aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--backend/controllers/controllers.go25
-rw-r--r--backend/middleware/auth.go17
-rw-r--r--backend/routes/routes.go11
3 files changed, 12 insertions, 41 deletions
diff --git a/backend/controllers/controllers.go b/backend/controllers/controllers.go
index 79fc223..6a38e8c 100644
--- a/backend/controllers/controllers.go
+++ b/backend/controllers/controllers.go
@@ -6,7 +6,6 @@ import (
6 "os" 6 "os"
7 "time" 7 "time"
8 8
9 "github.com/gin-contrib/sessions"
10 "github.com/gin-gonic/gin" 9 "github.com/gin-gonic/gin"
11 "github.com/golang-jwt/jwt/v4" 10 "github.com/golang-jwt/jwt/v4"
12 "github.com/pektezol/leastportals/backend/database" 11 "github.com/pektezol/leastportals/backend/database"
@@ -14,20 +13,13 @@ import (
14) 13)
15 14
16func Home(c *gin.Context) { 15func Home(c *gin.Context) {
17 session := sessions.Default(c) 16 user, exists := c.Get("user")
18 if session.Get("id") == nil { 17 if !exists {
19 c.JSON(200, "no id, not auth") 18 c.JSON(200, "no id, not auth")
20 } else { 19 } else {
21 var user *steam_go.PlayerSummaries 20 c.JSON(200, gin.H{
22 user, err := steam_go.GetPlayerSummaries(session.Get("id").(string), os.Getenv("API_KEY")) 21 "output": user,
23 if err != nil { 22 })
24 c.JSON(200, "authenticated, but err")
25 log.Panic(err)
26 } else {
27 c.JSON(200, gin.H{
28 "output": user,
29 })
30 }
31 } 23 }
32} 24}
33 25
@@ -95,10 +87,3 @@ func Logout(c *gin.Context) {
95 //c.Redirect(http.StatusPermanentRedirect, "/") 87 //c.Redirect(http.StatusPermanentRedirect, "/")
96 } 88 }
97} 89}
98
99func Validate(c *gin.Context) {
100 user, _ := c.Get("user")
101 c.JSON(http.StatusOK, gin.H{
102 "output": user,
103 })
104}
diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
index ccd9c22..97bb7ce 100644
--- a/backend/middleware/auth.go
+++ b/backend/middleware/auth.go
@@ -2,8 +2,6 @@ package middleware
2 2
3import ( 3import (
4 "fmt" 4 "fmt"
5 "log"
6 "net/http"
7 "os" 5 "os"
8 "time" 6 "time"
9 7
@@ -13,12 +11,11 @@ import (
13 "github.com/pektezol/leastportals/backend/models" 11 "github.com/pektezol/leastportals/backend/models"
14) 12)
15 13
16func RequireAuth(c *gin.Context) { 14func CheckAuth(c *gin.Context) {
17 // Get auth cookie 15 // Get auth cookie
18 tokenString, err := c.Cookie("auth") 16 tokenString, err := c.Cookie("auth")
19 if err != nil { 17 if err != nil {
20 log.Println("RequireAuth: Err getting cookie") 18 c.Next()
21 c.AbortWithStatus(http.StatusUnauthorized)
22 return 19 return
23 } 20 }
24 // Validate token 21 // Validate token
@@ -31,8 +28,7 @@ func RequireAuth(c *gin.Context) {
31 if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { 28 if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
32 // Check exp 29 // Check exp
33 if float64(time.Now().Unix()) > claims["exp"].(float64) { 30 if float64(time.Now().Unix()) > claims["exp"].(float64) {
34 log.Println("RequireAuth: Token expired") 31 c.Next()
35 c.AbortWithStatus(http.StatusUnauthorized) // Expired
36 return 32 return
37 } 33 }
38 // Get user from DB 34 // Get user from DB
@@ -41,16 +37,13 @@ func RequireAuth(c *gin.Context) {
41 &user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode, 37 &user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
42 &user.CreatedAt, &user.UpdatedAt, &user.UserType) 38 &user.CreatedAt, &user.UpdatedAt, &user.UserType)
43 if user.SteamID == 0 { 39 if user.SteamID == 0 {
44 log.Println("RequireAuth: No user found on database") 40 c.Next()
45 c.AbortWithStatus(http.StatusUnauthorized)
46 return 41 return
47 } 42 }
48 // Attach user to request
49 c.Set("user", user) 43 c.Set("user", user)
50 c.Next() 44 c.Next()
51 } else { 45 } else {
52 log.Println("RequireAuth: Invalid token") 46 c.Next()
53 c.AbortWithStatus(http.StatusUnauthorized)
54 return 47 return
55 } 48 }
56} 49}
diff --git a/backend/routes/routes.go b/backend/routes/routes.go
index 51df115..1f9661c 100644
--- a/backend/routes/routes.go
+++ b/backend/routes/routes.go
@@ -1,24 +1,17 @@
1package routes 1package routes
2 2
3import ( 3import (
4 "os"
5
6 "github.com/gin-contrib/sessions"
7 "github.com/gin-contrib/sessions/cookie"
8 "github.com/gin-gonic/gin" 4 "github.com/gin-gonic/gin"
9 "github.com/pektezol/leastportals/backend/controllers" 5 "github.com/pektezol/leastportals/backend/controllers"
10 "github.com/pektezol/leastportals/backend/middleware" 6 "github.com/pektezol/leastportals/backend/middleware"
11) 7)
12 8
13func InitRoutes(router *gin.Engine) { 9func InitRoutes(router *gin.Engine) {
14 store := cookie.NewStore([]byte(os.Getenv("SESSION_KEY")))
15 router.Use(sessions.Sessions("session", store))
16 api := router.Group("/api") 10 api := router.Group("/api")
17 { 11 {
18 v1 := api.Group("/v1") 12 v1 := api.Group("/v1")
19 v1.GET("/", controllers.Home) 13 v1.GET("/", middleware.CheckAuth, controllers.Home)
20 v1.GET("/login", controllers.Login) 14 v1.GET("/login", controllers.Login)
21 v1.GET("/logout", middleware.RequireAuth, controllers.Logout) 15 v1.GET("/logout", middleware.CheckAuth, controllers.Logout)
22 v1.GET("/validate", middleware.RequireAuth, controllers.Validate)
23 } 16 }
24} 17}
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-08 21:40:00 +0000