From a066062f8b64b2ff7afe19c6ad002f3f28f76bc2 Mon Sep 17 00:00:00 2001
From: Adhityaa <c.adhityaa@gmail.com>
Date: Thu, 7 Jun 2018 13:13:02 +0530
Subject: [PATCH] oauth_google_callback.go: use error to detect auth

---
 api/oauth_google_callback.go | 13 ++++---------
 api/oauth_google_redirect.go | 15 ++++++++-------
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/api/oauth_google_callback.go b/api/oauth_google_callback.go
index 751a39a..2bed513 100644
--- a/api/oauth_google_callback.go
+++ b/api/oauth_google_callback.go
@@ -12,17 +12,12 @@ func googleCallbackHandler(w http.ResponseWriter, r *http.Request) {
 	session := r.FormValue("state")
 	code := r.FormValue("code")
 
-	cs, err := commenterSessionGet(session)
-	if err != nil {
+	_, err := commenterSessionGet(session)
+	if err != nil && err != errorNoSuchSession {
 		fmt.Fprintf(w, "Error: %s\n", err.Error())
 		return
 	}
 
-	if cs.Session != "none" {
-		fmt.Fprintf(w, "Error: %v", errorSessionAlreadyInUse.Error())
-		return
-	}
-
 	token, err := googleConfig.Exchange(oauth2.NoContext, code)
 	if err != nil {
 		fmt.Fprintf(w, "Error: %s", err.Error())
@@ -53,12 +48,12 @@ func googleCallbackHandler(w http.ResponseWriter, r *http.Request) {
 	var commenterHex string
 
 	// TODO: in case of returning users, update the information we have on record?
-	if !exists {
+	if err == errorNoSuchCommenter {
 		var email string
 		if _, ok := user["email"]; ok {
 			email = user["email"].(string)
 		} else {
-			fmt.Fprintf(w, "error: %s", errorInvalidEmail.Error())
+			fmt.Fprintf(w, "Error: %s", errorInvalidEmail.Error())
 			return
 		}
 
diff --git a/api/oauth_google_redirect.go b/api/oauth_google_redirect.go
index 9767324..c81fa98 100644
--- a/api/oauth_google_redirect.go
+++ b/api/oauth_google_redirect.go
@@ -6,16 +6,17 @@ import (
 )
 
 func googleRedirectHandler(w http.ResponseWriter, r *http.Request) {
-	session := r.FormValue("session")
-
-	c, err := commenterGetBySession(session)
-	if err != nil {
-		fmt.Fprintf(w, "error: %s\n", err.Error())
+	if googleConfig == nil {
+		logger.Errorf("google oauth access attempt without configuration")
+		fmt.Fprintf(w, "error: this website has not configured Google OAuth")
 		return
 	}
 
-	if c.CommenterHex != "none" {
-		fmt.Fprintf(w, "error: that session is already in use\n")
+	session := r.FormValue("session")
+
+	_, err := commenterGetBySession(session)
+	if err != nil && err != errorNoSuchSession {
+		fmt.Fprintf(w, "error: %s\n", err.Error())
 		return
 	}