|
|
- package Auth
-
- import (
- "errors"
- "net/http"
- "time"
-
- "git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
- "git.tovijaeschke.xyz/tovi/Envelope/Backend/Models"
- )
-
- var (
- Sessions = map[string]Session{}
- )
-
- type Session struct {
- UserID string
- Username string
- Expiry time.Time
- }
-
- func (s Session) IsExpired() bool {
- return s.Expiry.Before(time.Now())
- }
-
- func CheckCookie(r *http.Request) (Session, error) {
- var (
- c *http.Cookie
- sessionToken string
- userSession Session
- exists bool
- err error
- )
-
- c, err = r.Cookie("session_token")
- if err != nil {
- return userSession, err
- }
- sessionToken = c.Value
-
- // We then get the session from our session map
- userSession, exists = Sessions[sessionToken]
- if !exists {
- return userSession, errors.New("Cookie not found")
- }
-
- // If the session is present, but has expired, we can delete the session, and return
- // an unauthorized status
- if userSession.IsExpired() {
- delete(Sessions, sessionToken)
- return userSession, errors.New("Cookie expired")
- }
-
- return userSession, nil
- }
-
- func CheckCookieCurrentUser(w http.ResponseWriter, r *http.Request) (Models.User, error) {
- var (
- userSession Session
- userData Models.User
- err error
- )
-
- userSession, err = CheckCookie(r)
- if err != nil {
- return userData, err
- }
-
- userData, err = Database.GetUserById(userSession.UserID)
- if err != nil {
- return userData, err
- }
-
- if userData.ID.String() != userSession.UserID {
- return userData, errors.New("Is not current user")
- }
-
- return userData, nil
- }
|