change ids
This commit is contained in:
matst80
105
pool-server.go
105
pool-server.go
@@ -6,7 +6,6 @@ import (
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"math/rand"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"time"
|
||||
@@ -267,75 +266,64 @@ func (s *PoolServer) HandleCheckout(w http.ResponseWriter, r *http.Request, id C
|
||||
return json.NewEncoder(w).Encode(klarnaOrder)
|
||||
}
|
||||
|
||||
func NewCartId() CartId {
|
||||
// Deprecated: legacy random/time based cart id generator.
|
||||
// Retained for compatibility; new code should prefer canonical CartID path.
|
||||
cid, err := NewCartID()
|
||||
if err != nil {
|
||||
// Fallback to legacy method only if crypto/rand fails
|
||||
id := time.Now().UnixNano() + rand.Int63()
|
||||
return ToCartId(fmt.Sprintf("%d", id))
|
||||
}
|
||||
return CartIDToLegacy(cid)
|
||||
}
|
||||
/*
|
||||
Legacy wrapper NewCartId removed.
|
||||
Use the unified generator in cart_id.go:
|
||||
id, err := NewCartId()
|
||||
or panic-on-error helper:
|
||||
id := MustNewCartId()
|
||||
*/
|
||||
|
||||
func CookieCartIdHandler(fn func(w http.ResponseWriter, r *http.Request, cartId CartId) error) func(w http.ResponseWriter, r *http.Request) error {
|
||||
return func(w http.ResponseWriter, r *http.Request) error {
|
||||
var legacy CartId
|
||||
cookies := r.CookiesNamed("cartid")
|
||||
if len(cookies) == 0 {
|
||||
cid, generated, _, err := CanonicalizeOrLegacy("")
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to generate cart id: %w", err)
|
||||
}
|
||||
legacy = CartIDToLegacy(cid)
|
||||
if generated {
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "cartid",
|
||||
Value: cid.String(),
|
||||
Secure: r.TLS != nil,
|
||||
HttpOnly: true,
|
||||
Path: "/",
|
||||
Expires: time.Now().AddDate(0, 0, 14),
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
w.Header().Set("Set-Cart-Id", cid.String())
|
||||
}
|
||||
var id CartId
|
||||
cookie, err := r.Cookie("cartid")
|
||||
if err != nil || cookie.Value == "" {
|
||||
id = MustNewCartId()
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "cartid",
|
||||
Value: id.String(),
|
||||
Secure: r.TLS != nil,
|
||||
HttpOnly: true,
|
||||
Path: "/",
|
||||
Expires: time.Now().AddDate(0, 0, 14),
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
w.Header().Set("Set-Cart-Id", id.String())
|
||||
} else {
|
||||
raw := cookies[0].Value
|
||||
cid, generated, wasBase62, err := CanonicalizeOrLegacy(raw)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to canonicalize cart id: %w", err)
|
||||
}
|
||||
legacy = CartIDToLegacy(cid)
|
||||
if generated && wasBase62 {
|
||||
parsed, ok := ParseCartId(cookie.Value)
|
||||
if !ok {
|
||||
id = MustNewCartId()
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "cartid",
|
||||
Value: cid.String(),
|
||||
Value: id.String(),
|
||||
Secure: r.TLS != nil,
|
||||
HttpOnly: true,
|
||||
Path: "/",
|
||||
Expires: time.Now().AddDate(0, 0, 14),
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
w.Header().Set("Set-Cart-Id", cid.String())
|
||||
w.Header().Set("Set-Cart-Id", id.String())
|
||||
} else {
|
||||
id = parsed
|
||||
}
|
||||
}
|
||||
// Ownership proxy AFTER id extraction (cookie mode)
|
||||
if ownershipProxyAfterExtraction != nil {
|
||||
if handled, err := ownershipProxyAfterExtraction(legacy, w, r); handled || err != nil {
|
||||
if handled, err := ownershipProxyAfterExtraction(id, w, r); handled || err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return fn(w, r, legacy)
|
||||
return fn(w, r, id)
|
||||
}
|
||||
}
|
||||
|
||||
// Removed leftover legacy block after CookieCartIdHandler (obsolete code referencing cid/legacy)
|
||||
|
||||
func (s *PoolServer) RemoveCartCookie(w http.ResponseWriter, r *http.Request, cartId CartId) error {
|
||||
cartId = NewCartId()
|
||||
// Clear cart cookie (breaking change: do not issue a new legacy id here)
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "cartid",
|
||||
Value: cartId.String(),
|
||||
Value: "",
|
||||
Path: "/",
|
||||
Secure: r.TLS != nil,
|
||||
HttpOnly: true,
|
||||
@@ -349,21 +337,28 @@ func (s *PoolServer) RemoveCartCookie(w http.ResponseWriter, r *http.Request, ca
|
||||
func CartIdHandler(fn func(w http.ResponseWriter, r *http.Request, cartId CartId) error) func(w http.ResponseWriter, r *http.Request) error {
|
||||
return func(w http.ResponseWriter, r *http.Request) error {
|
||||
raw := r.PathValue("id")
|
||||
cid, generated, wasBase62, err := CanonicalizeOrLegacy(raw)
|
||||
if err != nil {
|
||||
return fmt.Errorf("invalid cart id: %w", err)
|
||||
// If no id supplied, generate a new one
|
||||
if raw == "" {
|
||||
id := MustNewCartId()
|
||||
w.Header().Set("Set-Cart-Id", id.String())
|
||||
if ownershipProxyAfterExtraction != nil {
|
||||
if handled, err := ownershipProxyAfterExtraction(id, w, r); handled || err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return fn(w, r, id)
|
||||
}
|
||||
legacy := CartIDToLegacy(cid)
|
||||
if generated && wasBase62 {
|
||||
w.Header().Set("Set-Cart-Id", cid.String())
|
||||
// Parse base62 cart id
|
||||
id, ok := ParseCartId(raw)
|
||||
if !ok {
|
||||
return fmt.Errorf("invalid cart id format")
|
||||
}
|
||||
// Ownership proxy AFTER path id extraction (explicit id mode)
|
||||
if ownershipProxyAfterExtraction != nil {
|
||||
if handled, err := ownershipProxyAfterExtraction(legacy, w, r); handled || err != nil {
|
||||
if handled, err := ownershipProxyAfterExtraction(id, w, r); handled || err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return fn(w, r, legacy)
|
||||
return fn(w, r, id)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user