Merge branch 'main' of https://github.com/pektezol/LeastPortalsHub

Former-commit-id: 221385f463b7f5b0fc43a093b2c7c46e68d46d68
author: Nidboj132 <lol2s@vp.plm> 2023-09-05 18:23:11 +0200
committer: Nidboj132 <lol2s@vp.plm> 2023-09-05 18:23:11 +0200
commit: 3869cb67351ccf3bc45b076f31afdc7133292c39 (patch)
tree: dc03341e147dde0964bf6be84b14e13424c647b7 /backend/api/auth.go
parent: added graph and fixed some css (diff)
parent: fix: create map summary, why the fuck does this have to be a pointer integer?? (diff)
download: lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.tar.gz
lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.tar.bz2
lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.zip
1 files changed, 65 insertions, 0 deletions
diff --git a/backend/api/auth.go b/backend/api/auth.go
new file mode 100644
index 0000000..91ef80c
--- /dev/null
+++ b/backend/api/auth.go
@@ -0,0 +1,65 @@
+package api
+import (
+        "fmt"
+        "os"
+        "time"
+        "github.com/gin-gonic/gin"
+        "github.com/golang-jwt/jwt/v4"
+        "github.com/pektezol/leastportalshub/backend/database"
+        "github.com/pektezol/leastportalshub/backend/models"
+)
+func CheckAuth(c *gin.Context) {
+        tokenString := c.GetHeader("Authorization")
+        // Validate token
+        token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+                if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+                        return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+                }
+                return []byte(os.Getenv("SECRET_KEY")), nil
+        })
+        if token == nil {
+                c.Next()
+                return
+        }
+        if err != nil {
+                c.Next()
+                return
+        }
+        if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+                // Check exp
+                if float64(time.Now().Unix()) > claims["exp"].(float64) {
+                        c.Next()
+                        return
+                }
+                // Get user from DB
+                var user models.User
+                database.DB.QueryRow(`SELECT u.steam_id, u.user_name, u.avatar_link, u.country_code, u.created_at, u.updated_at FROM users u WHERE steam_id = $1`, claims["sub"]).Scan(
+                        &user.SteamID, &user.UserName, &user.AvatarLink,
+                        &user.CountryCode, &user.CreatedAt, &user.UpdatedAt)
+                if user.SteamID == "" {
+                        c.Next()
+                        return
+                }
+                // Get user titles from DB
+                var moderator bool
+                user.Titles = []models.Title{}
+                rows, _ := database.DB.Query(`SELECT t.title_name, t.title_color FROM titles t INNER JOIN user_titles ut ON t.id=ut.title_id WHERE ut.user_id = $1`, user.SteamID)
+                for rows.Next() {
+                        var title models.Title
+                        rows.Scan(&title.Name, &title.Color)
+                        if title.Name == "Moderator" {
+                                moderator = true
+                        }
+                        user.Titles = append(user.Titles, title)
+                }
+                c.Set("user", user)
+                c.Set("mod", moderator)
+                c.Next()
+        } else {
+                c.Next()
+                return
+        }
+}
author	Nidboj132 <lol2s@vp.plm>	2023-09-05 18:23:11 +0200
committer	Nidboj132 <lol2s@vp.plm>	2023-09-05 18:23:11 +0200
commit	3869cb67351ccf3bc45b076f31afdc7133292c39 (patch)
tree	dc03341e147dde0964bf6be84b14e13424c647b7 /backend/api/auth.go
parent	added graph and fixed some css (diff)
parent	fix: create map summary, why the fuck does this have to be a pointer integer?? (diff)
download	lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.tar.gz lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.tar.bz2 lphub-3869cb67351ccf3bc45b076f31afdc7133292c39.zip

diff --git a/backend/api/auth.go b/backend/api/auth.go new file mode 100644 index 0000000..91ef80c --- /dev/null +++ b/backend/api/auth.go
@@ -0,0 +1,65 @@
	1	package api
	2
	3	import (
	4	"fmt"
	5	"os"
	6	"time"
	7
	8	"github.com/gin-gonic/gin"
	9	"github.com/golang-jwt/jwt/v4"
	10	"github.com/pektezol/leastportalshub/backend/database"
	11	"github.com/pektezol/leastportalshub/backend/models"
	12	)
	13
	14	func CheckAuth(c *gin.Context) {
	15	tokenString := c.GetHeader("Authorization")
	16	// Validate token
	17	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
	18	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
	19	return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
	20	}
	21	return []byte(os.Getenv("SECRET_KEY")), nil
	22	})
	23	if token == nil {
	24	c.Next()
	25	return
	26	}
	27	if err != nil {
	28	c.Next()
	29	return
	30	}
	31	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
	32	// Check exp
	33	if float64(time.Now().Unix()) > claims["exp"].(float64) {
	34	c.Next()
	35	return
	36	}
	37	// Get user from DB
	38	var user models.User
	39	database.DB.QueryRow(`SELECT u.steam_id, u.user_name, u.avatar_link, u.country_code, u.created_at, u.updated_at FROM users u WHERE steam_id = $1`, claims["sub"]).Scan(
	40	&user.SteamID, &user.UserName, &user.AvatarLink,
	41	&user.CountryCode, &user.CreatedAt, &user.UpdatedAt)
	42	if user.SteamID == "" {
	43	c.Next()
	44	return
	45	}
	46	// Get user titles from DB
	47	var moderator bool
	48	user.Titles = []models.Title{}
	49	rows, _ := database.DB.Query(`SELECT t.title_name, t.title_color FROM titles t INNER JOIN user_titles ut ON t.id=ut.title_id WHERE ut.user_id = $1`, user.SteamID)
	50	for rows.Next() {
	51	var title models.Title
	52	rows.Scan(&title.Name, &title.Color)
	53	if title.Name == "Moderator" {
	54	moderator = true
	55	}
	56	user.Titles = append(user.Titles, title)
	57	}
	58	c.Set("user", user)
	59	c.Set("mod", moderator)
	60	c.Next()
	61	} else {
	62	c.Next()
	63	return
	64	}
	65	}