1 files changed, 56 insertions, 0 deletions
diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
new file mode 100644
index 0000000..ccd9c22
--- /dev/null
+++ b/backend/middleware/auth.go
@@ -0,0 +1,56 @@
+package middleware
+import (
+        "fmt"
+        "log"
+        "net/http"
+        "os"
+        "time"
+        "github.com/gin-gonic/gin"
+        "github.com/golang-jwt/jwt/v4"
+        "github.com/pektezol/leastportals/backend/database"
+        "github.com/pektezol/leastportals/backend/models"
+)
+func RequireAuth(c *gin.Context) {
+        // Get auth cookie
+        tokenString, err := c.Cookie("auth")
+        if err != nil {
+                log.Println("RequireAuth: Err getting cookie")
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        // Validate token
+        token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+                if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+                        return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+                }
+                return []byte(os.Getenv("SECRET_KEY")), nil
+        })
+        if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+                // Check exp
+                if float64(time.Now().Unix()) > claims["exp"].(float64) {
+                        log.Println("RequireAuth: Token expired")
+                        c.AbortWithStatus(http.StatusUnauthorized) // Expired
+                        return
+                }
+                // Get user from DB
+                var user models.User
+                database.DB.QueryRow(`SELECT * FROM users WHERE steam_id = $1;`, claims["sub"]).Scan(
+                        &user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
+                        &user.CreatedAt, &user.UpdatedAt, &user.UserType)
+                if user.SteamID == 0 {
+                        log.Println("RequireAuth: No user found on database")
+                        c.AbortWithStatus(http.StatusUnauthorized)
+                        return
+                }
+                // Attach user to request
+                c.Set("user", user)
+                c.Next()
+        } else {
+                log.Println("RequireAuth: Invalid token")
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+}

diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go new file mode 100644 index 0000000..ccd9c22 --- /dev/null +++ b/backend/middleware/auth.go
@@ -0,0 +1,56 @@
	1	package middleware
	2
	3	import (
	4	"fmt"
	5	"log"
	6	"net/http"
	7	"os"
	8	"time"
	9
	10	"github.com/gin-gonic/gin"
	11	"github.com/golang-jwt/jwt/v4"
	12	"github.com/pektezol/leastportals/backend/database"
	13	"github.com/pektezol/leastportals/backend/models"
	14	)
	15
	16	func RequireAuth(c *gin.Context) {
	17	// Get auth cookie
	18	tokenString, err := c.Cookie("auth")
	19	if err != nil {
	20	log.Println("RequireAuth: Err getting cookie")
	21	c.AbortWithStatus(http.StatusUnauthorized)
	22	return
	23	}
	24	// Validate token
	25	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
	26	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
	27	return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
	28	}
	29	return []byte(os.Getenv("SECRET_KEY")), nil
	30	})
	31	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
	32	// Check exp
	33	if float64(time.Now().Unix()) > claims["exp"].(float64) {
	34	log.Println("RequireAuth: Token expired")
	35	c.AbortWithStatus(http.StatusUnauthorized) // Expired
	36	return
	37	}
	38	// Get user from DB
	39	var user models.User
	40	database.DB.QueryRow(`SELECT * FROM users WHERE steam_id = $1;`, claims["sub"]).Scan(
	41	&user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
	42	&user.CreatedAt, &user.UpdatedAt, &user.UserType)
	43	if user.SteamID == 0 {
	44	log.Println("RequireAuth: No user found on database")
	45	c.AbortWithStatus(http.StatusUnauthorized)
	46	return
	47	}
	48	// Attach user to request
	49	c.Set("user", user)
	50	c.Next()
	51	} else {
	52	log.Println("RequireAuth: Invalid token")
	53	c.AbortWithStatus(http.StatusUnauthorized)
	54	return
	55	}
	56	}