Passport/pkg/internal/server/exts/auth.go

package exts

import (
	"fmt"
	"git.solsynth.dev/hydrogen/passport/pkg/hyper"
	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
	"github.com/gofiber/fiber/v2"
	"strings"
)

func AuthMiddleware(c *fiber.Ctx) error {
	var atk string
	if cookie := c.Cookies(hyper.CookieAtk); len(cookie) > 0 {
		atk = cookie
	}
	if header := c.Get(fiber.HeaderAuthorization); len(header) > 0 {
		tk := strings.Replace(header, "Bearer", "", 1)
		atk = strings.TrimSpace(tk)
	}
	if tk := c.Query("tk"); len(tk) > 0 {
		atk = strings.TrimSpace(tk)
	}

	c.Locals("p_token", atk)

	rtk := c.Cookies(hyper.CookieRtk)
	if ctx, perms, newAtk, newRtk, err := services.Authenticate(atk, rtk, 0); err == nil {
		if newAtk != atk {
			SetAuthCookies(c, newAtk, newRtk)
		}
		c.Locals("permissions", perms)
		c.Locals("user", ctx.Account)
	}

	return c.Next()
}

func EnsureAuthenticated(c *fiber.Ctx) error {
	if _, ok := c.Locals("user").(models.Account); !ok {
		return fiber.NewError(fiber.StatusUnauthorized)
	}

	return nil
}

func EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error {
	if err := EnsureAuthenticated(c); err != nil {
		return err
	}
	perms := c.Locals("permissions").(map[string]any)
	if !services.HasPermNode(perms, key, val) {
		return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key))
	}
	return nil
}
:recycle: Improve code structure and much easier to read :bug: Fix auth middleware 2024-06-22 05:04:21 +00:00			`package exts`

			`import (`
			`"fmt"`
			`"git.solsynth.dev/hydrogen/passport/pkg/hyper"`
			`"git.solsynth.dev/hydrogen/passport/pkg/internal/models"`
			`"git.solsynth.dev/hydrogen/passport/pkg/internal/services"`
			`"github.com/gofiber/fiber/v2"`
			`"strings"`
			`)`

			`func AuthMiddleware(c *fiber.Ctx) error {`
			`var atk string`
			`if cookie := c.Cookies(hyper.CookieAtk); len(cookie) > 0 {`
			`atk = cookie`
			`}`
			`if header := c.Get(fiber.HeaderAuthorization); len(header) > 0 {`
			`tk := strings.Replace(header, "Bearer", "", 1)`
			`atk = strings.TrimSpace(tk)`
			`}`
:sparkles: Accepts token in querystring 2024-06-22 12:28:58 +00:00			`if tk := c.Query("tk"); len(tk) > 0 {`
			`atk = strings.TrimSpace(tk)`
			`}`
:recycle: Improve code structure and much easier to read :bug: Fix auth middleware 2024-06-22 05:04:21 +00:00
			`c.Locals("p_token", atk)`

			`rtk := c.Cookies(hyper.CookieRtk)`
			`if ctx, perms, newAtk, newRtk, err := services.Authenticate(atk, rtk, 0); err == nil {`
			`if newAtk != atk {`
			`SetAuthCookies(c, newAtk, newRtk)`
			`}`
			`c.Locals("permissions", perms)`
			`c.Locals("user", ctx.Account)`
			`}`

			`return c.Next()`
			`}`

			`func EnsureAuthenticated(c *fiber.Ctx) error {`
			`if _, ok := c.Locals("user").(models.Account); !ok {`
			`return fiber.NewError(fiber.StatusUnauthorized)`
			`}`

			`return nil`
			`}`

			`func EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error {`
			`if err := EnsureAuthenticated(c); err != nil {`
			`return err`
			`}`
			`perms := c.Locals("permissions").(map[string]any)`
			`if !services.HasPermNode(perms, key, val) {`
			`return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key))`
			`}`
			`return nil`
			`}`