feat: hCaptcha middleware

internal/auth/oauth_refresh.go

@@ -131,7 +131,7 @@ func (auth *OIDCProvider) setSessionTokenCookie(w http.ResponseWriter, r *http.R
 		logging.Err(err).Msg("failed to sign session token")
 		return
 	}
-	setTokenCookie(w, r, CookieOauthSessionToken, signed, common.APIJWTTokenTTL)
+	SetTokenCookie(w, r, CookieOauthSessionToken, signed, common.APIJWTTokenTTL)
 }
 
 func (auth *OIDCProvider) parseSessionJWT(sessionJWT string) (claims *sessionClaims, valid bool, err error) {

internal/auth/oidc.go

@@ -176,7 +176,7 @@ func (auth *OIDCProvider) LoginHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	state := generateState()
-	setTokenCookie(w, r, CookieOauthState, state, 300*time.Second)
+	SetTokenCookie(w, r, CookieOauthState, state, 300*time.Second)
 	// redirect user to Idp
 	http.Redirect(w, r, auth.oauthConfig.AuthCodeURL(state, optRedirectPostAuth(r)), http.StatusFound)
 }
@@ -301,12 +301,12 @@ func (auth *OIDCProvider) LogoutHandler(w http.ResponseWriter, r *http.Request)
 }
 
 func (auth *OIDCProvider) setIDTokenCookie(w http.ResponseWriter, r *http.Request, jwt string, ttl time.Duration) {
-	setTokenCookie(w, r, CookieOauthToken, jwt, ttl)
+	SetTokenCookie(w, r, CookieOauthToken, jwt, ttl)
 }
 
 func (auth *OIDCProvider) clearCookie(w http.ResponseWriter, r *http.Request) {
-	clearTokenCookie(w, r, CookieOauthToken)
-	clearTokenCookie(w, r, CookieOauthSessionToken)
+	ClearTokenCookie(w, r, CookieOauthToken)
+	ClearTokenCookie(w, r, CookieOauthSessionToken)
 }
 
 // handleTestCallback handles OIDC callback in test environment.
@@ -323,7 +323,7 @@ func (auth *OIDCProvider) handleTestCallback(w http.ResponseWriter, r *http.Requ
 	}
 
 	// Create test JWT token
-	setTokenCookie(w, r, CookieOauthToken, "test", time.Hour)
+	SetTokenCookie(w, r, CookieOauthToken, "test", time.Hour)
 
 	http.Redirect(w, r, "/", http.StatusFound)
 }

internal/auth/userpass.go

@@ -119,7 +119,7 @@ func (auth *UserPassAuth) PostAuthCallbackHandler(w http.ResponseWriter, r *http
 		gphttp.ServerError(w, r, err)
 		return
 	}
-	setTokenCookie(w, r, auth.TokenCookieName(), token, auth.tokenTTL)
+	SetTokenCookie(w, r, auth.TokenCookieName(), token, auth.tokenTTL)
 	w.WriteHeader(http.StatusOK)
 }
 
@@ -128,7 +128,7 @@ func (auth *UserPassAuth) LoginHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func (auth *UserPassAuth) LogoutHandler(w http.ResponseWriter, r *http.Request) {
-	clearTokenCookie(w, r, auth.TokenCookieName())
+	ClearTokenCookie(w, r, auth.TokenCookieName())
 	http.Redirect(w, r, "/", http.StatusFound)
 }
 

internal/auth/utils.go

@@ -44,7 +44,7 @@ func cookieDomain(r *http.Request) string {
 	return strutils.JoinRune(parts, '.')
 }
 
-func setTokenCookie(w http.ResponseWriter, r *http.Request, name, value string, ttl time.Duration) {
+func SetTokenCookie(w http.ResponseWriter, r *http.Request, name, value string, ttl time.Duration) {
 	http.SetCookie(w, &http.Cookie{
 		Name:     name,
 		Value:    value,
@@ -57,7 +57,7 @@ func setTokenCookie(w http.ResponseWriter, r *http.Request, name, value string,
 	})
 }
 
-func clearTokenCookie(w http.ResponseWriter, r *http.Request, name string) {
+func ClearTokenCookie(w http.ResponseWriter, r *http.Request, name string) {
 	http.SetCookie(w, &http.Cookie{
 		Name:     name,
 		Value:    "",