From 4820c7696db3c54959258b1a5b00c77e1246cbd7 Mon Sep 17 00:00:00 2001
From: Arda Serdar Pektezol <1669855+pektezol@users.noreply.github.com>
Date: Fri, 6 Jan 2023 23:55:12 +0300
Subject: what the fuck is this mess (#21)

---
 backend/middleware/auth.go | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

(limited to 'backend/middleware/auth.go')

diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
index 21e62e3..b5ad762 100644
--- a/backend/middleware/auth.go
+++ b/backend/middleware/auth.go
@@ -12,12 +12,7 @@ import (
 )
 
 func CheckAuth(c *gin.Context) {
-	// Get auth cookie
-	tokenString, err := c.Cookie("auth")
-	if err != nil {
-		c.Next()
-		return
-	}
+	tokenString := c.GetHeader("Authorization")
 	// Validate token
 	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
 		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
@@ -25,6 +20,14 @@ func CheckAuth(c *gin.Context) {
 		}
 		return []byte(os.Getenv("SECRET_KEY")), nil
 	})
+	if token == nil {
+		c.Next()
+		return
+	}
+	if err != nil {
+		c.Next()
+		return
+	}
 	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
 		// Check exp
 		if float64(time.Now().Unix()) > claims["exp"].(float64) {
@@ -34,8 +37,8 @@ func CheckAuth(c *gin.Context) {
 		// Get user from DB
 		var user models.User
 		database.DB.QueryRow(`SELECT * FROM users WHERE steam_id = $1;`, claims["sub"]).Scan(
-			&user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode,
-			&user.CreatedAt, &user.UpdatedAt, &user.UserType)
+			&user.SteamID, &user.Username, &user.AvatarLink,
+			&user.CountryCode, &user.CreatedAt, &user.UpdatedAt)
 		if user.SteamID == "" {
 			c.Next()
 			return
-- 
cgit v1.2.3