Compare commits
6 Commits
v0.1.0-alp
...
2a1da08216
| Author | SHA1 | Date | |
|---|---|---|---|
2a1da08216
|
|||
|
ddf06554f8
|
|||
|
54a8292234
|
|||
|
6a974cbbf1
|
|||
|
d5642ccadf
|
|||
|
1f54f60d46
|
35
README.md
35
README.md
@@ -11,6 +11,35 @@ The app is fully open source, lightweight, and can run on small devices like Ras
|
||||
|
||||
## Installation
|
||||
|
||||
### Docker Compose (recommended)
|
||||
1. Download docker-compose.yaml
|
||||
````shell
|
||||
$ curl -L https://git.miaurizius.de/MiauRizius/shap-planner-backend/raw/branch/main/docker-compose.yaml -o docker-compose.yaml
|
||||
````
|
||||
or create it yourself and enter the following content
|
||||
````yaml
|
||||
services:
|
||||
shap-planner:
|
||||
image: git.miaurizius.de/miaurizius/shap-planner-backend:latest
|
||||
container_name: shap-planner
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "8080:8080"
|
||||
environment:
|
||||
- SHAP_JWT_SECRET=SECURE_RANDOM_STRING # Must be at least 32 characters long
|
||||
volumes:
|
||||
- ./appdata:/appdata # To edit your configuration files
|
||||
````
|
||||
|
||||
2. Start the container
|
||||
````shell
|
||||
$ docker compose up -d
|
||||
````
|
||||
|
||||
3. Edit configuration as you like
|
||||
|
||||
### Build from source
|
||||
|
||||
1. Clone the repository:
|
||||
```bash
|
||||
git clone https://git.miaurizius.de/MiauRizius/shap-planner-backend.git
|
||||
@@ -32,9 +61,9 @@ go run main.go
|
||||
## Configuration
|
||||
### Environment Variables
|
||||
|
||||
| Variable | Description | Example |
|
||||
|----------------|-------------------------------------------------------|----------------|
|
||||
| `SHAP-JWT_SECRET` | Secret used to sign JWT tokens | `superrandomsecret123` |
|
||||
| Variable | Description | Example |
|
||||
|-------------------|-------------------------------------------------------|----------------|
|
||||
| `SHAP_JWT_SECRET` | Secret used to sign JWT tokens | `superrandomsecret123` |
|
||||
|
||||
---
|
||||
|
||||
|
||||
11
docker-compose.yaml
Normal file
11
docker-compose.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
services:
|
||||
shap-planner:
|
||||
image: git.miaurizius.de/miaurizius/shap-planner-backend:latest
|
||||
container_name: shap-planner
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "8080:8080"
|
||||
environment:
|
||||
- SHAP_JWT_SECRET=SECURE_RANDOM_STRING # Must be at least 32 characters long
|
||||
volumes:
|
||||
- ./appdata:/appdata # To edit your configuration files
|
||||
@@ -18,17 +18,20 @@ var cfg, _ = config.LoadConfig()
|
||||
func Register(w http.ResponseWriter, r *http.Request) {
|
||||
var user models.User
|
||||
if err := json.NewDecoder(r.Body).Decode(&user); err != nil {
|
||||
log.Println("[api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request body", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
if user.Username == "" || user.Password == "" {
|
||||
log.Println("[api/register] " + r.RemoteAddr + ": Username or Password is empty")
|
||||
http.Error(w, "username and password required", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
hashed, err := auth.HashPassword(user.Password)
|
||||
if err != nil {
|
||||
log.Println("[api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "internal error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
@@ -36,12 +39,14 @@ func Register(w http.ResponseWriter, r *http.Request) {
|
||||
user.ID = utils.GenerateUUID()
|
||||
user.Role = "user"
|
||||
|
||||
if err := storage.AddUser(user); err != nil {
|
||||
if err := storage.AddUser(&user); err != nil {
|
||||
log.Println("[api/register] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "user already exists", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
log.Println("[api/register] " + r.RemoteAddr + ": Successfully created user")
|
||||
}
|
||||
func Login(w http.ResponseWriter, r *http.Request) {
|
||||
var creds struct {
|
||||
@@ -49,36 +54,41 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
Password string `json:"password"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&creds); err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := storage.GetUserByUsername(creds.Username)
|
||||
if err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
if !auth.CheckPasswordHash(creds.Password, user.Password) {
|
||||
println("invalid password")
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": Invalid credentials")
|
||||
http.Error(w, "Invalid credentials", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
secret := []byte(os.Getenv("SHAP_JWT_SECRET"))
|
||||
if len(secret) == 0 {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": Server misconfiguration")
|
||||
http.Error(w, "Server misconfiguration", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
accessToken, err := auth.GenerateJWT(user.ID, user.Role, secret)
|
||||
if err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Could not generate token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
refreshTokenPlain, err := utils.GenerateRefreshToken()
|
||||
if err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "could not generate refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
@@ -88,7 +98,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
deviceInfo := r.Header.Get("User-Agent")
|
||||
|
||||
if err := storage.AddRefreshToken(models.RefreshToken{
|
||||
if err := storage.AddRefreshToken(&models.RefreshToken{
|
||||
ID: refreshID,
|
||||
UserID: user.ID,
|
||||
Token: refreshHash,
|
||||
@@ -97,6 +107,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
CreatedAt: time.Now().Unix(),
|
||||
Revoked: false,
|
||||
}); err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "could not save refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
@@ -114,38 +125,45 @@ func Login(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(resp)
|
||||
err = json.NewEncoder(w).Encode(resp)
|
||||
if err != nil {
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Something went wrong", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": Successfully logged in")
|
||||
}
|
||||
func Logout(w http.ResponseWriter, r *http.Request) {
|
||||
claims := r.Context().Value(auth.UserContextKey).(*auth.Claims)
|
||||
storage.RevokeAllRefreshTokensForUser(claims.UserID)
|
||||
err := storage.RevokeAllRefreshTokensForUser(claims.UserID)
|
||||
if err != nil {
|
||||
log.Println("[api/logout] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(204)
|
||||
}
|
||||
func TestHandler(w http.ResponseWriter, r *http.Request) {
|
||||
claimsRaw := r.Context().Value(auth.UserContextKey)
|
||||
if claimsRaw == nil {
|
||||
http.Error(w, "No claims in context", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
claims, ok := claimsRaw.(*auth.Claims)
|
||||
if !ok {
|
||||
http.Error(w, "Invalid claims", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
claims, _ := utils.IsLoggedIn(w, r)
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
err := json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"user_id": claims.UserID,
|
||||
"role": claims.Role,
|
||||
"msg": "access granted to protected endpoint",
|
||||
})
|
||||
if err != nil {
|
||||
log.Println("[api/ping] " + r.RemoteAddr + ": " + err.Error())
|
||||
return
|
||||
}
|
||||
log.Println("[api/login] " + r.RemoteAddr + ": Successfully tested connection")
|
||||
}
|
||||
func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
var req struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
log.Println("[api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Invalid request", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
@@ -154,6 +172,7 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
tokenRow, err := storage.GetRefreshToken(hashed)
|
||||
if err != nil || tokenRow.Revoked || tokenRow.ExpiresAt < time.Now().Unix() {
|
||||
log.Println("[api/refresh] " + r.RemoteAddr + ": Invalid refresh token")
|
||||
http.Error(w, "Invalid refresh token", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
@@ -167,7 +186,7 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
newExpires := time.Now().Add(7 * 24 * time.Hour).Unix() //7 days
|
||||
newID := utils.GenerateUUID()
|
||||
deviceInfo := r.Header.Get("User-Agent")
|
||||
if err = storage.AddRefreshToken(models.RefreshToken{
|
||||
if err = storage.AddRefreshToken(&models.RefreshToken{
|
||||
ID: newID,
|
||||
UserID: tokenRow.UserID,
|
||||
Token: newHash,
|
||||
@@ -176,6 +195,8 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
Revoked: false,
|
||||
DeviceInfo: deviceInfo,
|
||||
}); err != nil {
|
||||
log.Println("[api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Could not generate new refresh token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -185,6 +206,8 @@ func RefreshToken(w http.ResponseWriter, r *http.Request) {
|
||||
"access_token": accessToken,
|
||||
"refresh_token": newToken,
|
||||
}); err != nil {
|
||||
log.Println("[api/refresh] " + r.RemoteAddr + ": " + err.Error())
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
12
handlers/balance.go
Normal file
12
handlers/balance.go
Normal file
@@ -0,0 +1,12 @@
|
||||
package handlers
|
||||
|
||||
import "net/http"
|
||||
|
||||
func GetBalance(w http.ResponseWriter, r *http.Request) {
|
||||
query := r.URL.Query()
|
||||
userParam := query.Get("user")
|
||||
|
||||
if userParam == "" {
|
||||
|
||||
}
|
||||
}
|
||||
@@ -1,7 +1,71 @@
|
||||
package handlers
|
||||
|
||||
import "net/http"
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"shap-planner-backend/models"
|
||||
"shap-planner-backend/storage"
|
||||
"shap-planner-backend/utils"
|
||||
)
|
||||
|
||||
func GetExpenses(w http.ResponseWriter, r *http.Request) {}
|
||||
func Expenses(w http.ResponseWriter, r *http.Request) {
|
||||
claims, _ := utils.IsLoggedIn(w, r)
|
||||
|
||||
switch r.Method {
|
||||
case http.MethodGet: // -> Get Expenses
|
||||
break
|
||||
case http.MethodPost: // -> Create Expense
|
||||
var body struct {
|
||||
Expense models.Expense `json:"expense"`
|
||||
Shares []models.ExpenseShare `json:"shares"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
|
||||
http.Error(w, "Invalid request body", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if claims.UserID != body.Expense.PayerID { // You cannot create an expense in the name of another user
|
||||
http.Error(w, "Invalid request", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
if body.Expense.ID != "" {
|
||||
http.Error(w, "Invalid request", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
body.Expense.ID = utils.GenerateUUID()
|
||||
for _, share := range body.Shares {
|
||||
if share.ID != "" {
|
||||
http.Error(w, "Invalid request", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
if share.ExpenseID != "" {
|
||||
http.Error(w, "Invalid request", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
share.ExpenseID = body.Expense.ID
|
||||
share.ID = utils.GenerateUUID()
|
||||
err := storage.AddShare(&share)
|
||||
if err != nil {
|
||||
http.Error(w, "Error adding expense", http.StatusBadRequest) // Should never happen
|
||||
return
|
||||
}
|
||||
}
|
||||
err := storage.AddExpense(&body.Expense)
|
||||
if err != nil {
|
||||
http.Error(w, "Error adding expense", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
err = json.NewEncoder(w).Encode(map[string]interface{}{
|
||||
"expense": body.Expense,
|
||||
"shares": body.Shares,
|
||||
})
|
||||
if err != nil {
|
||||
println(err.Error())
|
||||
return
|
||||
}
|
||||
break
|
||||
case http.MethodPut: // -> Update Expense
|
||||
break
|
||||
case http.MethodDelete: // -> Delete Expense
|
||||
}
|
||||
}
|
||||
func AdminPanel(w http.ResponseWriter, r *http.Request) {}
|
||||
|
||||
1
main.go
1
main.go
@@ -12,6 +12,7 @@ func main() {
|
||||
err := storage.InitDB(SERVER.DatabasePath)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return
|
||||
}
|
||||
|
||||
SERVER.Run()
|
||||
|
||||
@@ -8,10 +8,19 @@ type User struct {
|
||||
}
|
||||
|
||||
type Expense struct {
|
||||
ID string `json:"id"`
|
||||
Amount int `json:"amt"`
|
||||
Description string `json:"desc"`
|
||||
|
||||
Payer User `json:"payer"`
|
||||
Debtors []User `json:"debtors"`
|
||||
ID string `json:"id"`
|
||||
PayerID string `json:"payer_id"`
|
||||
Amount int64 `json:"amount"`
|
||||
Title string `json:"title"`
|
||||
Description string `json:"description"`
|
||||
Attachments []string `json:"attachments"`
|
||||
CreatedAt int64 `json:"created_at"`
|
||||
LastUpdatedAt int64 `json:"last_updated_at"`
|
||||
}
|
||||
|
||||
type ExpenseShare struct {
|
||||
ID string `json:"id"`
|
||||
ExpenseID string `json:"expense_id"`
|
||||
UserID string `json:"user_id"`
|
||||
ShareCents int64 `json:"share_cents"`
|
||||
}
|
||||
|
||||
@@ -22,19 +22,23 @@ func InitServer() *Server {
|
||||
err := config.CheckIfExists()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg, err := config.LoadConfig()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
return nil
|
||||
}
|
||||
|
||||
jwtSecret := os.Getenv("SHAP_JWT_SECRET")
|
||||
if jwtSecret == "" {
|
||||
log.Fatal("SHAP_JWT_SECRET environment variable not set.")
|
||||
return nil
|
||||
}
|
||||
if len(jwtSecret) < 32 {
|
||||
log.Fatal("SHAP_JWT_SECRET must be at least 32 characters long.")
|
||||
return nil
|
||||
}
|
||||
|
||||
return &Server{
|
||||
@@ -45,6 +49,7 @@ func InitServer() *Server {
|
||||
}
|
||||
|
||||
func (server *Server) Run() {
|
||||
log.Println("Starting server...")
|
||||
mux := http.NewServeMux()
|
||||
|
||||
// Public
|
||||
@@ -54,7 +59,8 @@ func (server *Server) Run() {
|
||||
mux.HandleFunc("/api/logout", handlers.Logout)
|
||||
|
||||
// Login required
|
||||
mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetExpenses)))
|
||||
mux.Handle("/api/expenses", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.Expenses)))
|
||||
mux.Handle("/api/balance", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.GetBalance)))
|
||||
mux.Handle("/api/ping", auth.AuthMiddleware(server.JWTSecret)(http.HandlerFunc(handlers.TestHandler)))
|
||||
|
||||
// Admin-only
|
||||
|
||||
@@ -2,6 +2,7 @@ package storage
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"shap-planner-backend/models"
|
||||
"strings"
|
||||
@@ -51,14 +52,89 @@ func InitDB(filepath string) error {
|
||||
|
||||
//Create Expenses-Table
|
||||
_, err = DB.Exec(`CREATE TABLE IF NOT EXISTS expenses(
|
||||
id TEXT PRIMARY KEY
|
||||
|
||||
id TEXT PRIMARY KEY,
|
||||
payer_id TEXT NOT NULL,
|
||||
amount_cents INTEGER NOT NULL,
|
||||
title TEXT NOT NULL,
|
||||
description TEXT,
|
||||
attachments TEXT,
|
||||
created_at INTEGER NOT NULL,
|
||||
last_updated_at INTEGER NOT NULL,
|
||||
FOREIGN KEY(payer_id) REFERENCES users(id)
|
||||
)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE TABLE IF NOT EXISTS expense_shares(
|
||||
id TEXT PRIMARY KEY,
|
||||
expense_id TEXT NOT NULL,
|
||||
user_id TEXT NOT NULL,
|
||||
share_cents INTEGER NOT NULL,
|
||||
FOREIGN KEY(user_id) REFERENCES users(id)
|
||||
)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE INDEX IF NOT EXISTS idx_shares_expense ON expense_shares(expense_id)`)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = DB.Exec(`CREATE INDEX IF NOT EXISTS idx_shares_user ON expense_shares(user_id)`)
|
||||
return err
|
||||
}
|
||||
|
||||
// Expenses
|
||||
func AddExpense(expense *models.Expense) error {
|
||||
var attachmentsData interface{}
|
||||
if len(expense.Attachments) > 0 {
|
||||
jsonBytes, err := json.Marshal(expense.Attachments)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
attachmentsData = string(jsonBytes)
|
||||
} else {
|
||||
attachmentsData = nil
|
||||
}
|
||||
_, err := DB.Exec(`INSERT INTO expenses(id, payer_id, amount_cents, title, description, attachments, created_at, last_updated_at) VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
|
||||
expense.ID,
|
||||
expense.PayerID,
|
||||
expense.Amount,
|
||||
expense.Title,
|
||||
expense.Description,
|
||||
attachmentsData,
|
||||
expense.CreatedAt,
|
||||
expense.LastUpdatedAt)
|
||||
return err
|
||||
}
|
||||
func UpdateExpense(expense *models.Expense) error {
|
||||
return nil
|
||||
}
|
||||
func DeleteExpense(expense *models.Expense) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// func GetExpenseById(id string) (models.Expense, error) {
|
||||
// return nil, nil
|
||||
// }
|
||||
func GetExpensesByUserId(userId string) ([]models.Expense, error) {
|
||||
return nil, nil
|
||||
}
|
||||
func GetAllExpenses() ([]models.Expense, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// Expense Shares
|
||||
func AddShare(share *models.ExpenseShare) error {
|
||||
_, err := DB.Exec("INSERT INTO expense_shares(id, expense_id, user_id, share_cents) VALUES (?, ?, ?, ?)",
|
||||
share.ID,
|
||||
share.ExpenseID,
|
||||
share.UserID,
|
||||
share.ShareCents)
|
||||
return err
|
||||
}
|
||||
|
||||
// Users
|
||||
func AddUser(user models.User) error {
|
||||
func AddUser(user *models.User) error {
|
||||
_, err := DB.Exec("INSERT INTO users(id, username, password, role) VALUES (?, ?, ?, ?)", user.ID, strings.ToLower(user.Username), user.Password, user.Role)
|
||||
return err
|
||||
}
|
||||
@@ -76,7 +152,7 @@ func GetUserById(id string) (models.User, error) {
|
||||
}
|
||||
|
||||
// Refresh Tokens
|
||||
func AddRefreshToken(token models.RefreshToken) error {
|
||||
func AddRefreshToken(token *models.RefreshToken) error {
|
||||
_, err := DB.Exec("INSERT INTO refresh_tokens(id, user_id, token_hash, expires_at, created_at, revoked, device_info) VALUES (?, ?, ?, ?, ?, ?, ?)",
|
||||
token.ID, token.UserID, token.Token, token.ExpiresAt, token.CreatedAt, token.Revoked, token.DeviceInfo)
|
||||
return err
|
||||
|
||||
@@ -5,6 +5,8 @@ import (
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"net/http"
|
||||
"shap-planner-backend/auth"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
@@ -31,3 +33,17 @@ func HashToken(token string) string {
|
||||
hash := sha256.Sum256([]byte(token))
|
||||
return hex.EncodeToString(hash[:])
|
||||
}
|
||||
func IsLoggedIn(w http.ResponseWriter, r *http.Request) (*auth.Claims, bool) {
|
||||
claimsRaw := r.Context().Value(auth.UserContextKey)
|
||||
if claimsRaw == nil {
|
||||
http.Error(w, "No claims in context", http.StatusUnauthorized)
|
||||
return nil, false
|
||||
}
|
||||
|
||||
claims, ok := claimsRaw.(*auth.Claims)
|
||||
if !ok {
|
||||
http.Error(w, "Invalid claims", http.StatusUnauthorized)
|
||||
return nil, false
|
||||
}
|
||||
return claims, true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user