Removing sessions and only using authelia auth headers

src/Dockerfile

@@ -20,7 +20,6 @@ COPY --from=build /usr/local/ /usr/local/
 
 COPY scss /var/scss
 COPY html-widgets /var/html-widgets
-# COPY schematra-session /var/schematra-session
 WORKDIR /var/scss
 RUN chicken-install
 WORKDIR /var/html-widgets
@@ -28,14 +27,10 @@ RUN chicken-install
 WORKDIR /var/
 
 RUN chicken-install srfi-1 srfi-13 srfi-18 srfi-158 srfi-194 \
-        sxml-transforms schematra schematra-session \
+        sxml-transforms schematra \
         uri-common http-client medea intarweb \
         sql-null openssl postgresql crypto-tools
 
-# Egg is currently broken should be able to move back to regular install after it is fixed
-# WORKDIR /var/schematra-session
-# RUN chicken-install
-
 WORKDIR /var
 RUN mkdir nassella
 WORKDIR /var/nassella

src/nassella.scm

@@ -23,7 +23,6 @@
         sxml-transforms
         schematra
         schematra.body-parser
-        schematra-session
         uri-common
         http-client
         medea
@@ -292,17 +291,37 @@ h1, h2, h3, h4, h5, h6 {
                     ,@sxml-head-out)
               ,sxml-body-out)))))
 
-(with-schematra-app app
-  (lambda ()
-    (use-middleware! (session-middleware "your-secret-key-here")))) ;; TODO generate better one
-
 (define test-user-id (make-parameter 1))
-(define (session-user-id)
+
+(define (authelia-auth-middleware next)
   (cond-expand
     (dev
-     (or (session-get "user-id") (test-user-id)))
+     (current-params (append `((user-id . ,(test-user-id)) (username . "me")) (current-params)))
+     (next))
     (else
-     (session-get "user-id"))))
+     (let* ((request (current-request))
+            (headers (request-headers request))
+            (remote-user (header-value 'remote-user headers))
+            (uri (request-uri request))
+            (path (uri-path uri)))
+       (if remote-user
+           (begin
+             (current-params (append `((user-id . ,(with-db/transaction
+                                                    (lambda (db)
+                                                      (get-user-id-by-username db remote-user))))
+                                       (username . ,remote-user))
+                                     (current-params)))
+             (next))
+           (if (string-prefix-ci? "/unsecured/" path)
+               (next)
+               '(unauthorized "no valid auth header")))))))
+
+(with-schematra-app app
+                    (lambda ()
+                      (use-middleware! authelia-auth-middleware)))
+
+(define (session-user-id)
+  (alist-ref 'user-id (current-params)))
 
 (define-syntax get/widgets
   (syntax-rules ()
@@ -318,14 +337,6 @@ h1, h2, h3, h4, h5, h6 {
                 headers)
                ;; `((meta (@ (name "viewport") (content "width=device-width"))))
                (begin
-                 (cond-expand
-                   (dev
-                    (session-set! "user-id" (test-user-id))
-                    (session-set! "username" "me"))
-                   (else
-                    (let ((user-id (with-db/transaction (lambda (db) (get-user-id-by-username db (header-value 'remote-user (request-headers (current-request))))))))
-                      (when user-id (session-set! "user-id" user-id))
-                      (session-set! "username" (header-value 'remote-user (request-headers (current-request)))))))
                  body ...))))))))
 
 (define-widget (Container ((max-width ($ 'width.main.max)) (style '())) contents)