Fixing logout function error handling

loopholelabs · Jan 31, 2023 · 21b0de1 · 21b0de1
1 parent f78847c
commit 21b0de1
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 15 deletions.
diff --git a/internal/api/v1/v1.go b/internal/api/v1/v1.go
@@ -99,13 +99,13 @@ func (v *V1) App() *fiber.App {
 func (v *V1) Logout(ctx *fiber.Ctx) error {
 	v.logger.Debug().Msgf("received Logout from %s", ctx.IP())
 
-	err := v.options.Controller().LogoutSession(ctx)
-	if err != nil {
+	cont, err := v.options.Controller().LogoutSession(ctx)
+	if !cont {
 		return err
 	}
 
-	err = v.options.Controller().LogoutServiceSession(ctx)
-	if err != nil {
+	cont, err = v.options.Controller().LogoutServiceSession(ctx)
+	if !cont {
 		return err
 	}
 

diff --git a/internal/controller/controller.go b/internal/controller/controller.go
@@ -506,56 +506,56 @@ func (m *Controller) GetServiceSessionFromContext(ctx *fiber.Ctx) (*servicesessi
 	return sess, nil
 }
 
-func (m *Controller) LogoutSession(ctx *fiber.Ctx) error {
+func (m *Controller) LogoutSession(ctx *fiber.Ctx) (bool, error) {
 	cookie := ctx.Cookies(CookieKeyString)
 	if cookie != "" {
 		sess, err := m.getSession(ctx, cookie)
 		if sess == nil {
-			return err
+			return false, err
 		}
 		err = m.storage.DeleteSession(ctx.Context(), sess.ID)
 		if err != nil {
 			m.logger.Error().Err(err).Msg("failed to delete session")
-			return ctx.Status(fiber.StatusInternalServerError).SendString("failed to delete session")
+			return false, ctx.Status(fiber.StatusInternalServerError).SendString("failed to delete session")
 		}
 	}
 
 	ctx.ClearCookie(CookieKeyString)
-	return nil
+	return true, nil
 }
 
-func (m *Controller) LogoutServiceSession(ctx *fiber.Ctx) error {
+func (m *Controller) LogoutServiceSession(ctx *fiber.Ctx) (bool, error) {
 	authHeader := ctx.Request().Header.PeekBytes(AuthorizationHeader)
 	if len(authHeader) > len(BearerHeader) {
 		if !bytes.Equal(authHeader[:len(BearerHeader)], BearerHeader) {
-			return nil
+			return true, nil
 		}
 
 		authHeader = authHeader[len(BearerHeader):]
 		if !bytes.HasPrefix(authHeader, auth.ServiceSessionPrefix) {
-			return nil
+			return true, nil
 		}
 
 		keySplit := bytes.Split(authHeader, KeyDelimiter)
 		if len(keySplit) != 2 {
-			return nil
+			return true, nil
 		}
 
 		keyID := string(keySplit[0])
 		keySecret := keySplit[1]
 
 		sess, err := m.getServiceSession(ctx, keyID, keySecret)
 		if sess == nil {
-			return err
+			return false, err
 		}
 
 		err = m.storage.DeleteServiceSession(ctx.Context(), sess.ID)
 		if err != nil {
 			m.logger.Error().Err(err).Msg("failed to delete service session")
-			return ctx.Status(fiber.StatusInternalServerError).SendString("failed to delete service session")
+			return false, ctx.Status(fiber.StatusInternalServerError).SendString("failed to delete service session")
 		}
 	}
-	return nil
+	return true, nil
 }
 
 func (m *Controller) getSession(ctx *fiber.Ctx, cookie string) (*session.Session, error) {