Plugin hooks (#1452)

* Refactor session and plugin code * Add context to job tasks * Show hooks in plugins page * Refactor session management
2025-12-17 12:24:38 +03:00 · 2021-06-11 17:24:58 +10:00
parent dde361f9f3
commit 46bbede9a0
48 changed files with 1289 additions and 338 deletions
--- a/pkg/api/session.go
+++ b/pkg/api/session.go
@@ -1,15 +1,13 @@
 package api

 import (
-	"context"
 	"fmt"
 	"html/template"
 	"net/http"

+	"github.com/stashapp/stash/pkg/manager"
 	"github.com/stashapp/stash/pkg/manager/config"
-
-	"github.com/gorilla/securecookie"
-	"github.com/gorilla/sessions"
+	"github.com/stashapp/stash/pkg/session"
 )

 const cookieName = "session"
@@ -19,17 +17,11 @@ const userIDKey = "userID"

 const returnURLParam = "returnURL"

-var sessionStore = sessions.NewCookieStore(config.GetInstance().GetSessionStoreKey())
-
 type loginTemplateData struct {
 	URL   string
 	Error string
 }

-func initSessionStore() {
-	sessionStore.MaxAge(config.GetInstance().GetMaxSessionAge())
-}
-
 func redirectToLogin(w http.ResponseWriter, returnURL string, loginError string) {
 	data, _ := loginUIBox.Find("login.html")
 	templ, err := template.New("Login").Parse(string(data))
@@ -59,22 +51,13 @@ func handleLogin(w http.ResponseWriter, r *http.Request) {
 		url = "/"
 	}

-	// ignore error - we want a new session regardless
-	newSession, _ := sessionStore.Get(r, cookieName)
-
-	username := r.FormValue("username")
-	password := r.FormValue("password")
-
-	// authenticate the user
-	if !config.GetInstance().ValidateCredentials(username, password) {
+	err := manager.GetInstance().SessionStore.Login(w, r)
+	if err == session.ErrInvalidCredentials {
 		// redirect back to the login page with an error
 		redirectToLogin(w, url, "Username or password is invalid")
 		return
 	}

-	newSession.Values[userIDKey] = username
-
-	err := newSession.Save(r, w)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -84,17 +67,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) {
 }

 func handleLogout(w http.ResponseWriter, r *http.Request) {
-	session, err := sessionStore.Get(r, cookieName)
-	if err != nil {
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-
-	delete(session.Values, userIDKey)
-	session.Options.MaxAge = -1
-
-	err = session.Save(r, w)
-	if err != nil {
+	if err := manager.GetInstance().SessionStore.Logout(w, r); err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
@@ -102,51 +75,3 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
 	// redirect to the login page if credentials are required
 	getLoginHandler(w, r)
 }
-
-func getSessionUserID(w http.ResponseWriter, r *http.Request) (string, error) {
-	session, err := sessionStore.Get(r, cookieName)
-	// ignore errors and treat as an empty user id, so that we handle expired
-	// cookie
-	if err != nil {
-		return "", nil
-	}
-
-	if !session.IsNew {
-		val := session.Values[userIDKey]
-
-		// refresh the cookie
-		err = session.Save(r, w)
-		if err != nil {
-			return "", err
-		}
-
-		ret, _ := val.(string)
-
-		return ret, nil
-	}
-
-	return "", nil
-}
-
-func getCurrentUserID(ctx context.Context) *string {
-	userCtxVal := ctx.Value(ContextUser)
-	if userCtxVal != nil {
-		currentUser := userCtxVal.(string)
-		return &currentUser
-	}
-
-	return nil
-}
-
-func createSessionCookie(username string) (*http.Cookie, error) {
-	session := sessions.NewSession(sessionStore, cookieName)
-	session.Values[userIDKey] = username
-
-	encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
-		sessionStore.Codecs...)
-	if err != nil {
-		return nil, err
-	}
-
-	return sessions.NewCookie(session.Name(), encoded, session.Options), nil
-}