nassella/app
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects 1 Releases Wiki Activity

Removing sessions and only using authelia auth headers

Browse Source
This commit is contained in:
Thomas Hintz
2026-04-16 08:55:31 -07:00
parent ff31220be3
commit e42ece86fd
2 changed files with 28 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Dockerfile
View File

@@ -20,7 +20,6 @@ COPY --from=build /usr/local/ /usr/local/
COPY scss /var/scss COPY scss /var/scss
COPY html-widgets /var/html-widgets COPY html-widgets /var/html-widgets
# COPY schematra-session /var/schematra-session
WORKDIR /var/scss WORKDIR /var/scss
RUN chicken-install RUN chicken-install
WORKDIR /var/html-widgets WORKDIR /var/html-widgets
@@ -28,14 +27,10 @@ RUN chicken-install
WORKDIR /var/ WORKDIR /var/
RUN chicken-install srfi-1 srfi-13 srfi-18 srfi-158 srfi-194 \ RUN chicken-install srfi-1 srfi-13 srfi-18 srfi-158 srfi-194 \
sxml-transforms schematra schematra-session \ sxml-transforms schematra \
uri-common http-client medea intarweb \ uri-common http-client medea intarweb \
sql-null openssl postgresql crypto-tools sql-null openssl postgresql crypto-tools
# Egg is currently broken should be able to move back to regular install after it is fixed
# WORKDIR /var/schematra-session
# RUN chicken-install
WORKDIR /var WORKDIR /var
RUN mkdir nassella RUN mkdir nassella
WORKDIR /var/nassella WORKDIR /var/nassella

43
src/nassella.scm
View File

@@ -23,7 +23,6 @@
sxml-transforms sxml-transforms
schematra schematra
schematra.body-parser schematra.body-parser
schematra-session
uri-common uri-common
http-client http-client
medea medea
@@ -292,17 +291,37 @@ h1, h2, h3, h4, h5, h6 {
,@sxml-head-out) ,@sxml-head-out)
,sxml-body-out))))) ,sxml-body-out)))))
(with-schematra-app app
(lambda ()
(use-middleware! (session-middleware "your-secret-key-here")))) ;; TODO generate better one
(define test-user-id (make-parameter 1)) (define test-user-id (make-parameter 1))
(define (session-user-id)
(define (authelia-auth-middleware next)
(cond-expand (cond-expand
(dev (dev
(or (session-get "user-id") (test-user-id))) (current-params (append `((user-id . ,(test-user-id)) (username . "me")) (current-params)))
(next))
(else (else
(session-get "user-id")))) (let* ((request (current-request))
(headers (request-headers request))
(remote-user (header-value 'remote-user headers))
(uri (request-uri request))
(path (uri-path uri)))
(if remote-user
(begin
(current-params (append `((user-id . ,(with-db/transaction
(lambda (db)
(get-user-id-by-username db remote-user))))
(username . ,remote-user))
(current-params)))
(next))
(if (string-prefix-ci? "/unsecured/" path)
(next)
'(unauthorized "no valid auth header")))))))
(with-schematra-app app
(lambda ()
(use-middleware! authelia-auth-middleware)))
(define (session-user-id)
(alist-ref 'user-id (current-params)))
(define-syntax get/widgets (define-syntax get/widgets
(syntax-rules () (syntax-rules ()
@@ -318,14 +337,6 @@ h1, h2, h3, h4, h5, h6 {
headers) headers)
;; `((meta (@ (name "viewport") (content "width=device-width")))) ;; `((meta (@ (name "viewport") (content "width=device-width"))))
(begin (begin
(cond-expand
(dev
(session-set! "user-id" (test-user-id))
(session-set! "username" "me"))
(else
(let ((user-id (with-db/transaction (lambda (db) (get-user-id-by-username db (header-value 'remote-user (request-headers (current-request))))))))
(when user-id (session-set! "user-id" user-id))
(session-set! "username" (header-value 'remote-user (request-headers (current-request)))))))
body ...)))))))) body ...))))))))
(define-widget (Container ((max-width ($ 'width.main.max)) (style '())) contents) (define-widget (Container ((max-width ($ 'width.main.max)) (style '())) contents)