Skip to content
This repository has been archived by the owner on Oct 30, 2022. It is now read-only.

Commit

Permalink
auth
Browse files Browse the repository at this point in the history
  • Loading branch information
Evvvai committed Mar 8, 2022
1 parent d7f39ff commit 5ae8563
Show file tree
Hide file tree
Showing 7 changed files with 76 additions and 9 deletions.
1 change: 1 addition & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ SESSION_SECRET_KEY=
SESSION_NAME=
STEAM_API_KEY=
PORT=
FRONTEND_URL=

POSTGRES_URL=
POSTGRES_PORT=
Expand Down
3 changes: 3 additions & 0 deletions .vscode/settings.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"nuxt.isNuxtApp": false
}
14 changes: 14 additions & 0 deletions .vscode/tasks.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
"tasks": [
{
"type": "shell",
"label": "Start dev server",
"command": "go run .",
"detail": "go dev",
"problemMatcher": []
}
]
}
33 changes: 32 additions & 1 deletion controller/auth.go
Original file line number Diff line number Diff line change
@@ -1,15 +1,21 @@
package controller

import (
"encoding/json"
"net/http"
"time"

"github.com/robyzzz/csl-backend/config"
"github.com/robyzzz/csl-backend/model"
"github.com/robyzzz/csl-backend/utils"
"github.com/solovev/steam_go"
)

// GET /login - redirect to steam auth and validate user
func Login(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", config.FRONTEND_URL)
w.Header().Set("Access-Control-Allow-Credentials", "true")

opId := steam_go.NewOpenId(r)

switch opId.Mode() {
Expand All @@ -32,7 +38,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
utils.APIErrorRespond(w, utils.NewAPIError(http.StatusInternalServerError, err.Error()))
return
}

config.CreateSessionID(w, r, user.SteamId)
http.Redirect(w, r, config.FRONTEND_URL, http.StatusTemporaryRedirect)
}
Expand All @@ -41,5 +47,30 @@ func Login(w http.ResponseWriter, r *http.Request) {
// GET /logout - Log out from current session
func Logout(w http.ResponseWriter, r *http.Request) {
config.RemoveSessionID(w, r)

c := &http.Cookie{
Name: config.SESSION_NAME,
Value: "",
Path: "/",
Expires: time.Unix(0, 0),

HttpOnly: true,
}

http.SetCookie(w, c)

http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
}

// PUT /auth
func Auth(w http.ResponseWriter, r *http.Request) {
id:= config.GetSessionID(r)

user, err := model.GetSteamUser(id)
if err != nil {
utils.APIErrorRespond(w, utils.NewAPIError(http.StatusUnauthorized, err.Error()))
return
}

json.NewEncoder(w).Encode(user)
}
2 changes: 1 addition & 1 deletion controller/steam_user.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,5 +81,5 @@ func UpdateSteamUser(w http.ResponseWriter, r *http.Request) {
return
}

http.Redirect(w, r, config.FRONTEND_URL, http.StatusTemporaryRedirect)
// http.Redirect(w, r, config.FRONTEND_URL, http.StatusTemporaryRedirect)
}
5 changes: 3 additions & 2 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,9 @@ func setupRouter() {
router.HandleFunc("/", controller.Home)

// auth
router.Handle("/logout", middleware.IsAuthenticated(controller.Logout))
router.Handle("/login", middleware.BeforeLogin(controller.Login))
router.HandleFunc("/login", controller.Login).Methods("GET")
router.HandleFunc("/logout", controller.Logout).Methods("GET")
router.Handle("/auth", middleware.BeforeAuth(controller.Auth)).Methods("PUT", "OPTIONS");

// steam_user (steam data)
router.Handle("/profile", middleware.IsAuthenticated(controller.GetProfile))
Expand Down
27 changes: 22 additions & 5 deletions middleware/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,10 @@ func IsAuthenticated(h func(w http.ResponseWriter, r *http.Request)) http.Handle
next := http.HandlerFunc(h)
return http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", config.FRONTEND_URL)
w.Header().Set("Access-Control-Allow-Origin", "http://localhost:3000")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Header().Set("Access-Control-Allow-Headers","Content-Type,access-control-allow-origin, access-control-allow-headers")

if config.SessionAlreadyExists(r) {
next.ServeHTTP(w, r)
} else {
Expand All @@ -23,16 +25,31 @@ func IsAuthenticated(h func(w http.ResponseWriter, r *http.Request)) http.Handle
})
}

// Used to update steam user data when acessing /login
// If user is already logged in, we update, else we redirect to login page
func BeforeLogin(h func(w http.ResponseWriter, r *http.Request)) http.Handler {
//! not needed
// // Used to update steam user data when acessing /login
// // If user is already logged in, we update, else we redirect to login page
// func BeforeLogin(h func(w http.ResponseWriter, r *http.Request)) http.Handler {
// next := http.HandlerFunc(h)
// return http.HandlerFunc(
// func(w http.ResponseWriter, r *http.Request) {
// if config.SessionAlreadyExists(r) {
// controller.UpdateSteamUser(w, r)
// next.ServeHTTP(w, r)
// } else {
// next.ServeHTTP(w, r)
// }
// })
// }

func BeforeAuth(h func(w http.ResponseWriter, r *http.Request)) http.Handler {
next := http.HandlerFunc(h)
return http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
if config.SessionAlreadyExists(r) {
controller.UpdateSteamUser(w, r)
} else {
next.ServeHTTP(w, r)
} else {
utils.APIErrorRespond(w, utils.NewAPIError(http.StatusUnauthorized, "Unauthorized"))
}
})
}

0 comments on commit 5ae8563

Please sign in to comment.