From efdc47d22d72500822d71f772512dfb70e2a5b2f Mon Sep 17 00:00:00 2001 From: Arda Serdar Pektezol <1669855+pektezol@users.noreply.github.com> Date: Sat, 29 Oct 2022 00:38:07 +0300 Subject: cleanup auth check and routes --- backend/controllers/controllers.go | 25 +++++-------------------- backend/middleware/auth.go | 17 +++++------------ backend/routes/routes.go | 11 ++--------- 3 files changed, 12 insertions(+), 41 deletions(-) (limited to 'backend') diff --git a/backend/controllers/controllers.go b/backend/controllers/controllers.go index 79fc223..6a38e8c 100644 --- a/backend/controllers/controllers.go +++ b/backend/controllers/controllers.go @@ -6,7 +6,6 @@ import ( "os" "time" - "github.com/gin-contrib/sessions" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt/v4" "github.com/pektezol/leastportals/backend/database" @@ -14,20 +13,13 @@ import ( ) func Home(c *gin.Context) { - session := sessions.Default(c) - if session.Get("id") == nil { + user, exists := c.Get("user") + if !exists { c.JSON(200, "no id, not auth") } else { - var user *steam_go.PlayerSummaries - user, err := steam_go.GetPlayerSummaries(session.Get("id").(string), os.Getenv("API_KEY")) - if err != nil { - c.JSON(200, "authenticated, but err") - log.Panic(err) - } else { - c.JSON(200, gin.H{ - "output": user, - }) - } + c.JSON(200, gin.H{ + "output": user, + }) } } @@ -95,10 +87,3 @@ func Logout(c *gin.Context) { //c.Redirect(http.StatusPermanentRedirect, "/") } } - -func Validate(c *gin.Context) { - user, _ := c.Get("user") - c.JSON(http.StatusOK, gin.H{ - "output": user, - }) -} diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go index ccd9c22..97bb7ce 100644 --- a/backend/middleware/auth.go +++ b/backend/middleware/auth.go @@ -2,8 +2,6 @@ package middleware import ( "fmt" - "log" - "net/http" "os" "time" @@ -13,12 +11,11 @@ import ( "github.com/pektezol/leastportals/backend/models" ) -func RequireAuth(c *gin.Context) { +func CheckAuth(c *gin.Context) { // Get auth cookie tokenString, err := c.Cookie("auth") if err != nil { - log.Println("RequireAuth: Err getting cookie") - c.AbortWithStatus(http.StatusUnauthorized) + c.Next() return } // Validate token @@ -31,8 +28,7 @@ func RequireAuth(c *gin.Context) { if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { // Check exp if float64(time.Now().Unix()) > claims["exp"].(float64) { - log.Println("RequireAuth: Token expired") - c.AbortWithStatus(http.StatusUnauthorized) // Expired + c.Next() return } // Get user from DB @@ -41,16 +37,13 @@ func RequireAuth(c *gin.Context) { &user.SteamID, &user.Username, &user.AvatarLink, &user.CountryCode, &user.CreatedAt, &user.UpdatedAt, &user.UserType) if user.SteamID == 0 { - log.Println("RequireAuth: No user found on database") - c.AbortWithStatus(http.StatusUnauthorized) + c.Next() return } - // Attach user to request c.Set("user", user) c.Next() } else { - log.Println("RequireAuth: Invalid token") - c.AbortWithStatus(http.StatusUnauthorized) + c.Next() return } } diff --git a/backend/routes/routes.go b/backend/routes/routes.go index 51df115..1f9661c 100644 --- a/backend/routes/routes.go +++ b/backend/routes/routes.go @@ -1,24 +1,17 @@ package routes import ( - "os" - - "github.com/gin-contrib/sessions" - "github.com/gin-contrib/sessions/cookie" "github.com/gin-gonic/gin" "github.com/pektezol/leastportals/backend/controllers" "github.com/pektezol/leastportals/backend/middleware" ) func InitRoutes(router *gin.Engine) { - store := cookie.NewStore([]byte(os.Getenv("SESSION_KEY"))) - router.Use(sessions.Sessions("session", store)) api := router.Group("/api") { v1 := api.Group("/v1") - v1.GET("/", controllers.Home) + v1.GET("/", middleware.CheckAuth, controllers.Home) v1.GET("/login", controllers.Login) - v1.GET("/logout", middleware.RequireAuth, controllers.Logout) - v1.GET("/validate", middleware.RequireAuth, controllers.Validate) + v1.GET("/logout", middleware.CheckAuth, controllers.Logout) } } -- cgit v1.2.3