AuthWithSession performs user authentication with session
(db *gorm.DB, r *http.Request)
| 124 | |
| 125 | // AuthWithSession performs user authentication with session |
| 126 | func AuthWithSession(db *gorm.DB, r *http.Request) (database.User, bool, error) { |
| 127 | var user database.User |
| 128 | |
| 129 | sessionKey, err := GetCredential(r) |
| 130 | if err != nil { |
| 131 | return user, false, pkgErrors.Wrap(err, "getting credential") |
| 132 | } |
| 133 | if sessionKey == "" { |
| 134 | return user, false, nil |
| 135 | } |
| 136 | |
| 137 | var session database.Session |
| 138 | err = db.Where("key = ?", sessionKey).First(&session).Error |
| 139 | |
| 140 | if errors.Is(err, gorm.ErrRecordNotFound) { |
| 141 | return user, false, nil |
| 142 | } else if err != nil { |
| 143 | return user, false, pkgErrors.Wrap(err, "finding session") |
| 144 | } |
| 145 | |
| 146 | if session.ExpiresAt.Before(time.Now()) { |
| 147 | return user, false, nil |
| 148 | } |
| 149 | |
| 150 | err = db.Where("id = ?", session.UserID).First(&user).Error |
| 151 | |
| 152 | if errors.Is(err, gorm.ErrRecordNotFound) { |
| 153 | return user, false, nil |
| 154 | } else if err != nil { |
| 155 | return user, false, pkgErrors.Wrap(err, "finding user from token") |
| 156 | } |
| 157 | |
| 158 | return user, true, nil |
| 159 | } |
| 160 | |
| 161 | func GuestOnly(db *gorm.DB, next http.HandlerFunc) http.HandlerFunc { |
| 162 | return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
no test coverage detected