diff options
| author | Leonardo Bishop <me@leonardobishop.com> | 2025-08-14 18:07:12 +0100 |
|---|---|---|
| committer | Leonardo Bishop <me@leonardobishop.com> | 2025-08-14 18:07:12 +0100 |
| commit | 4697556cac819c47d068819b9fc9c3b4ea84e279 (patch) | |
| tree | b832d8fc6b643a8b9d0eeca35c1268e1649da731 /api/middleware | |
| parent | dd49c9205bb04844b686b9c3396c40eb49d25826 (diff) | |
Merge confplanner-web and replace fiber with native net/http
Diffstat (limited to 'api/middleware')
| -rw-r--r-- | api/middleware/auth.go | 62 |
1 files changed, 34 insertions, 28 deletions
diff --git a/api/middleware/auth.go b/api/middleware/auth.go index 611276a..eb362b0 100644 --- a/api/middleware/auth.go +++ b/api/middleware/auth.go @@ -1,46 +1,52 @@ package middleware import ( + "context" "errors" + "net/http" "github.com/LMBishop/confplanner/api/dto" + "github.com/LMBishop/confplanner/pkg/session" "github.com/LMBishop/confplanner/pkg/user" - "github.com/gofiber/fiber/v2" - "github.com/gofiber/fiber/v2/middleware/session" ) -func RequireAuthenticated(service user.Service, store *session.Store) fiber.Handler { - return func(c *fiber.Ctx) error { - s, err := store.Get(c) - if err != nil { - return err - } - - if s.Fresh() || len(s.Keys()) == 0 { - return &dto.ErrorResponse{ - Code: fiber.StatusUnauthorized, - Message: "Unauthorized", +func MustAuthenticate(service user.Service, store session.Service) func(http.HandlerFunc) http.HandlerFunc { + return func(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + var sessionToken string + for _, cookie := range r.Cookies() { + if cookie.Name == "confplanner_session" { + sessionToken = cookie.Value + break + } } - } - uid := s.Get("uid").(int32) + s := store.GetByToken(sessionToken) + if s == nil { + dto.WriteDto(w, r, &dto.ErrorResponse{ + Code: http.StatusUnauthorized, + Message: "Unauthorized", + }) + return + } - fetchedUser, err := service.GetUserByID(uid) - if err != nil { - if errors.Is(err, user.ErrUserNotFound) { - s.Destroy() - return &dto.ErrorResponse{ - Code: fiber.StatusUnauthorized, - Message: "Invalid session", + _, err := service.GetUserByID(s.UserID) + if err != nil { + if errors.Is(err, user.ErrUserNotFound) { + store.Destroy(s.SessionID) + dto.WriteDto(w, r, &dto.ErrorResponse{ + Code: http.StatusForbidden, + Message: "Invalid session", + }) + return } - } - return err - } + return + } - c.Locals("uid", uid) - c.Locals("username", fetchedUser.Username) + ctx := context.WithValue(r.Context(), "session", s) - return c.Next() + next(w, r.WithContext(ctx)) + } } } |