haopengzhan/noteplace-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
55d4eb2e262ddc8ccee6d751c47dfcdc4e88a3c0
noteplace-server/internal/api/middleware.go
T
haopengzhan f1909da1ad
Go CI / build (push) Failing after 2m42s
Details
Initial commit 
feat: create basic server to manage google oauth, account, sessions, places, attributes and ratings.
2025-09-19 02:43:04 -07:00

49 lines
1.2 KiB
Go
Raw Blame History

package api
import (
"net/http"
"git.pengzhan.dev/noteplace-server/internal/store"
"github.com/gin-gonic/gin"
)
// AuthMiddleware is a Gin middleware for authentication.
func AuthMiddleware(s *store.Store) gin.HandlerFunc {
return func(c *gin.Context) {
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header required"})
c.Abort()
return
}
sessionToken := authHeader
// Assuming the token is directly the session token, not "Bearer <token>"
// If it's "Bearer <token>", you'd need to parse it:
// parts := strings.Split(authHeader, " ")
// if len(parts) != 2 || parts[0] != "Bearer" {
// c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid Authorization header format"})
// c.Abort()
// return
// }
// sessionToken = parts[1]
session, found := s.GetSessionBySessionID(sessionToken)
if !found {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or expired session token"})
c.Abort()
return
}
user, found := s.GetUserByID(session.UserID)
if !found {
c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
c.Abort()
return
}
c.Set("user", user)
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink