Fixes (#9)

Author: shal

.vscode/launch.json

@@ -0,0 +1,15 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Launch Package",
+            "type": "go",
+            "request": "launch",
+            "mode": "debug",
+            "program": "${workspaceFolder}/cmd/server",
+            "args": [
+                "--config=${workspaceFolder}/config/config.yaml"
+            ]
+        }
+    ]
+}

cmd/server/main.go

@@ -62,7 +62,7 @@ func main() {
 
 	addr := ":8080"
 	logger.Infof("Listening on %s...", addr)
-	if err := http.Start(ctx, addr, &conf.Server, pub, store, svc, client); err != nil {
+	if err := http.Start(ctx, addr, conf, pub, store, svc, client); err != nil {
 		logger.Fatalf("http server failed: %v", err)
 	}
 }

pkg/api/http/api.go

@@ -16,15 +16,15 @@ import (
 )
 
 // Start starts the server with specified store.
-func Start(ctx context.Context, addr string, conf *config.Server, pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker) error {
-	s := newServer(pub, store, svc, checker)
+func Start(ctx context.Context, addr string, conf *config.Settings, pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker) error {
+	s := newServer(pub, store, svc, checker, &conf.Kratos)
 
 	srv := http.Server{
 		Addr:           addr,
 		Handler:        handlers.CustomLoggingHandler(os.Stdout, handlers.ProxyHeaders(s), logFormatter),
-		ReadTimeout:    conf.ReadTimeout.Duration,
-		WriteTimeout:   conf.WriteTimeout.Duration,
-		IdleTimeout:    conf.IdleTimeout.Duration,
+		ReadTimeout:    conf.Server.ReadTimeout.Duration,
+		WriteTimeout:   conf.Server.WriteTimeout.Duration,
+		IdleTimeout:    conf.Server.IdleTimeout.Duration,
 		MaxHeaderBytes: 1 << 20,
 	}
 
@@ -37,7 +37,7 @@ func Start(ctx context.Context, addr string, conf *config.Server, pub eventapi.P
 	case err := <-errs:
 		return err
 	case <-ctx.Done():
-		ctxShutDown, cancel := context.WithTimeout(context.Background(), conf.ShutdownTimeout.Duration)
+		ctxShutDown, cancel := context.WithTimeout(context.Background(), conf.Server.ShutdownTimeout.Duration)
 		defer cancel()
 
 		err := srv.Shutdown(ctxShutDown)

pkg/api/http/routes.go

@@ -5,11 +5,12 @@ import (
 
 	"github.com/gorilla/mux"
 
+	"github.com/opencars/auth/pkg/config"
 	"github.com/opencars/auth/pkg/domain"
 	"github.com/opencars/auth/pkg/eventapi"
 )
 
-func configureRouter(pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker) http.Handler {
+func configureRouter(pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker, conf *config.Kratos) http.Handler {
 	tokens := tokenHandler{svc: svc}
 	tAuth := AuthHandler{publisher: pub, store: store}
 
@@ -22,7 +23,7 @@ func configureRouter(pub eventapi.Publisher, store domain.Store, svc domain.User
 
 	user := router.PathPrefix("/user").Subrouter()
 	user.Use(
-		SessionCheckerMiddleware(checker),
+		SessionCheckerMiddleware(conf.Cookie, checker),
 	)
 
 	user.Handle("/tokens", tokens.Create()).Methods("POST")                 // POST   /api/v1/tokens.

pkg/api/http/server.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/gorilla/handlers"
 
+	"github.com/opencars/auth/pkg/config"
 	"github.com/opencars/auth/pkg/domain"
 	"github.com/opencars/auth/pkg/eventapi"
 	"github.com/opencars/auth/pkg/handler"
@@ -19,9 +20,9 @@ type server struct {
 	store     domain.Store
 }
 
-func newServer(pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker) *server {
+func newServer(pub eventapi.Publisher, store domain.Store, svc domain.UserService, checker domain.SessionChecker, conf *config.Kratos) *server {
 	s := server{
-		router:    configureRouter(pub, store, svc, checker),
+		router:    configureRouter(pub, store, svc, checker, conf),
 		publisher: pub,
 		store:     store,
 	}

pkg/api/http/user_middleware.go

@@ -13,13 +13,19 @@ var (
 	ErrUnauthorized = httputil.NewError(http.StatusUnauthorized, "user.not_authorized")
 )
 
-func SessionCheckerMiddleware(checker domain.SessionChecker) mux.MiddlewareFunc {
+func SessionCheckerMiddleware(cookieName string, checker domain.SessionChecker) mux.MiddlewareFunc {
 	return func(next http.Handler) http.Handler {
 		return httputil.Handler(func(w http.ResponseWriter, r *http.Request) error {
-			cookie := r.Header.Get("Cookie")
+			var cookieValue string
+
+			cookie, err := r.Cookie(cookieName)
+			if err == nil && cookie != nil {
+				cookieValue = cookie.Value
+			}
+
 			sessionToken := strings.Replace(r.Header.Get("Authorization"), "Bearer ", "", 1)
 
-			user, err := checker.CheckSession(r.Context(), sessionToken, cookie)
+			user, err := checker.CheckSession(r.Context(), sessionToken, cookieValue)
 			if err != nil {
 				return ErrUnauthorized
 			}

pkg/config/kratos.go

@@ -2,4 +2,5 @@ package config
 
 type Kratos struct {
 	BaseURL string `yaml:"base_url"`
+	Cookie  string `yaml:"cookie"`
 }