cup/hooks/auth-check.go

package hooks

import (
	"errors"
	"net/http"
	"os"
	"strconv"
	"strings"

	"git.smarteching.com/goffee/core"
	"git.smarteching.com/goffee/cup/models"
	"git.smarteching.com/goffee/cup/utils"
	"gorm.io/gorm"
)

var CheckSessionCookie core.Hook = func(c *core.Context) {

	pass := true
	token := ""
	usercookie, err := c.GetCookie()
	if err != nil {

	}
	token = usercookie.Token
	if token == "" {
		pass = false
	} else {
		payload, err := c.GetJWT().DecodeToken(token)
		if err != nil {
			pass = false
		} else {

			userAgent := c.GetUserAgent()
			hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(uint(c.CastToInt(payload["userID"])), userAgent)

			cachedToken, err := c.GetCache().Get(hashedCacheKey)
			if err != nil {
				pass = false
			} else if cachedToken != token {
				pass = false
			} else {
				var user models.User
				res := c.GetGorm().Where("id = ?", payload["userID"]).First(&user)
				if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {
					pass = false
				}
			}
		}
	}
	// if have session redirect protected page
	if pass {
		c.Response.Redirect("/appsample").ForceSendResponse()
		return
	}

	c.Next()

}

var AuthCheck core.Hook = func(c *core.Context) {

	// check if template engine is enable
	TemplateEnableStr := os.Getenv("TEMPLATE_ENABLE")
	if TemplateEnableStr == "" {
		TemplateEnableStr = "false"
	}
	TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)

	token := ""

	if TemplateEnable {
		usercookie, err := c.GetCookie()
		if err != nil {

		}
		token = usercookie.Token
		if token == "" {
			c.Response.Redirect("/applogin").ForceSendResponse()
			return
		}

	} else {
		tokenRaw := c.GetHeader("Authorization")
		token = strings.TrimSpace(strings.Replace(tokenRaw, "Bearer", "", 1))
		if token == "" {
			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
				"message": "unauthorized",
			})).ForceSendResponse()
			return
		}
	}

	payload, err := c.GetJWT().DecodeToken(token)
	if err != nil {
		if TemplateEnable {
			c.Response.Redirect("/applogin").ForceSendResponse()
		} else {
			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
				"message": "unauthorized",
			})).ForceSendResponse()
		}
		return
	}
	userAgent := c.GetUserAgent()
	hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(uint(c.CastToInt(payload["userID"])), userAgent)

	cachedToken, err := c.GetCache().Get(hashedCacheKey)
	if err != nil {
		// user signed out
		if TemplateEnable {
			c.Response.Redirect("/applogin").ForceSendResponse()
		} else {
			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
				"message": "unauthorized",
			})).ForceSendResponse()
		}
		return
	}
	if cachedToken != token {
		// using old token replaced with new one after recent signin
		if TemplateEnable {
			c.Response.Redirect("/applogin").ForceSendResponse()
		} else {
			c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{
				"message": "unauthorized",
			})).ForceSendResponse()
		}
		return
	}

	var user models.User
	res := c.GetGorm().Where("id = ?", payload["userID"]).First(&user)
	if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {
		// error with the database
		c.GetLogger().Error(res.Error.Error())
		if TemplateEnable {
			c.Response.Redirect("/applogin").ForceSendResponse()
		} else {
			c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]interface{}{
				"message": "internal error",
			})).ForceSendResponse()
		}
		return
	}

	c.Next()
}
migration 2024-09-15 20:19:30 -04:00			`package hooks`
first commits 3 2024-09-12 19:15:38 -04:00
			`import (`
			`"errors"`
			`"net/http"`
start cookie session 2024-09-30 10:17:24 -04:00			`"os"`
			`"strconv"`
first commits 3 2024-09-12 19:15:38 -04:00			`"strings"`

			`"git.smarteching.com/goffee/core"`
			`"git.smarteching.com/goffee/cup/models"`
			`"git.smarteching.com/goffee/cup/utils"`
			`"gorm.io/gorm"`
			`)`

start cookie session 2024-09-30 10:17:24 -04:00			`var CheckSessionCookie core.Hook = func(c *core.Context) {`

			`pass := true`
			`token := ""`
			`usercookie, err := c.GetCookie()`
			`if err != nil {`

			`}`
			`token = usercookie.Token`
first commits 3 2024-09-12 19:15:38 -04:00			`if token == "" {`
start cookie session 2024-09-30 10:17:24 -04:00			`pass = false`
			`} else {`
			`payload, err := c.GetJWT().DecodeToken(token)`
			`if err != nil {`
			`pass = false`
			`} else {`

			`userAgent := c.GetUserAgent()`
			`hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(uint(c.CastToInt(payload["userID"])), userAgent)`

			`cachedToken, err := c.GetCache().Get(hashedCacheKey)`
			`if err != nil {`
			`pass = false`
			`} else if cachedToken != token {`
			`pass = false`
			`} else {`
			`var user models.User`
			`res := c.GetGorm().Where("id = ?", payload["userID"]).First(&user)`
			`if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {`
			`pass = false`
			`}`
			`}`
			`}`
			`}`
			`// if have session redirect protected page`
			`if pass {`
			`c.Response.Redirect("/appsample").ForceSendResponse()`
first commits 3 2024-09-12 19:15:38 -04:00			`return`
			`}`
start cookie session 2024-09-30 10:17:24 -04:00
			`c.Next()`

			`}`

			`var AuthCheck core.Hook = func(c *core.Context) {`

			`// check if template engine is enable`
			`TemplateEnableStr := os.Getenv("TEMPLATE_ENABLE")`
			`if TemplateEnableStr == "" {`
			`TemplateEnableStr = "false"`
			`}`
			`TemplateEnable, _ := strconv.ParseBool(TemplateEnableStr)`

			`token := ""`

			`if TemplateEnable {`
			`usercookie, err := c.GetCookie()`
			`if err != nil {`

			`}`
			`token = usercookie.Token`
			`if token == "" {`
			`c.Response.Redirect("/applogin").ForceSendResponse()`
			`return`
			`}`

			`} else {`
			`tokenRaw := c.GetHeader("Authorization")`
			`token = strings.TrimSpace(strings.Replace(tokenRaw, "Bearer", "", 1))`
			`if token == "" {`
			`c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{`
			`"message": "unauthorized",`
			`})).ForceSendResponse()`
			`return`
			`}`
			`}`

first commits 3 2024-09-12 19:15:38 -04:00			`payload, err := c.GetJWT().DecodeToken(token)`
			`if err != nil {`
start cookie session 2024-09-30 10:17:24 -04:00			`if TemplateEnable {`
			`c.Response.Redirect("/applogin").ForceSendResponse()`
			`} else {`
			`c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{`
			`"message": "unauthorized",`
			`})).ForceSendResponse()`
			`}`
first commits 3 2024-09-12 19:15:38 -04:00			`return`
			`}`
			`userAgent := c.GetUserAgent()`
			`hashedCacheKey := utils.CreateAuthTokenHashedCacheKey(uint(c.CastToInt(payload["userID"])), userAgent)`

			`cachedToken, err := c.GetCache().Get(hashedCacheKey)`
			`if err != nil {`
			`// user signed out`
start cookie session 2024-09-30 10:17:24 -04:00			`if TemplateEnable {`
			`c.Response.Redirect("/applogin").ForceSendResponse()`
			`} else {`
			`c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{`
			`"message": "unauthorized",`
			`})).ForceSendResponse()`
			`}`
first commits 3 2024-09-12 19:15:38 -04:00			`return`
			`}`
			`if cachedToken != token {`
			`// using old token replaced with new one after recent signin`
start cookie session 2024-09-30 10:17:24 -04:00			`if TemplateEnable {`
			`c.Response.Redirect("/applogin").ForceSendResponse()`
			`} else {`
			`c.Response.SetStatusCode(http.StatusUnauthorized).Json(c.MapToJson(map[string]interface{}{`
			`"message": "unauthorized",`
			`})).ForceSendResponse()`
			`}`
first commits 3 2024-09-12 19:15:38 -04:00			`return`
			`}`

			`var user models.User`
			`res := c.GetGorm().Where("id = ?", payload["userID"]).First(&user)`
			`if res.Error != nil && !errors.Is(res.Error, gorm.ErrRecordNotFound) {`
			`// error with the database`
			`c.GetLogger().Error(res.Error.Error())`
start cookie session 2024-09-30 10:17:24 -04:00			`if TemplateEnable {`
			`c.Response.Redirect("/applogin").ForceSendResponse()`
			`} else {`
			`c.Response.SetStatusCode(http.StatusInternalServerError).Json(c.MapToJson(map[string]interface{}{`
			`"message": "internal error",`
			`})).ForceSendResponse()`
			`}`
first commits 3 2024-09-12 19:15:38 -04:00			`return`
			`}`

			`c.Next()`
			`}`