feat(auth): #154 send verification mails

2024-09-07 22:51:50 +02:00
parent 5172a30781
commit f6aaccc1aa
13 changed files with 353 additions and 100 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -0,0 +1,59 @@
+package middleware
+
+import (
+	"me-fit/utils"
+
+	"context"
+	"database/sql"
+	"net/http"
+)
+
+func EnsureValidSession(db *sql.DB, next http.Handler) http.Handler {
+
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		// handled, redirected := handleSignInAndOutRoutes(db, w, r)
+		// if handled {
+		// 	if !redirected {
+		// 		next.ServeHTTP(w, r)
+		// 	}
+		//
+		// 	return
+		// }
+
+		user := utils.GetUserFromSession(db, r)
+		if user == nil || !user.SessionValid {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		if r.URL.Path != "/auth/verify" && !user.EmailVerified {
+			utils.DoRedirect(w, r, "/auth/verify")
+			return
+		}
+
+		ctx := context.WithValue(r.Context(), utils.ContextKeyUser, user)
+
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
+// func handleSignInAndOutRoutes(db *sql.DB, w http.ResponseWriter, r *http.Request) (bool, bool) {
+// 	if r.URL.Path != "/auth/signin" && r.URL.Path != "/auth/signup" && r.URL.Path != "/api/auth/verify-resend" {
+// 		return false, false
+// 	}
+//
+// 	sessionId := getSessionID(r)
+// 	user := verifySession(db, sessionId)
+// 	if user == nil || !user.SessionValid {
+// 		return true, false
+// 	}
+//
+// 	if user.EmailVerified {
+// 		utils.DoRedirect(w, r, "/")
+// 	} else {
+// 		utils.DoRedirect(w, r, "/auth/verify")
+// 	}
+//
+// 	return true, true
+// }