blob: 77103283cc56f5a2bd6fb07d2cb6113217225bad (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
package auth
import (
"net/http"
"github.com/alexedwards/scs/v2"
)
const SessionKeyUserID = "user_id"
// Middleware provides authentication middleware
type Middleware struct {
sessions *scs.SessionManager
}
// NewMiddleware creates a new auth middleware
func NewMiddleware(sessions *scs.SessionManager) *Middleware {
return &Middleware{sessions: sessions}
}
// RequireAuth redirects to login if not authenticated
func (m *Middleware) RequireAuth(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !m.IsAuthenticated(r) {
http.Redirect(w, r, "/login", http.StatusSeeOther)
return
}
next.ServeHTTP(w, r)
})
}
// IsAuthenticated checks if the current request has a valid session
func (m *Middleware) IsAuthenticated(r *http.Request) bool {
return m.sessions.Exists(r.Context(), SessionKeyUserID)
}
// GetUserID returns the authenticated user's ID from the session
func (m *Middleware) GetUserID(r *http.Request) int64 {
return m.sessions.GetInt64(r.Context(), SessionKeyUserID)
}
// SetUserID sets the user ID in the session (called after successful login)
func (m *Middleware) SetUserID(r *http.Request, userID int64) {
m.sessions.Put(r.Context(), SessionKeyUserID, userID)
}
// ClearSession removes the user ID from the session (called on logout)
func (m *Middleware) ClearSession(r *http.Request) error {
return m.sessions.Destroy(r.Context())
}
|
