refactor: set auth cookie for every api, and optionally pass a specific api name to only set instead

2024-03-17 08:59:34 -04:00 · 2024-03-17 08:59:34 -04:00 · 2a8c036dc6
parent 325a368dea
commit 2a8c036dc6
1 changed files with 25 additions and 9 deletions
--- a/account/jwt.go
+++ b/account/jwt.go
@ -8,6 +8,10 @@ import (
 	"strconv"
 	"time"

+	"git.lumeweb.com/LumeWeb/portal/api/router"
+
+	apiRegistry "git.lumeweb.com/LumeWeb/portal/api/registry"
+
 	"github.com/golang-jwt/jwt/v5"
 )

@ -93,13 +97,25 @@ func JWTVerifyToken(token string, domain string, privateKey ed25519.PrivateKey,
 	return claim, err
 }

-func SetAuthCookie(w http.ResponseWriter, name, token string) {
-	http.SetCookie(w, &http.Cookie{
-		Name:     name,
-		Value:    token,
-		Expires:  time.Now().Add(24 * time.Hour),
-		Secure:   true,
-		HttpOnly: true,
-		Path:     "/",
-	})
+func SetAuthCookie(w http.ResponseWriter, token string, apiName string) {
+	for name, api := range apiRegistry.GetAllAPIs() {
+		routeableApi, ok := api.(router.RoutableAPI)
+		if !ok {
+			continue
+		}
+
+		if len(apiName) > 0 && apiName != name {
+			continue
+		}
+
+		http.SetCookie(w, &http.Cookie{
+			Name:     name,
+			Value:    token,
+			Expires:  time.Now().Add(24 * time.Hour),
+			Secure:   true,
+			HttpOnly: true,
+			Path:     "/",
+			Domain:   routeableApi.Domain(),
+		})
+	}
 }