From 0a5603b5674697a1d9c7c5b2e7e312d60dee243b Mon Sep 17 00:00:00 2001
From: Kentaro Mizuki <66548698+harsssh@users.noreply.github.com>
Date: Tue, 27 Aug 2024 00:35:53 +0900
Subject: [PATCH] =?UTF-8?q?=E3=82=BB=E3=83=83=E3=82=B7=E3=83=A7=E3=83=B3ID?=
 =?UTF-8?q?=E3=81=8C=E6=8C=AF=E3=82=89=E3=82=8C=E3=81=A6=E3=81=84=E3=81=9F?=
 =?UTF-8?q?=E3=82=89,=20ALREADY=5FSIGNED=5FIN=20=E3=82=92=E8=BF=94?=
 =?UTF-8?q?=E3=81=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/app/handler/auth/handler.go | 44 +++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 3 deletions(-)

diff --git a/backend/app/handler/auth/handler.go b/backend/app/handler/auth/handler.go
index da53016..d513e75 100644
--- a/backend/app/handler/auth/handler.go
+++ b/backend/app/handler/auth/handler.go
@@ -4,6 +4,7 @@ import (
 	"connectrpc.com/connect"
 	"context"
 	"errors"
+	"github.com/google/uuid"
 	"net/http"
 	authv1 "sudoku/gen/sudoku/auth/v1"
 	authS "sudoku/service/auth"
@@ -29,6 +30,39 @@ func convertProvider(provider authv1.OAuthProvider) (authS.OAuthProvider, error)
 }
 
 func (h *Handler) SignIn(ctx context.Context, req *connect.Request[authv1.SignInRequest]) (*connect.Response[authv1.SignInResponse], error) {
+	var cookies []*http.Cookie
+
+	sessionCookie := req.Header().Get(SessionCookieName)
+	if sessionCookie != "" {
+		// 無効なセッションクッキーを削除させる用
+		c := http.Cookie{
+			Name:   SessionCookieName,
+			MaxAge: -1,
+		}
+
+		sessionID, err := uuid.Parse(sessionCookie)
+		if err != nil {
+			// サインイン処理は継続
+			cookies = append(cookies, &c)
+		} else {
+			output, err := h.authService.ValidateSession(authS.ValidateSessionInput{
+				SessionID: sessionID,
+			})
+			if err != nil {
+				return nil, connect.NewError(connect.CodeInternal, err)
+			}
+
+			if output.IsValid {
+				return connect.NewResponse(&authv1.SignInResponse{
+					Status: authv1.SignInStatus_SIGN_IN_STATUS_ALREADY_SIGNED_IN,
+				}), nil
+			}
+
+			// サインイン処理は継続
+			cookies = append(cookies, &c)
+		}
+	}
+
 	provider, err := convertProvider(req.Msg.Provider)
 	if err != nil {
 		return nil, connect.NewError(connect.CodeInvalidArgument, err)
@@ -42,18 +76,22 @@ func (h *Handler) SignIn(ctx context.Context, req *connect.Request[authv1.SignIn
 
 	res := connect.NewResponse(&authv1.SignInResponse{
 		AuthorizationUrl: output.AuthorizationURL,
+		Status:           authv1.SignInStatus_SIGN_IN_STATUS_REQUIRES_SIGNING_IN,
 	})
 
+	// Cookie として返していいのか?
 	// TODO: セキュリティを考慮して属性を追加
 	// Secure を付けたいが, 開発環境で cookie が送られなくて困りそう
 	// SameSite: strict だとコールバックに cookie が送られなさそう
-	cookie := http.Cookie{
+	cookies = append(cookies, &http.Cookie{
 		Name:     "state_jwt",
 		Value:    output.StateJWT,
 		HttpOnly: true,
+	})
+
+	for _, cookie := range cookies {
+		res.Header().Set("Set-Cookie", cookie.String())
 	}
-	// Cookie として返していいのか?
-	res.Header().Set("Set-Cookie", cookie.String())
 
 	return res, nil
 }