}`

Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`func getContextStringValue(r *http.Request, key ContextKey) string {`
			`if v := r.Context().Value(key); v != nil {`
Improve request package and add more unit tests 2018-09-24 06:02:26 +02:00			`value, valid := v.(string)`
			`if !valid {`
			`return ""`
			`}`

			`return value`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`}`

			`return ""`
			`}`

			`func getContextBoolValue(r *http.Request, key ContextKey) bool {`
			`if v := r.Context().Value(key); v != nil {`
Improve request package and add more unit tests 2018-09-24 06:02:26 +02:00			`value, valid := v.(bool)`
			`if !valid {`
			`return false`
			`}`

			`return value`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`}`

			`return false`
			`}`

			`func getContextInt64Value(r *http.Request, key ContextKey) int64 {`
			`if v := r.Context().Value(key); v != nil {`
Improve request package and add more unit tests 2018-09-24 06:02:26 +02:00			`value, valid := v.(int64)`
			`if !valid {`
			`return 0`
			`}`

			`return value`
Refactor HTTP context handling 2018-09-03 23:26:40 +02:00			`}`

			`return 0`
			`}`