package middleware import ( "context" "net/http" "git.dustin.coffee/hobokenchicken/dumpsterChat/internal/config" ) type contextKey string const UserContextKey contextKey = "user_id" type SessionStore interface { GetUserIDByToken(ctx context.Context, token string) (string, error) } func Session(store SessionStore, cfg *config.Config) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { cookie, err := r.Cookie(cfg.Session.CookieName) if err != nil { next.ServeHTTP(w, r) return } userID, err := store.GetUserIDByToken(r.Context(), cookie.Value) if err != nil { next.ServeHTTP(w, r) return } ctx := context.WithValue(r.Context(), UserContextKey, userID) next.ServeHTTP(w, r.WithContext(ctx)) }) } } func UserIDFromContext(ctx context.Context) (string, bool) { id, ok := ctx.Value(UserContextKey).(string) return id, ok } func RequireAuth(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if _, ok := UserIDFromContext(r.Context()); !ok { w.WriteHeader(http.StatusUnauthorized) return } next.ServeHTTP(w, r) }) }