fix: セッション認証を廃止

2023-03-24 16:07:33 +09:00 · 2023-03-24 16:07:33 +09:00 · e44d0b545f
parent ec7b01c7ce
commit e44d0b545f
2 changed files with 10 additions and 7 deletions
--- a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt
@ -1,24 +1,27 @@
 package dev.usbharu.hideout.plugins

 import dev.usbharu.hideout.service.IUserAuthService
-import dev.usbharu.hideout.service.UserService
 import io.ktor.server.application.*
 import io.ktor.server.auth.*
 import io.ktor.server.sessions.*
-import kotlin.time.Duration.Companion.days
+import kotlin.collections.set

 data class UserSession(val username: String) : Principal

 const val tokenAuth = "token-auth"

 fun Application.configureSecurity(userAuthService: IUserAuthService) {
-    install(Authentication){
+    install(Authentication) {
        bearer(tokenAuth) {
-            authenticate {
-                bearerTokenCredential ->
+            authenticate { bearerTokenCredential ->
                UserIdPrincipal(bearerTokenCredential.token)
            }
            skipWhen { true }
        }
    }
+//    install(Sessions) {
+//        cookie<UserSession>("MY_SESSION") {
+//            cookie.extensions["SameSite"] = "lax"
+//        }
+//    }
 }
--- a/src/main/kotlin/dev/usbharu/hideout/routing/LoginRouting.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/routing/LoginRouting.kt
@ -15,8 +15,8 @@ fun Application.login(){
            post("/login") {
                println("aaaaaaaaaaaaaaaaaaaaa")
                val principal = call.principal<UserIdPrincipal>()
-                call.sessions.set(UserSession(principal!!.name))
-                call.respondRedirect("/users/${principal.name}")
+//                call.sessions.set(UserSession(principal!!.name))
+                call.respondRedirect("/users/${principal!!.name}")
            }
        }