2 files changed, 57 insertions, 1 deletions
diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
new file mode 100644
index 0000000..ccd9c22
--- /dev/null
+++ b/backend/middleware/auth.go
@@ -0,0 +1,56 @@
+package middleware
+import (
+        "fmt"
+        "log"
+        "net/http"
+        "os"
+        "time"
+        "github.com/gin-gonic/gin"
+        "github.com/golang-jwt/jwt/v4"
+        "github.com/pektezol/leastportals/backend/database"
+        "github.com/pektezol/leastportals/backend/models"
+)
+func RequireAuth(c *gin.Context) {
+        // Get auth cookie
+        tokenString, err := c.Cookie("auth")
+        if err != nil {
+                log.Println("RequireAuth: Err getting cookie")
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        // Validate token
+        token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+                if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+                        return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
+                }
+                return []byte(os.Getenv("SECRET_KEY")), nil
+        })
+        if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+                // Check exp
+                if float64(time.Now().Unix()) > claims["exp"].(float64) {
+                        log.Println("RequireAuth: Token expired")
+                        c.AbortWithStatus(http.StatusUnauthorized) // Expired
+                        return
+                }
+                // Get user from DB
+                var user models.User
+                database.DB.QueryRow(`SELECT * FROM users WHERE steam_id = $1;`, claims["sub"]).Scan(
+                        &user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
+                        &user.CreatedAt, &user.UpdatedAt, &user.UserType)
+                if user.SteamID == 0 {
+                        log.Println("RequireAuth: No user found on database")
+                        c.AbortWithStatus(http.StatusUnauthorized)
+                        return
+                }
+                // Attach user to request
+                c.Set("user", user)
+                c.Next()
+        } else {
+                log.Println("RequireAuth: Invalid token")
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+}
diff --git a/backend/routes/routes.go b/backend/routes/routes.go
index 9088eb3..51df115 100644
--- a/backend/routes/routes.go
+++ b/backend/routes/routes.go
@@ -7,7 +7,7 @@ import (
        "github.com/gin-contrib/sessions/cookie"
        "github.com/gin-gonic/gin"
        "github.com/pektezol/leastportals/backend/controllers"
-        "github.com/pektezol/leastportals/middleware"
+        "github.com/pektezol/leastportals/backend/middleware"
 )
 func InitRoutes(router *gin.Engine) {

diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go new file mode 100644 index 0000000..ccd9c22 --- /dev/null +++ b/backend/middleware/auth.go
@@ -0,0 +1,56 @@
		1	package middleware
		2
		3	import (
		4	"fmt"
		5	"log"
		6	"net/http"
		7	"os"
		8	"time"
		9
		10	"github.com/gin-gonic/gin"
		11	"github.com/golang-jwt/jwt/v4"
		12	"github.com/pektezol/leastportals/backend/database"
		13	"github.com/pektezol/leastportals/backend/models"
		14	)
		15
		16	func RequireAuth(c *gin.Context) {
		17	// Get auth cookie
		18	tokenString, err := c.Cookie("auth")
		19	if err != nil {
		20	log.Println("RequireAuth: Err getting cookie")
		21	c.AbortWithStatus(http.StatusUnauthorized)
		22	return
		23	}
		24	// Validate token
		25	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
		26	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
		27	return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
		28	}
		29	return []byte(os.Getenv("SECRET_KEY")), nil
		30	})
		31	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
		32	// Check exp
		33	if float64(time.Now().Unix()) > claims["exp"].(float64) {
		34	log.Println("RequireAuth: Token expired")
		35	c.AbortWithStatus(http.StatusUnauthorized) // Expired
		36	return
		37	}
		38	// Get user from DB
		39	var user models.User
		40	database.DB.QueryRow(`SELECT * FROM users WHERE steam_id = $1;`, claims["sub"]).Scan(
		41	&user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
		42	&user.CreatedAt, &user.UpdatedAt, &user.UserType)
		43	if user.SteamID == 0 {
		44	log.Println("RequireAuth: No user found on database")
		45	c.AbortWithStatus(http.StatusUnauthorized)
		46	return
		47	}
		48	// Attach user to request
		49	c.Set("user", user)
		50	c.Next()
		51	} else {
		52	log.Println("RequireAuth: Invalid token")
		53	c.AbortWithStatus(http.StatusUnauthorized)
		54	return
		55	}
		56	}


diff --git a/backend/routes/routes.go b/backend/routes/routes.go index 9088eb3..51df115 100644 --- a/backend/routes/routes.go +++ b/backend/routes/routes.go
@@ -7,7 +7,7 @@ import (
7	"github.com/gin-contrib/sessions/cookie"	7	"github.com/gin-contrib/sessions/cookie"
8	"github.com/gin-gonic/gin"	8	"github.com/gin-gonic/gin"
9	"github.com/pektezol/leastportals/backend/controllers"	9	"github.com/pektezol/leastportals/backend/controllers"
10	"github.com/pektezol/leastportals/middleware"	10	"github.com/pektezol/leastportals/backend/middleware"
11	)	11	)
12		12
13	func InitRoutes(router *gin.Engine) {	13	func InitRoutes(router *gin.Engine) {