diff --git a/core/group.go b/core/group.go index 2b09c7f..5e7ee5e 100644 --- a/core/group.go +++ b/core/group.go @@ -71,6 +71,7 @@ func queryManyGroupMembers(groupId string) ([]User, error) { } func (s *Session) GetGroupByReference(reference string) (*Group, error) { + // FIXME: This function doesn't make much sense when there's already a public function to fetch any group, below stmt := "SELECT [group].id, [group].name, [group].reference FROM [group] JOIN group_member ON [group].id == group_member.group_id WHERE [group].reference = ? AND group_member.user_id = ?;" return queryOneGroup(stmt, reference, s.User().Id) } diff --git a/http/router/router.go b/http/router/router.go index 4387305..5039b7d 100644 --- a/http/router/router.go +++ b/http/router/router.go @@ -15,9 +15,9 @@ type VisibilityRouter struct { func (s *VisibilityRouter) ServeHTTP(w http.ResponseWriter, r *http.Request) { session, _ := s.store.Get(r, "lishwist_user") - _, authorized := session.Values["sessionKey"] + _, inSession := session.Values["sessionKey"] - if authorized { + if inSession { s.Private.ServeHTTP(w, r) } else { s.Public.ServeHTTP(w, r) diff --git a/http/routing/groups.go b/http/routing/groups.go index 33f8749..e07f153 100644 --- a/http/routing/groups.go +++ b/http/routing/groups.go @@ -18,7 +18,7 @@ type GroupProps struct { func AdminGroup(app *lishwist.Session, h http.Header, r *http.Request) rsvp.Response { reference := r.PathValue("groupReference") - group, err := app.GetGroupByReference(reference) + group, err := lishwist.GetGroupByReference(reference) if err != nil { return response.Error(http.StatusInternalServerError, "Couldn't get group: %s", err) } diff --git a/http/routing/wishlist.go b/http/routing/wishlist.go index 4b7c783..a175af1 100644 --- a/http/routing/wishlist.go +++ b/http/routing/wishlist.go @@ -47,7 +47,7 @@ func ForeignWishlistPost(app *lishwist.Session, h http.Header, r *http.Request) } userReference := r.PathValue("userReference") - resp := rsvp.SeeOther("/list/"+userReference, "Update successful") + resp := rsvp.SeeOther("/lists/"+userReference, "Update successful") intent := r.Form.Get("intent") switch intent { case "claim": diff --git a/http/server/server.go b/http/server/server.go index 8b18eea..11eb163 100644 --- a/http/server/server.go +++ b/http/server/server.go @@ -22,6 +22,13 @@ func prefixMovedPermanently(before, after string) response.HandlerFunc { } } +func prefixPermanentRedirect(before, after string) response.HandlerFunc { + return func(s *response.Session, h http.Header, r *http.Request) rsvp.Response { + suffix := strings.TrimPrefix(r.RequestURI, before) + return rsvp.PermanentRedirect(after + suffix) + } +} + func Create(useSecureCookies bool) *router.VisibilityRouter { gob.Register(&api.RegisterProps{}) gob.Register(&api.LoginProps{}) @@ -30,6 +37,8 @@ func Create(useSecureCookies bool) *router.VisibilityRouter { store.Options.MaxAge = 86_400 // 24 hours in seconds store.Options.Secure = useSecureCookies store.Options.HttpOnly = true + store.Options.Path = "/" + store.Options.SameSite = http.SameSiteLaxMode r := router.New(store) @@ -48,14 +57,16 @@ func Create(useSecureCookies bool) *router.VisibilityRouter { r.Private.HandleFunc("GET /users/{userReference}", routing.ExpectAppSession(routing.User)) r.Private.HandleFunc("GET /{$}", routing.ExpectAppSession(routing.Home)) r.Private.HandleFunc("POST /groups/{groupReference}", routing.ExpectAppSession(routing.GroupPost)) - r.Private.HandleFunc("POST /list/{userReference}", routing.ExpectAppSession(routing.ForeignWishlistPost)) + r.Private.HandleFunc("POST /lists/{userReference}", routing.ExpectAppSession(routing.ForeignWishlistPost)) r.Private.HandleFunc("POST /logout", routing.LogoutPost) r.Private.HandleFunc("POST /users/{userReference}", routing.ExpectAppSession(routing.UserPost)) r.Private.HandleFunc("POST /{$}", routing.ExpectAppSession(routing.HomePost)) // Deprecated r.HandleFunc("GET /group/{groupReference}", prefixMovedPermanently("/group/", "/groups/")) - r.HandleFunc("GET /list/{userReference}", prefixMovedPermanently("/list/", "/lists/")) + r.HandleFunc("GET /list/{groupReference}", prefixMovedPermanently("/list/", "/lists/")) + r.HandleFunc("POST /group/{groupReference}", prefixPermanentRedirect("/group/", "/groups/")) + r.HandleFunc("POST /list/{groupReference}", prefixPermanentRedirect("/list/", "/lists/")) return r }