sonr/internal/common/http_cookies.go

package common

import (
	"encoding/base64"
	"net/http"
	"time"

	"github.com/labstack/echo/v4"
)

// CookieKey is a type alias for string.
type CookieKey string

const (
	// SessionID is the key for the session ID cookie.
	SessionID CookieKey = "session.id"

	// SessionChallenge is the key for the session challenge cookie.
	SessionChallenge CookieKey = "session.challenge"

	// SessionRole is the key for the session role cookie.
	SessionRole CookieKey = "session.role"

	// SonrAddress is the key for the Sonr address cookie.
	SonrAddress CookieKey = "sonr.address"

	// SonrDID is the key for the Sonr DID cookie.
	SonrDID CookieKey = "sonr.did"

	// UserAvatar is the key for the User Avatar cookie.
	UserAvatar CookieKey = "user.avatar"

	// UserHandle is the key for the User Handle cookie.
	UserHandle CookieKey = "user.handle"

	// UserName is the key for the User Name cookie.
	UserName CookieKey = "user.full_name"

	// VaultAddress is the key for the Vault address cookie.
	VaultAddress CookieKey = "vault.address"

	// VaultCID is the key for the Vault CID cookie.
	VaultCID CookieKey = "vault.cid"

	// VaultSchema is the key for the Vault schema cookie.
	VaultSchema CookieKey = "vault.schema"
)

// String returns the string representation of the CookieKey.
func (c CookieKey) String() string {
	return string(c)
}

// ╭───────────────────────────────────────────────────────────╮
// │                      Utility Methods                      │
// ╰───────────────────────────────────────────────────────────╯

func CookieExists(c echo.Context, key CookieKey) bool {
	ck, err := c.Cookie(key.String())
	if err != nil {
		return false
	}
	return ck != nil
}

func ReadCookie(c echo.Context, key CookieKey) (string, error) {
	cookie, err := c.Cookie(key.String())
	if err != nil {
		// Cookie not found or other error
		return "", err
	}
	if cookie == nil || cookie.Value == "" {
		// Cookie is empty
		return "", http.ErrNoCookie
	}
	return cookie.Value, nil
}

func ReadCookieBytes(c echo.Context, key CookieKey) ([]byte, error) {
	cookie, err := c.Cookie(key.String())
	if err != nil {
		// Cookie not found or other error
		return nil, err
	}
	if cookie == nil || cookie.Value == "" {
		// Cookie is empty
		return nil, http.ErrNoCookie
	}
	return base64.RawURLEncoding.DecodeString(cookie.Value)
}

func ReadCookieUnsafe(c echo.Context, key CookieKey) string {
	ck, err := c.Cookie(key.String())
	if err != nil {
		return ""
	}
	return ck.Value
}

func WriteCookie(c echo.Context, key CookieKey, value string) error {
	cookie := &http.Cookie{
		Name:     key.String(),
		Value:    value,
		Expires:  time.Now().Add(24 * time.Hour),
		HttpOnly: true,
		Path:     "/",
		// Add Secure and SameSite attributes as needed
	}
	c.SetCookie(cookie)
	return nil
}

func WriteCookieBytes(c echo.Context, key CookieKey, value []byte) error {
	cookie := &http.Cookie{
		Name:     key.String(),
		Value:    base64.RawURLEncoding.EncodeToString(value),
		Expires:  time.Now().Add(24 * time.Hour),
		HttpOnly: true,
		Path:     "/",
		// Add Secure and SameSite attributes as needed
	}
	c.SetCookie(cookie)
	return nil
}
feature/refactor ui (#1205) * fix: correct HTTP error handling in gateway * refactor: migrate database and ORM to internal modules * feat: introduce taskfile build system for improved workflow management * refactor: update taskfiles to use relative paths * feat: add profile status field * refactor: move rendering logic to context package * fix: improve error handling in credentials retrieval * refactor: optimize HTTP request handling in Wasm environment * refactor: refactor config loading in motr command * chore: add process-compose for service management * chore: remove default task and update gum format command * fix: update project dependencies * refactor: improve code readability and maintainability * refactor: consolidate error handling components * refactor: update index handler to use new context package * refactor: consolidate database scripts and move to deploy directory * feat: Update flake.nix with development tools and environment configuration * fix: ignore flake.lock file * refactor: migrate build process to use taskfiles for improved modularity and maintainability * refactor: improve GatewayContext and reorganize handlers * refactor: Remove unused profile creation functions * (chore): templ generation * test: add test file for vaults.go * maintenance: remove defunct Discord server link * docs: update checks workflow documentation * test: remove obsolete vaults test file * refactor: move version bumping logic to release workflow 2024-12-22 17:01:11 -05:00			`package common`
feature/1115 execute ucan token (#1177) - deps: remove tigerbeetle-go dependency - refactor: remove unused landing page components and models - feat: add pin and publish vault handlers - refactor: move payment and credential services to webui browser package - refactor: remove unused credentials management components - feat: add landing page components and middleware for credentials and payments - refactor: remove unused imports in vault config - refactor: remove unused bank, DID, and DWN gRPC clients - refactor: rename client files and improve code structure - feat: add session middleware helpers and landing page components - feat: add user profile registration flow - feat: Implement WebAuthn registration flow - feat: add error view for users without WebAuthn devices - chore: update htmx to include extensions - refactor: rename pin handler to claim handler and update routes - chore: update import paths after moving UI components and styles - fix: address potential server errors by handling and logging them properly - refactor: move vault config to gateway package and update related dependencies - style: simplify form styling and remove unnecessary components - feat: improve UI design for registration flow - feat: implement passkey-based authentication - refactor: migrate registration forms to use reusable form components - refactor: remove tailwindcss setup and use CDN instead - style: update submit button style to use outline variant - refactor: refactor server and IPFS client, remove MPC encryption - refactor: Abstract keyshare functionality and improve message encoding - refactor: improve keyset JSON marshaling and error handling - feat: add support for digital signatures using MPC keys - fix: Refactor MarshalJSON to use standard json.Marshal for Message serialization - fix: Encode messages before storing in keyshare structs - style: update form input styles for improved user experience - refactor: improve code structure in registration handlers - refactor: consolidate signer middleware and IPFS interaction - refactor: rename MPC signing and refresh protocol functions - refactor: update hway configuration loading mechanism - feat: integrate database support for sessions and users - refactor: remove devnet infrastructure and simplify build process - docs(guides): add Sonr DID module guide - feat: integrate progress bar into registration form - refactor: migrate WebAuthn dependencies to protocol package - feat: enhance user registration with passkey integration and improved form styling - refactor: move gateway view handlers to internal pages package - refactor: Move address package to MPC module - feat: integrate turnstile for registration - style: remove unnecessary size attribute from buttons - refactor: rename cookie package to session/cookie - refactor: remove unnecessary types.Session dependency - refactor: rename pkg/core to pkg/chain - refactor: simplify deployment process by removing testnet-specific Taskfile and devbox configuration - feat: add error redirect functionality and improve routes - feat: implement custom error handling for gateway - chore: update version number to 0.0.7 in template - feat: add IPFS client implementation - feat: Implement full IPFS client interface with comprehensive methods - refactor: improve IPFS client path handling - refactor: Move UCAN middleware to controller package - feat: add UCAN middleware to motr - refactor: update libp2p dependency - docs: add UCAN specification document - refactor: move UCAN controller logic to common package - refactor: rename exports.go to common.go - feat: add UCAN token support - refactor: migrate UCAN token parsing to dedicated package - refactor: improve CometBFT and app config initialization - refactor: improve deployment scripts and documentation - feat: integrate IPFS and producer middleware - refactor: rename agent directory to aider - fix: correct libp2p import path - refactor: remove redundant dependency - cleanup: remove unnecessary test files - refactor: move attention types to crypto/ucan package - feat: expand capabilities and resource types for UCANs - refactor: rename sonr.go to codec.go and update related imports - feat: add IPFS-based token store - feat: Implement IPFS-based token store with caching and UCAN integration - feat: Add dynamic attenuation constructor for UCAN presets - fix: Handle missing or invalid attenuation data with EmptyAttenuation - fix: Update UCAN attenuation tests with correct capability types - feat: integrate UCAN-based authorization into the producer middleware - refactor: remove unused dependency on go-ucan - refactor: Move address handling logic to DID module - feat: Add support for compressed and uncompressed Secp256k1 public keys in didkey - test: Add test for generating DID key from MPC keyshares - feat: Add methods for extracting compressed and uncompressed public keys in share types - feat: Add BaseKeyshare struct with public key conversion methods - refactor: Use compressed and uncompressed public keys in keyshare, fix public key usage in tests and verification - feat: add support for key generation policy type - fix: correct typo in VaultPermissions constant - refactor: move JWT related code to ucan package - refactor: move UCAN JWT and source code to spec package 2024-12-05 20:36:58 -05:00
			`import (`
			`"encoding/base64"`
			`"net/http"`
			`"time"`

			`"github.com/labstack/echo/v4"`
			`)`

			`// CookieKey is a type alias for string.`
			`type CookieKey string`

			`const (`
			`// SessionID is the key for the session ID cookie.`
			`SessionID CookieKey = "session.id"`

			`// SessionChallenge is the key for the session challenge cookie.`
			`SessionChallenge CookieKey = "session.challenge"`

			`// SessionRole is the key for the session role cookie.`
			`SessionRole CookieKey = "session.role"`

			`// SonrAddress is the key for the Sonr address cookie.`
			`SonrAddress CookieKey = "sonr.address"`

			`// SonrDID is the key for the Sonr DID cookie.`
			`SonrDID CookieKey = "sonr.did"`

			`// UserAvatar is the key for the User Avatar cookie.`
			`UserAvatar CookieKey = "user.avatar"`

			`// UserHandle is the key for the User Handle cookie.`
			`UserHandle CookieKey = "user.handle"`

			`// UserName is the key for the User Name cookie.`
			`UserName CookieKey = "user.full_name"`

			`// VaultAddress is the key for the Vault address cookie.`
			`VaultAddress CookieKey = "vault.address"`

			`// VaultCID is the key for the Vault CID cookie.`
			`VaultCID CookieKey = "vault.cid"`

			`// VaultSchema is the key for the Vault schema cookie.`
			`VaultSchema CookieKey = "vault.schema"`
			`)`

			`// String returns the string representation of the CookieKey.`
			`func (c CookieKey) String() string {`
			`return string(c)`
			`}`

			`// ╭───────────────────────────────────────────────────────────╮`
			`// │ Utility Methods │`
			`// ╰───────────────────────────────────────────────────────────╯`

			`func CookieExists(c echo.Context, key CookieKey) bool {`
			`ck, err := c.Cookie(key.String())`
			`if err != nil {`
			`return false`
			`}`
			`return ck != nil`
			`}`

			`func ReadCookie(c echo.Context, key CookieKey) (string, error) {`
			`cookie, err := c.Cookie(key.String())`
			`if err != nil {`
			`// Cookie not found or other error`
			`return "", err`
			`}`
			`if cookie == nil \|\| cookie.Value == "" {`
			`// Cookie is empty`
			`return "", http.ErrNoCookie`
			`}`
			`return cookie.Value, nil`
			`}`

			`func ReadCookieBytes(c echo.Context, key CookieKey) ([]byte, error) {`
			`cookie, err := c.Cookie(key.String())`
			`if err != nil {`
			`// Cookie not found or other error`
			`return nil, err`
			`}`
			`if cookie == nil \|\| cookie.Value == "" {`
			`// Cookie is empty`
			`return nil, http.ErrNoCookie`
			`}`
			`return base64.RawURLEncoding.DecodeString(cookie.Value)`
			`}`

			`func ReadCookieUnsafe(c echo.Context, key CookieKey) string {`
			`ck, err := c.Cookie(key.String())`
			`if err != nil {`
			`return ""`
			`}`
			`return ck.Value`
			`}`

			`func WriteCookie(c echo.Context, key CookieKey, value string) error {`
			`cookie := &http.Cookie{`
			`Name: key.String(),`
			`Value: value,`
			`Expires: time.Now().Add(24 * time.Hour),`
			`HttpOnly: true,`
			`Path: "/",`
			`// Add Secure and SameSite attributes as needed`
			`}`
			`c.SetCookie(cookie)`
			`return nil`
			`}`

			`func WriteCookieBytes(c echo.Context, key CookieKey, value []byte) error {`
			`cookie := &http.Cookie{`
			`Name: key.String(),`
			`Value: base64.RawURLEncoding.EncodeToString(value),`
			`Expires: time.Now().Add(24 * time.Hour),`
			`HttpOnly: true,`
			`Path: "/",`
			`// Add Secure and SameSite attributes as needed`
			`}`
			`c.SetCookie(cookie)`
			`return nil`
			`}`