Fix big bug

diff --git a/src/jvmMain/kotlin/starshipfights/auth/providers.kt b/src/jvmMain/kotlin/starshipfights/auth/providers.kt
index e050fb8e50fc4c541b361a5a5c489b5b3d34208f..4160acafec97cc80a1d241393e9fdfad281cbe42 100644 (file)
--- a/src/jvmMain/kotlin/starshipfights/auth/providers.kt
+++ b/src/jvmMain/kotlin/starshipfights/auth/providers.kt
@@ -69,141 +69,136 @@ interface AuthProvider {
                        }
                        
                        into.routing {
-                               authenticate("session") {
-                                       get("/me") {
-                                               val redirectTo = call.principal<UserSession>()?.let {
-                                                       "/user/${it.user}"
-                                               } ?: "/login"
-                                               
-                                               redirect(redirectTo)
-                                       }
+                               get("/me") {
+                                       val redirectTo = call.getUserSession()?.let { sess ->
+                                               "/user/${sess.user}"
+                                       } ?: "/login"
                                        
-                                       get("/me/manage") {
-                                               call.respondHtml(HttpStatusCode.OK, call.manageUserPage())
-                                       }
+                                       redirect(redirectTo)
+                               }
+                               
+                               get("/me/manage") {
+                                       call.respondHtml(HttpStatusCode.OK, call.manageUserPage())
+                               }
+                               
+                               post("/me/manage") {
+                                       val currentUser = call.getUser() ?: redirect("/login")
+                                       val form = call.receiveParameters()
                                        
-                                       post("/me/manage") {
-                                               val currentUser = call.getUser() ?: redirect("/login")
-                                               val form = call.receiveParameters()
-                                               
-                                               val newUser = currentUser.copy(
-                                                       profileName = form["name"]?.takeIf { it.isNotBlank() } ?: currentUser.profileName
-                                               )
-                                               User.put(newUser)
-                                               redirect("/user/${newUser.id}")
-                                       }
+                                       val newUser = currentUser.copy(
+                                               profileName = form["name"]?.takeIf { it.isNotBlank() } ?: currentUser.profileName
+                                       )
+                                       User.put(newUser)
+                                       redirect("/user/${newUser.id}")
                                }
                                
                                get("/user/{id}") {
                                        call.respondHtml(HttpStatusCode.OK, call.userPage())
                                }
                                
-                               authenticate("session") {
-                                       get("/admiral/new") {
-                                               call.respondHtml(HttpStatusCode.OK, call.createAdmiralPage())
-                                       }
+                               get("/admiral/new") {
+                                       call.respondHtml(HttpStatusCode.OK, call.createAdmiralPage())
+                               }
+                               
+                               post("/admiral/new") {
+                                       val currentUser = call.getUserSession()?.user ?: redirect("/login")
+                                       val form = call.receiveParameters()
                                        
-                                       post("/admiral/new") {
-                                               val currentUser = call.getUserSession()?.user ?: redirect("/login")
-                                               val form = call.receiveParameters()
-                                               
-                                               val newAdmiral = Admiral(
-                                                       owningUser = currentUser,
-                                                       name = form["name"]?.takeIf { it.isNotBlank() } ?: throw MissingRequestParameterException("name"),
-                                                       isFemale = form.getOrFail("sex") == "female",
-                                                       faction = Faction.valueOf(form.getOrFail("faction")),
-                                                       // TODO change to Rear Admiral
-                                                       rank = AdmiralRank.LORD_ADMIRAL
-                                               )
-                                               val newShips = generateFleet(newAdmiral)
-                                               
-                                               coroutineScope {
-                                                       launch { Admiral.put(newAdmiral) }
-                                                       newShips.forEach {
-                                                               launch { ShipInDrydock.put(it) }
-                                                       }
+                                       val newAdmiral = Admiral(
+                                               owningUser = currentUser,
+                                               name = form["name"]?.takeIf { it.isNotBlank() } ?: throw MissingRequestParameterException("name"),
+                                               isFemale = form.getOrFail("sex") == "female",
+                                               faction = Faction.valueOf(form.getOrFail("faction")),
+                                               // TODO change to Rear Admiral
+                                               rank = AdmiralRank.LORD_ADMIRAL
+                                       )
+                                       val newShips = generateFleet(newAdmiral)
+                                       
+                                       coroutineScope {
+                                               launch { Admiral.put(newAdmiral) }
+                                               newShips.forEach {
+                                                       launch { ShipInDrydock.put(it) }
                                                }
-                                               
-                                               redirect("/admiral/${newAdmiral.id}")
                                        }
+                                       
+                                       redirect("/admiral/${newAdmiral.id}")
                                }
                                
                                get("/admiral/{id}") {
                                        call.respondHtml(HttpStatusCode.OK, call.admiralPage())
                                }
                                
-                               authenticate("session") {
-                                       get("/admiral/{id}/manage") {
-                                               call.respondHtml(HttpStatusCode.OK, call.manageAdmiralPage())
-                                       }
+                               get("/admiral/{id}/manage") {
+                                       call.respondHtml(HttpStatusCode.OK, call.manageAdmiralPage())
+                               }
+                               
+                               post("/admiral/{id}/manage") {
+                                       val currentUser = call.getUserSession()?.user
+                                       val admiralId = call.parameters["id"]?.let { Id<Admiral>(it) }!!
+                                       val admiral = Admiral.get(admiralId)!!
                                        
-                                       post("/admiral/{id}/manage") {
-                                               val currentUser = call.getUserSession()?.user
-                                               val admiralId = call.parameters["id"]?.let { Id<Admiral>(it) }!!
-                                               val admiral = Admiral.get(admiralId)!!
-                                               
-                                               if (admiral.owningUser != currentUser) throw ForbiddenException()
-                                               
-                                               val form = call.receiveParameters()
-                                               val newAdmiral = admiral.copy(
-                                                       name = form["name"]?.takeIf { it.isNotBlank() } ?: admiral.name,
-                                                       isFemale = form["sex"] == "female"
-                                               )
-                                               
-                                               Admiral.put(newAdmiral)
-                                               redirect("/admiral/$admiralId")
-                                       }
+                                       if (admiral.owningUser != currentUser) throw ForbiddenException()
                                        
-                                       get("/admiral/{id}/delete") {
-                                               call.respondHtml(HttpStatusCode.OK, call.deleteAdmiralConfirmPage())
-                                       }
+                                       val form = call.receiveParameters()
+                                       val newAdmiral = admiral.copy(
+                                               name = form["name"]?.takeIf { it.isNotBlank() } ?: admiral.name,
+                                               isFemale = form["sex"] == "female"
+                                       )
                                        
-                                       post("/admiral/{id}/delete") {
-                                               val currentUser = call.getUserSession()?.user
-                                               val admiralId = call.parameters["id"]?.let { Id<Admiral>(it) }!!
-                                               val admiral = Admiral.get(admiralId)!!
-                                               
-                                               if (admiral.owningUser != currentUser) throw ForbiddenException()
-                                               
-                                               Admiral.del(admiralId)
-                                               redirect("/me")
-                                       }
+                                       Admiral.put(newAdmiral)
+                                       redirect("/admiral/$admiralId")
+                               }
+                               
+                               get("/admiral/{id}/delete") {
+                                       call.respondHtml(HttpStatusCode.OK, call.deleteAdmiralConfirmPage())
+                               }
+                               
+                               post("/admiral/{id}/delete") {
+                                       val currentUser = call.getUserSession()?.user
+                                       val admiralId = call.parameters["id"]?.let { Id<Admiral>(it) }!!
+                                       val admiral = Admiral.get(admiralId)!!
                                        
-                                       get("/logout") {
-                                               call.getUserSession()?.let { sess ->
-                                                       launch {
-                                                               val newTime = System.currentTimeMillis() - 100
-                                                               UserSession.update(UserSession::id eq sess.id, setValue(UserSession::expirationMillis, newTime))
-                                                       }
+                                       if (admiral.owningUser != currentUser) throw ForbiddenException()
+                                       
+                                       Admiral.del(admiralId)
+                                       redirect("/me")
+                               }
+                               
+                               get("/logout") {
+                                       call.getUserSession()?.let { sess ->
+                                               launch {
+                                                       val newTime = System.currentTimeMillis() - 100
+                                                       UserSession.update(UserSession::id eq sess.id, setValue(UserSession::expirationMillis, newTime))
                                                }
-                                               
-                                               call.sessions.clear<Id<UserSession>>()
-                                               redirect("/")
                                        }
                                        
-                                       get("/logout/{id}") {
-                                               val id = Id<UserSession>(call.parameters.getOrFail("id"))
-                                               call.getUserSession()?.let { sess ->
-                                                       launch {
-                                                               val newTime = System.currentTimeMillis() - 100
-                                                               UserSession.update(and(UserSession::id eq id, UserSession::user eq sess.user), setValue(UserSession::expirationMillis, newTime))
-                                                       }
+                                       call.sessions.clear<Id<UserSession>>()
+                                       redirect("/")
+                               }
+                               
+                               get("/logout/{id}") {
+                                       val id = Id<UserSession>(call.parameters.getOrFail("id"))
+                                       call.getUserSession()?.let { sess ->
+                                               launch {
+                                                       val newTime = System.currentTimeMillis() - 100
+                                                       UserSession.update(and(UserSession::id eq id, UserSession::user eq sess.user), setValue(UserSession::expirationMillis, newTime))
                                                }
-                                               
-                                               redirect("/me/manage")
                                        }
                                        
-                                       get("/logout-all") {
-                                               call.getUserSession()?.let { sess ->
-                                                       launch {
-                                                               val newTime = System.currentTimeMillis() - 100
-                                                               UserSession.update(and(UserSession::user eq sess.user, UserSession::id ne sess.id), setValue(UserSession::expirationMillis, newTime))
-                                                       }
+                                       redirect("/me/manage")
+                               }
+                               
+                               get("/logout-all") {
+                                       call.getUserSession()?.let { sess ->
+                                               launch {
+                                                       val newTime = System.currentTimeMillis() - 100
+                                                       UserSession.update(and(UserSession::user eq sess.user, UserSession::id ne sess.id), setValue(UserSession::expirationMillis, newTime))
                                                }
-                                               
-                                               redirect("/me/manage")
                                        }
+                                       
+                                       redirect("/me/manage")
                                }
+                               
                                currentProvider.installRouting(this)
                        }
                }

diff --git a/src/jvmMain/kotlin/starshipfights/auth/utils.kt b/src/jvmMain/kotlin/starshipfights/auth/utils.kt
index e9d2a524e2fb4ad652aeccde8eb0c737fe66d9d0..12bc316ec69491fee2dd6f6ba1dd5c5ef76c82d8 100644 (file)
--- a/src/jvmMain/kotlin/starshipfights/auth/utils.kt
+++ b/src/jvmMain/kotlin/starshipfights/auth/utils.kt
@@ -1,7 +1,8 @@
 package starshipfights.auth
 
 import io.ktor.application.*
-import io.ktor.auth.*
+import io.ktor.features.*
+import io.ktor.request.*
 import io.ktor.sessions.*
 import starshipfights.data.Id
 import starshipfights.data.auth.User
@@ -16,7 +17,7 @@ suspend fun UserSession.renewed(clientAddress: String) = copy(
        clientAddresses = if (clientAddresses.last() != clientAddress) clientAddresses + clientAddress else clientAddresses
 ).also { UserSession.put(it) }
 
-fun ApplicationCall.getUserSession() = principal<UserSession>()
+suspend fun ApplicationCall.getUserSession() = request.userAgent()?.let { sessions.get<Id<UserSession>>()?.resolve(it) }?.renewed(request.origin.remoteHost)
 
 suspend fun ApplicationCall.getUser() = getUserSession()?.user?.let { User.get(it) }