fix: Cookie-Domain + add domain-flag

domainfix

api/v1/authentication.go

@@ -90,7 +90,7 @@ func (s *Server) loginAuth() http.HandlerFunc {
 			w.WriteHeader(http.StatusUnauthorized)
 			return
 		}
-		cookie, err := s.tokenstore.CreateToken(ctx, "session", user.ID, utils.FormValueBool(r.FormValue("Rememberme")))
+		cookie, err := s.tokenstore.CreateToken(ctx, "session", s.domain, user.ID, utils.FormValueBool(r.FormValue("Rememberme")))
 		if err != nil {
 			span.RecordError(err)
 			span.SetStatus(codes.Error, err.Error())

api/v1/server.go

@@ -27,6 +27,7 @@ var meter = otel.GetMeterProvider().Meter("github.com/led0nk/guestbook/api/v1")
 type Server struct {
 	addr       string
 	mailer     Mailerservice
+	domain     string
 	templates  *templates.TemplateHandler
 	log        zerolog.Logger
 	bookstore  db.GuestBookStore
@@ -37,6 +38,7 @@ type Server struct {
 func NewServer(
 	address string,
 	mailer Mailerservice,
+	domain string,
 	templates *templates.TemplateHandler,
 	logger zerolog.Logger,
 	bStore db.GuestBookStore,
@@ -46,6 +48,7 @@ func NewServer(
 	return &Server{
 		addr:       address,
 		mailer:     mailer,
+		domain:     domain,
 		templates:  templates,
 		log:        logger,
 		bookstore:  bStore,

cmd/server/main.go

@@ -46,13 +46,16 @@ func main() {
 		envStr = flag.String("envvar's",
 			"testdata/.env",
 			"path to .env-file")
+		domain = flag.String("domain",
+			"127.0.0.1",
+			"given domain for cookies/mail")
 		bStore db.GuestBookStore
 		uStore db.UserStore
 		tStore db.TokenStore
 	)
 	flag.Parse()
 	//TODO: bring into func to easily apply flags
-	u, err := url.Parse(utils.DerefString(entryStr))
+	u, err := url.Parse(*entryStr)
 	if err != nil {
 		panic(err)
 	}
@@ -68,7 +71,7 @@ func main() {
 		}).(*jsondb.BookStorage)
 
 	//TODO: bring into func to easily apply flags
-	u, err = url.Parse(utils.DerefString(userStr))
+	u, err = url.Parse(*userStr)
 	if err != nil {
 		panic(err)
 	}
@@ -82,7 +85,7 @@ func main() {
 			return result, nil
 		}).(*jsondb.UserStorage)
 
-	err = godotenv.Load(utils.DerefString(envStr))
+	err = godotenv.Load(*envStr)
 	if err != nil {
 		logger.Error().Err(err).Msg("")
 		panic("bad mailer env")
@@ -124,9 +127,6 @@ func main() {
 	}
 	tStore = tokenStorage
 
-	//protect from nil pointer
-	address := utils.DerefString(addr)
-
 	//create templatehandler
 	templates := templates.NewTemplateHandler()
 	//create mailerservice
@@ -137,6 +137,6 @@ func main() {
 		os.Getenv("HOST"),
 		os.Getenv("PORT"))
 	//create Server
-	server := v1.NewServer(address, mailer, templates, logger, bStore, uStore, tStore)
+	server := v1.NewServer(*addr, mailer, *domain, templates, logger, bStore, uStore, tStore)
 	server.ServeHTTP()
 }

cmd/utils/utilities.go

@@ -12,14 +12,6 @@ import (
 	"github.com/rs/zerolog"
 )
 
-// protection from nil pointers
-func DerefString(s *string) string {
-	if s != nil {
-		return *s
-	}
-	return ""
-}
-
 func CheckFlag(flag *string, logger zerolog.Logger, fn func(string) (interface{}, error)) interface{} {
 	var rStore interface{}
 	u, err := url.Parse(*flag)

internal/database/database.go

@@ -30,7 +30,7 @@ type UserStore interface {
 }
 
 type TokenStore interface {
-	CreateToken(context.Context, string, uuid.UUID, bool) (*http.Cookie, error)
+	CreateToken(context.Context, string, string, uuid.UUID, bool) (*http.Cookie, error)
 	DeleteToken(context.Context, uuid.UUID) error
 	GetTokenValue(context.Context, *http.Cookie) (uuid.UUID, error)
 	Valid(context.Context, string) (bool, error)

internal/database/jsondb/entryhandler.go

@@ -194,10 +194,6 @@ func (b *BookStorage) GetEntryByID(ctx context.Context, id uuid.UUID) ([]*model.
 			entries = append(entries, entry)
 		}
 	}
-	if len(entries) == 0 {
-		return nil, errors.New("no entries found for ")
-
-	}
 	return entries, nil
 }
 

testdata/user.json

@@ -109,6 +109,17 @@
 		"verificationstring": "fVgpyc",
 		"expirationtime": "2024-02-04T18:05:35.224313104+01:00"
 	},
+	"835eaf1a-1dae-423b-bd2c-ba29d0d34858": {
+		"id": "835eaf1a-1dae-423b-bd2c-ba29d0d34858",
+		"email": "[email protected]",
+		"name": "Test Test",
+		"password": "JDJhJDE0JEhQMThVeko0d0xPck1uTnpHZDlaT2V4VVMuSFRlNFlFTHhNLzRHVkk2OUFZMlEyNlZMN2pD",
+		"entry": null,
+		"isadmin": false,
+		"isverified": false,
+		"verificationstring": "9CpScl",
+		"expirationtime": "2024-05-09T02:52:13.029749968+02:00"
+	},
 	"85944b93-a681-4bb1-ad2e-2ebbcf0fd33e": {
 		"id": "85944b93-a681-4bb1-ad2e-2ebbcf0fd33e",
 		"email": "[email protected]",
@@ -131,6 +142,17 @@
 		"verificationstring": "",
 		"expirationtime": "0001-01-01T00:00:00Z"
 	},
+	"8b5fb1e4-523e-4bba-b9c4-5534eae2fcc4": {
+		"id": "8b5fb1e4-523e-4bba-b9c4-5534eae2fcc4",
+		"email": "[email protected]",
+		"name": "Test Nest",
+		"password": "JDJhJDE0JEQ3MEYzdVM0R1U3REJIQ1dFVm5HVk9YOTNkTUU0ZHR0QWZnMGw3TWhSUUtwV2xtSU1lVlku",
+		"entry": null,
+		"isadmin": false,
+		"isverified": false,
+		"verificationstring": "B0V3Ec",
+		"expirationtime": "2024-05-09T02:54:37.808230271+02:00"
+	},
 	"8ccabe3c-c68d-40db-add1-7f25f4b7ba3b": {
 		"id": "8ccabe3c-c68d-40db-add1-7f25f4b7ba3b",
 		"email": "[email protected]",

token/token.go

@@ -34,7 +34,7 @@ func CreateTokenService(secret string) (*TokenStorage, error) {
 	return tokenService, nil
 }
 
-func (t *TokenStorage) CreateToken(ctx context.Context, session string, ID uuid.UUID, remember bool) (*http.Cookie, error) {
+func (t *TokenStorage) CreateToken(ctx context.Context, session string, domain string, ID uuid.UUID, remember bool) (*http.Cookie, error) {
 	var span trace.Span
 	_, span = tracer.Start(ctx, "CreateToken")
 	defer span.End()
@@ -66,6 +66,7 @@ func (t *TokenStorage) CreateToken(ctx context.Context, session string, ID uuid.
 	cookie := http.Cookie{
 		Name:     session,
 		Value:    tokenString,
+		Domain:   domain,
 		Path:     "/",
 		Expires:  expiration,
 		HttpOnly: true,