Envelope/Backend/Api/Auth/Session.go

package Auth

import (
	"errors"
	"net/http"

	"git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
)

func CheckCookie(r *http.Request) (Database.Session, error) {
	var (
		c            *http.Cookie
		sessionToken string
		userSession  Database.Session
		err          error
	)

	c, err = r.Cookie("session_token")
	if err != nil {
		return userSession, err
	}
	sessionToken = c.Value

	// We then get the session from our session map
	userSession, err = Database.GetSessionByID(sessionToken)
	if err != nil {
		return userSession, errors.New("Cookie not found")
	}

	// If the session is present, but has expired, we can delete the session, and return
	// an unauthorized status
	if userSession.IsExpired() {
		(&userSession).DeleteSession()
		return userSession, errors.New("Cookie expired")
	}

	return userSession, nil
}

func CheckCookieCurrentUser(w http.ResponseWriter, r *http.Request) (Database.User, error) {
	var (
		session  Database.Session
		userData Database.User
		err      error
	)

	session, err = CheckCookie(r)
	if err != nil {
		return userData, err
	}

	return session.User, nil
}