From c00b690bd6f600554a1404e692bd9e4373325d27 Mon Sep 17 00:00:00 2001
From: Leonardo Bishop <me@leonardobishop.com>
Date: Fri, 17 Jan 2025 13:21:24 +0000
Subject: Initial commit

---
 api/middleware/auth.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 api/middleware/auth.go

(limited to 'api/middleware')

diff --git a/api/middleware/auth.go b/api/middleware/auth.go
new file mode 100644
index 0000000..611276a
--- /dev/null
+++ b/api/middleware/auth.go
@@ -0,0 +1,46 @@
+package middleware
+
+import (
+	"errors"
+
+	"github.com/LMBishop/confplanner/api/dto"
+	"github.com/LMBishop/confplanner/pkg/user"
+	"github.com/gofiber/fiber/v2"
+	"github.com/gofiber/fiber/v2/middleware/session"
+)
+
+func RequireAuthenticated(service user.Service, store *session.Store) fiber.Handler {
+	return func(c *fiber.Ctx) error {
+		s, err := store.Get(c)
+		if err != nil {
+			return err
+		}
+
+		if s.Fresh() || len(s.Keys()) == 0 {
+			return &dto.ErrorResponse{
+				Code:    fiber.StatusUnauthorized,
+				Message: "Unauthorized",
+			}
+		}
+
+		uid := s.Get("uid").(int32)
+
+		fetchedUser, err := service.GetUserByID(uid)
+		if err != nil {
+			if errors.Is(err, user.ErrUserNotFound) {
+				s.Destroy()
+				return &dto.ErrorResponse{
+					Code:    fiber.StatusUnauthorized,
+					Message: "Invalid session",
+				}
+			}
+
+			return err
+		}
+
+		c.Locals("uid", uid)
+		c.Locals("username", fetchedUser.Username)
+
+		return c.Next()
+	}
+}
-- 
cgit v1.2.3-70-g09d2