You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
79 lines
1.5 KiB
79 lines
1.5 KiB
package Auth
|
|
|
|
import (
|
|
"errors"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.tovijaeschke.xyz/tovi/SuddenImpactRecords/Models"
|
|
"git.tovijaeschke.xyz/tovi/SuddenImpactRecords/Util"
|
|
)
|
|
|
|
var (
|
|
Sessions = map[string]Session{}
|
|
)
|
|
|
|
type Session struct {
|
|
UserID string
|
|
Email string
|
|
Expiry time.Time
|
|
}
|
|
|
|
func (s Session) IsExpired() bool {
|
|
return s.Expiry.Before(time.Now())
|
|
}
|
|
|
|
func CheckCookie(r *http.Request) (Session, error) {
|
|
var (
|
|
c *http.Cookie
|
|
sessionToken string
|
|
userSession Session
|
|
exists bool
|
|
err error
|
|
)
|
|
|
|
c, err = r.Cookie("session_token")
|
|
if err != nil {
|
|
return userSession, err
|
|
}
|
|
sessionToken = c.Value
|
|
|
|
// We then get the session from our session map
|
|
userSession, exists = Sessions[sessionToken]
|
|
if !exists {
|
|
return userSession, errors.New("Cookie not found")
|
|
}
|
|
|
|
// If the session is present, but has expired, we can delete the session, and return
|
|
// an unauthorized status
|
|
if userSession.IsExpired() {
|
|
delete(Sessions, sessionToken)
|
|
return userSession, errors.New("Cookie expired")
|
|
}
|
|
|
|
return userSession, nil
|
|
}
|
|
|
|
func CheckCookieCurrentUser(w http.ResponseWriter, r *http.Request) (Models.User, error) {
|
|
var (
|
|
userSession Session
|
|
userData Models.User
|
|
err error
|
|
)
|
|
|
|
userSession, err = CheckCookie(r)
|
|
if err != nil {
|
|
return userData, err
|
|
}
|
|
|
|
userData, err = Util.GetUserById(w, r)
|
|
if err != nil {
|
|
return userData, err
|
|
}
|
|
|
|
if userData.ID.String() != userSession.UserID {
|
|
return userData, errors.New("Is not current user")
|
|
}
|
|
|
|
return userData, nil
|
|
}
|