66 lines
1.3 KiB
Go
66 lines
1.3 KiB
Go
package routes
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"log/slog"
|
|
"net/http"
|
|
|
|
"gitea.henriburau.de/haw-lan/cod4watcher/services"
|
|
"gitea.henriburau.de/haw-lan/cod4watcher/views"
|
|
)
|
|
|
|
func OnlyAuthenticatedMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
session, err := getSession(r)
|
|
if err != nil {
|
|
slog.Error("failed to optain session", "err", err)
|
|
}
|
|
|
|
if session != nil {
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
})
|
|
}
|
|
|
|
func AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
session, err := getSession(r)
|
|
username := ""
|
|
if err != nil {
|
|
if !errors.Is(err, http.ErrNoCookie) {
|
|
slog.Error("error getting token", "err", err)
|
|
}
|
|
}
|
|
if session != nil {
|
|
username = session.Username
|
|
}
|
|
|
|
ctx := context.WithValue(r.Context(), views.AuthContext, username)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
})
|
|
}
|
|
|
|
func getSession(r *http.Request) (*services.Session, error) {
|
|
c, err := r.Cookie("session_token")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
sessionToken := c.Value
|
|
|
|
session, err := services.GetSession(sessionToken)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if session.IsExpired() {
|
|
services.RemoveSession(sessionToken)
|
|
return nil, nil
|
|
}
|
|
|
|
return session, nil
|
|
}
|