This commit is contained in:
ferreo 2024-07-30 20:51:17 +01:00
parent 2dee0c9333
commit ccad5f6a3a
2 changed files with 15 additions and 5 deletions

View File

@ -2,14 +2,28 @@ package handlers_auth
import ( import (
"brunel/auth" "brunel/auth"
"strings"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
) )
func IsLoggedIn(c *fiber.Ctx) error { func IsLoggedIn(c *fiber.Ctx) error {
ok, _ := auth.CheckSessionToken(c.Cookies("pt"))
tokenPlusUsername := c.Cookies("pt")
if tokenPlusUsername == "" {
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
}
split := strings.Split(tokenPlusUsername, ":")
token := split[0]
username := split[1]
ok, suser := auth.CheckSessionToken(token)
if !ok { if !ok {
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized") return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
} }
if suser != username {
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
}
return c.Status(fiber.StatusOK).SendString("Logged in") return c.Status(fiber.StatusOK).SendString("Logged in")
} }

View File

@ -2,7 +2,6 @@ package middleware
import ( import (
"brunel/auth" "brunel/auth"
"fmt"
"strings" "strings"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
@ -11,7 +10,6 @@ import (
func NewAuth() fiber.Handler { func NewAuth() fiber.Handler {
return func(c *fiber.Ctx) error { return func(c *fiber.Ctx) error {
tokenPlusUsername := c.Cookies("pt") tokenPlusUsername := c.Cookies("pt")
fmt.Println("cookie", tokenPlusUsername)
if tokenPlusUsername == "" { if tokenPlusUsername == "" {
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized") return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
} }
@ -21,11 +19,9 @@ func NewAuth() fiber.Handler {
username := split[1] username := split[1]
ok, suser := auth.CheckSessionToken(token) ok, suser := auth.CheckSessionToken(token)
if !ok { if !ok {
fmt.Println("not ok")
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized") return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
} }
if suser != username { if suser != username {
fmt.Println("not suser")
return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized") return c.Status(fiber.StatusUnauthorized).SendString("Unauthorized")
} }