Initial commit
This commit is contained in:
@@ -0,0 +1,50 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
|
||||
"logjensticks/internal/db"
|
||||
)
|
||||
|
||||
const CookieName = "session_token"
|
||||
|
||||
type contextKey string
|
||||
|
||||
const sessionContextKey contextKey = "session"
|
||||
|
||||
// Middleware validates the session cookie on every request. Attach this to
|
||||
// any route that requires authentication.
|
||||
func Middleware(dbc *db.Client) func(http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
cookie, err := r.Cookie(CookieName)
|
||||
if err != nil {
|
||||
writeUnauthorized(w)
|
||||
return
|
||||
}
|
||||
|
||||
session, err := ValidateSession(r.Context(), dbc, cookie.Value)
|
||||
if err != nil {
|
||||
writeUnauthorized(w)
|
||||
return
|
||||
}
|
||||
|
||||
ctx := context.WithValue(r.Context(), sessionContextKey, session)
|
||||
next.ServeHTTP(w, r.WithContext(ctx))
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// SessionFromContext retrieves the validated session attached by Middleware.
|
||||
// Returns nil if called outside an authenticated route.
|
||||
func SessionFromContext(ctx context.Context) *Session {
|
||||
s, _ := ctx.Value(sessionContextKey).(*Session)
|
||||
return s
|
||||
}
|
||||
|
||||
func writeUnauthorized(w http.ResponseWriter) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
w.Write([]byte(`{"success":false,"data":null,"error":{"code":"UNAUTHORIZED","message":"authentication required"}}`))
|
||||
}
|
||||
Reference in New Issue
Block a user