Removing sessions and only using authelia auth headers
This commit is contained in:
@@ -20,7 +20,6 @@ COPY --from=build /usr/local/ /usr/local/
|
|||||||
|
|
||||||
COPY scss /var/scss
|
COPY scss /var/scss
|
||||||
COPY html-widgets /var/html-widgets
|
COPY html-widgets /var/html-widgets
|
||||||
# COPY schematra-session /var/schematra-session
|
|
||||||
WORKDIR /var/scss
|
WORKDIR /var/scss
|
||||||
RUN chicken-install
|
RUN chicken-install
|
||||||
WORKDIR /var/html-widgets
|
WORKDIR /var/html-widgets
|
||||||
@@ -28,14 +27,10 @@ RUN chicken-install
|
|||||||
WORKDIR /var/
|
WORKDIR /var/
|
||||||
|
|
||||||
RUN chicken-install srfi-1 srfi-13 srfi-18 srfi-158 srfi-194 \
|
RUN chicken-install srfi-1 srfi-13 srfi-18 srfi-158 srfi-194 \
|
||||||
sxml-transforms schematra schematra-session \
|
sxml-transforms schematra \
|
||||||
uri-common http-client medea intarweb \
|
uri-common http-client medea intarweb \
|
||||||
sql-null openssl postgresql crypto-tools
|
sql-null openssl postgresql crypto-tools
|
||||||
|
|
||||||
# Egg is currently broken should be able to move back to regular install after it is fixed
|
|
||||||
# WORKDIR /var/schematra-session
|
|
||||||
# RUN chicken-install
|
|
||||||
|
|
||||||
WORKDIR /var
|
WORKDIR /var
|
||||||
RUN mkdir nassella
|
RUN mkdir nassella
|
||||||
WORKDIR /var/nassella
|
WORKDIR /var/nassella
|
||||||
|
|||||||
@@ -23,7 +23,6 @@
|
|||||||
sxml-transforms
|
sxml-transforms
|
||||||
schematra
|
schematra
|
||||||
schematra.body-parser
|
schematra.body-parser
|
||||||
schematra-session
|
|
||||||
uri-common
|
uri-common
|
||||||
http-client
|
http-client
|
||||||
medea
|
medea
|
||||||
@@ -292,17 +291,37 @@ h1, h2, h3, h4, h5, h6 {
|
|||||||
,@sxml-head-out)
|
,@sxml-head-out)
|
||||||
,sxml-body-out)))))
|
,sxml-body-out)))))
|
||||||
|
|
||||||
(with-schematra-app app
|
|
||||||
(lambda ()
|
|
||||||
(use-middleware! (session-middleware "your-secret-key-here")))) ;; TODO generate better one
|
|
||||||
|
|
||||||
(define test-user-id (make-parameter 1))
|
(define test-user-id (make-parameter 1))
|
||||||
(define (session-user-id)
|
|
||||||
|
(define (authelia-auth-middleware next)
|
||||||
(cond-expand
|
(cond-expand
|
||||||
(dev
|
(dev
|
||||||
(or (session-get "user-id") (test-user-id)))
|
(current-params (append `((user-id . ,(test-user-id)) (username . "me")) (current-params)))
|
||||||
|
(next))
|
||||||
(else
|
(else
|
||||||
(session-get "user-id"))))
|
(let* ((request (current-request))
|
||||||
|
(headers (request-headers request))
|
||||||
|
(remote-user (header-value 'remote-user headers))
|
||||||
|
(uri (request-uri request))
|
||||||
|
(path (uri-path uri)))
|
||||||
|
(if remote-user
|
||||||
|
(begin
|
||||||
|
(current-params (append `((user-id . ,(with-db/transaction
|
||||||
|
(lambda (db)
|
||||||
|
(get-user-id-by-username db remote-user))))
|
||||||
|
(username . ,remote-user))
|
||||||
|
(current-params)))
|
||||||
|
(next))
|
||||||
|
(if (string-prefix-ci? "/unsecured/" path)
|
||||||
|
(next)
|
||||||
|
'(unauthorized "no valid auth header")))))))
|
||||||
|
|
||||||
|
(with-schematra-app app
|
||||||
|
(lambda ()
|
||||||
|
(use-middleware! authelia-auth-middleware)))
|
||||||
|
|
||||||
|
(define (session-user-id)
|
||||||
|
(alist-ref 'user-id (current-params)))
|
||||||
|
|
||||||
(define-syntax get/widgets
|
(define-syntax get/widgets
|
||||||
(syntax-rules ()
|
(syntax-rules ()
|
||||||
@@ -318,14 +337,6 @@ h1, h2, h3, h4, h5, h6 {
|
|||||||
headers)
|
headers)
|
||||||
;; `((meta (@ (name "viewport") (content "width=device-width"))))
|
;; `((meta (@ (name "viewport") (content "width=device-width"))))
|
||||||
(begin
|
(begin
|
||||||
(cond-expand
|
|
||||||
(dev
|
|
||||||
(session-set! "user-id" (test-user-id))
|
|
||||||
(session-set! "username" "me"))
|
|
||||||
(else
|
|
||||||
(let ((user-id (with-db/transaction (lambda (db) (get-user-id-by-username db (header-value 'remote-user (request-headers (current-request))))))))
|
|
||||||
(when user-id (session-set! "user-id" user-id))
|
|
||||||
(session-set! "username" (header-value 'remote-user (request-headers (current-request)))))))
|
|
||||||
body ...))))))))
|
body ...))))))))
|
||||||
|
|
||||||
(define-widget (Container ((max-width ($ 'width.main.max)) (style '())) contents)
|
(define-widget (Container ((max-width ($ 'width.main.max)) (style '())) contents)
|
||||||
|
|||||||
Reference in New Issue
Block a user