I am making a backend using go, the backend should get the google calendar of the user who login in the site using google account. I am using gin to do the routing and sessions from this package github.com/gin-gonic/contrib/sessions
this is my main method
func main() {
router := gin.Default()
var store = sessions.NewCookieStore([]byte("secret"))
router.Use(sessions.Sessions("goquestsession", store))
router.GET("/", indexHandler)
router.GET("/login", loginHandler)
router.GET("/auth", authHandler)
router.Run("127.0.0.1:9090")
}
login handler makes a new session for the user with random ID and send it to the user
func loginHandler(c *gin.Context) {
state = randToken()
session := sessions.Default(c)
session.Set("state", state)
session.Save()
c.Writer.Write([]byte("<html><title>Golang Google</title> <body> <a href='" + getLoginURL(state) + "'><button>Login with Google!</button> </a> </body></html>"))
}
then I am using the auth handler to test the code and the state and get the calendar
func authHandler(c *gin.Context) {
// Handle the exchange code to initiate a transport.
session := sessions.Default(c)
retrievedState := session.Get("state")
queryState := c.Request.URL.Query().Get("state")
if retrievedState != queryState {
c.AbortWithError(http.StatusUnauthorized, fmt.Errorf("Invalid session state: %s", retrievedState))
return
}
code := c.Request.URL.Query().Get("code")
tok, err := conf.Exchange(oauth2.NoContext, code)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
return
}
client := conf.Client(oauth2.NoContext, tok)
calendarService, _ := calendar.New(client)
list, err := calendarService.CalendarList.List().Do()
if err != nil {
fmt.Println("error")
}
log.Println(list.Items[0].Summary)
c.Status(http.StatusOK)
}
after writing the code I find out that the link of is like this
http://127.0.0.1:9090/auth?state=BuQ8DyhTEgivb6CatcTzJg8sk2Nb6EUStRkdgGVvDRE%3D&code=4/Qit73p0btO0RRM93_YmjlP0Ex2dqDLsP3JVdrnhNE7Y#
now after looking in the package github.com/gin-gonic/contrib/sessions I didn't find a way to just be like this http://127.0.0.1:9090/auth and save the rest of the link somewhere else do I have to keep using URL like this if I am using Gin or there is some other way to make my link look cleaner
I would personally add a route for the calendar, and then save the code to the session and redirect, so the auth handler url is never really visible, it just sends back a redirect to a clean url:
router.GET("/calendar", calendarHandler)
And then do:
func authHandler(c *gin.Context) {
// Handle the exchange code to initiate a transport.
session := sessions.Default(c)
retrievedState := session.Get("state")
queryState := c.Request.URL.Query().Get("state")
if retrievedState != queryState {
c.AbortWithError(http.StatusUnauthorized, fmt.Errorf("Invalid session state: %s", retrievedState))
return
}
code := c.Request.URL.Query().Get("code")
session.Set("code", code)
session.Save()
c.Redirect(http.StatusFound, "/calendar")
}
func calendarHandler(c *gin.Context) {
session := sessions.Default(c)
code := session.Get("code")
tok, err := conf.Exchange(oauth2.NoContext, code)
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
return
}
client := conf.Client(oauth2.NoContext, tok)
calendarService, _ := calendar.New(client)
list, err := calendarService.CalendarList.List().Do()
if err != nil {
fmt.Println("error")
}
log.Println(list.Items[0].Summary)
c.Status(http.StatusOK)
}