chore: write authenticated user to logs and sentry

routes/api/heartbeat.go

@@ -53,7 +53,7 @@ func (h *HeartbeatApiHandler) RegisterRoutes(router *mux.Router) {
 // @Router /heartbeat [post]
 func (h *HeartbeatApiHandler) Post(w http.ResponseWriter, r *http.Request) {
 	var heartbeats []*models.Heartbeat
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	opSys, editor, _ := utils.ParseUserAgent(r.Header.Get("User-Agent"))
 	machineName := r.Header.Get("X-Machine-Name")
 

routes/api/metrics.go

@@ -68,7 +68,7 @@ func (h *MetricsHandler) RegisterRoutes(router *mux.Router) {
 }
 
 func (h *MetricsHandler) Get(w http.ResponseWriter, r *http.Request) {
-	reqUser := r.Context().Value(models.UserKey).(*models.User)
+	reqUser := middlewares.GetPrincipal(r)
 	if reqUser == nil {
 		w.WriteHeader(http.StatusUnauthorized)
 		w.Write([]byte(conf.ErrUnauthorized))

routes/compat/wakatime/v1/all_time.go

@@ -49,7 +49,7 @@ func (h *AllTimeHandler) Get(w http.ResponseWriter, r *http.Request) {
 	values, _ := url.ParseQuery(r.URL.RawQuery)
 
 	requestedUser := vars["user"]
-	authorizedUser := r.Context().Value(models.UserKey).(*models.User)
+	authorizedUser := middlewares.GetPrincipal(r)
 
 	if requestedUser != authorizedUser.ID && requestedUser != "current" {
 		w.WriteHeader(http.StatusForbidden)

routes/compat/wakatime/v1/stats.go

@@ -45,10 +45,7 @@ func (h *StatsHandler) Get(w http.ResponseWriter, r *http.Request) {
 	var vars = mux.Vars(r)
 	var authorizedUser, requestedUser *models.User
 
-	if u := r.Context().Value(models.UserKey); u != nil {
-		authorizedUser = u.(*models.User)
-	}
-
+	authorizedUser = middlewares.GetPrincipal(r)
 	if authorizedUser != nil && vars["user"] == "current" {
 		vars["user"] = authorizedUser.ID
 	}

routes/compat/wakatime/v1/summaries.go

@@ -56,7 +56,7 @@ func (h *SummariesHandler) RegisterRoutes(router *mux.Router) {
 func (h *SummariesHandler) Get(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	requestedUser := vars["user"]
-	authorizedUser := r.Context().Value(models.UserKey).(*models.User)
+	authorizedUser := middlewares.GetPrincipal(r)
 
 	if requestedUser != authorizedUser.ID && requestedUser != "current" {
 		w.WriteHeader(http.StatusForbidden)
@@ -80,7 +80,7 @@ func (h *SummariesHandler) Get(w http.ResponseWriter, r *http.Request) {
 }
 
 func (h *SummariesHandler) loadUserSummaries(r *http.Request) ([]*models.Summary, error, int) {
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	params := r.URL.Query()
 	rangeParam, startParam, endParam := params.Get("range"), params.Get("start"), params.Get("end")
 

routes/settings.go

@@ -148,7 +148,7 @@ func (h *SettingsHandler) actionUpdateUser(w http.ResponseWriter, r *http.Reques
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 
 	var payload models.UserDataUpdate
 	if err := r.ParseForm(); err != nil {
@@ -176,7 +176,7 @@ func (h *SettingsHandler) actionChangePassword(w http.ResponseWriter, r *http.Re
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 
 	var credentials models.CredentialsReset
 	if err := r.ParseForm(); err != nil {
@@ -223,7 +223,7 @@ func (h *SettingsHandler) actionResetApiKey(w http.ResponseWriter, r *http.Reque
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	if _, err := h.userSrvc.ResetApiKey(user); err != nil {
 		return http.StatusInternalServerError, "", conf.ErrInternalServerError
 	}
@@ -238,7 +238,7 @@ func (h *SettingsHandler) actionUpdateSharing(w http.ResponseWriter, r *http.Req
 	}
 
 	var err error
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 
 	defer h.userSrvc.FlushCache()
 
@@ -265,7 +265,7 @@ func (h *SettingsHandler) actionDeleteAlias(w http.ResponseWriter, r *http.Reque
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	aliasKey := r.PostFormValue("key")
 	aliasType, err := strconv.Atoi(r.PostFormValue("type"))
 	if err != nil {
@@ -285,7 +285,7 @@ func (h *SettingsHandler) actionAddAlias(w http.ResponseWriter, r *http.Request)
 	if h.config.IsDev() {
 		loadTemplates()
 	}
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	aliasKey := r.PostFormValue("key")
 	aliasValue := r.PostFormValue("value")
 	aliasType, err := strconv.Atoi(r.PostFormValue("type"))
@@ -313,7 +313,7 @@ func (h *SettingsHandler) actionDeleteLanguageMapping(w http.ResponseWriter, r *
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	id, err := strconv.Atoi(r.PostFormValue("mapping_id"))
 	if err != nil {
 		return http.StatusInternalServerError, "", "could not delete mapping"
@@ -337,7 +337,7 @@ func (h *SettingsHandler) actionAddLanguageMapping(w http.ResponseWriter, r *htt
 	if h.config.IsDev() {
 		loadTemplates()
 	}
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	extension := r.PostFormValue("extension")
 	language := r.PostFormValue("language")
 
@@ -363,7 +363,7 @@ func (h *SettingsHandler) actionSetWakatimeApiKey(w http.ResponseWriter, r *http
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	apiKey := r.PostFormValue("api_key")
 
 	// Healthcheck, if a new API key is set, i.e. the feature is activated
@@ -383,7 +383,7 @@ func (h *SettingsHandler) actionImportWaktime(w http.ResponseWriter, r *http.Req
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	if user.WakatimeApiKey == "" {
 		return http.StatusForbidden, "", "not connected to wakatime"
 	}
@@ -455,7 +455,7 @@ func (h *SettingsHandler) actionRegenerateSummaries(w http.ResponseWriter, r *ht
 		if err := h.regenerateSummaries(user); err != nil {
 			logbuch.Error("failed to regenerate summaries for user '%s' – %v", user.ID, err)
 		}
-	}(r.Context().Value(models.UserKey).(*models.User))
+	}(middlewares.GetPrincipal(r))
 
 	return http.StatusAccepted, "summaries are being regenerated – this may take a up to a couple of minutes, please come back later", ""
 }
@@ -465,7 +465,7 @@ func (h *SettingsHandler) actionDeleteUser(w http.ResponseWriter, r *http.Reques
 		loadTemplates()
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	go func(user *models.User) {
 		logbuch.Info("deleting user '%s' shortly", user.ID)
 		time.Sleep(5 * time.Minute)
@@ -524,7 +524,7 @@ func (h *SettingsHandler) regenerateSummaries(user *models.User) error {
 }
 
 func (h *SettingsHandler) buildViewModel(r *http.Request) *view.SettingsViewModel {
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	mappings, _ := h.languageMappingSrvc.GetByUser(user.ID)
 	aliases, _ := h.aliasSrvc.GetByUser(user.ID)
 	aliasMap := make(map[string][]*models.Alias)

routes/summary.go

@@ -53,7 +53,7 @@ func (h *SummaryHandler) GetIndex(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	user := r.Context().Value(models.UserKey).(*models.User)
+	user := middlewares.GetPrincipal(r)
 	if user == nil {
 		w.WriteHeader(http.StatusUnauthorized)
 		templates[conf.SummaryTemplate].Execute(w, h.buildViewModel(r).WithError("unauthorized"))