establishing initial auth middleware and routes
This commit is contained in:
juancwu
parent
f251f52fa9
commit
5c5ba78a32
6 changed files with 92 additions and 1 deletions
|
|
@ -4,8 +4,23 @@ import (
|
|||
"net/http"
|
||||
|
||||
"git.juancwu.dev/juancwu/budgit/internal/ctxkeys"
|
||||
"git.juancwu.dev/juancwu/budgit/internal/service"
|
||||
)
|
||||
|
||||
// TODO: implement clearing jwt token in auth service
|
||||
|
||||
// AuthMiddleware checks for JWT token and adds user + profile + subscription to context if valid
|
||||
func AuthMiddleware(authService *service.AuthService, userService *service.UserService) func(http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO: get auth cookie and verify value
|
||||
// TODO: fetch user information from database if cookie value is valid
|
||||
// TODO: add user to context if valid
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// RequireGuest ensures request is not authenticated
|
||||
func RequireGuest(next http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -22,3 +37,37 @@ func RequireGuest(next http.HandlerFunc) http.HandlerFunc {
|
|||
next.ServeHTTP(w, r)
|
||||
}
|
||||
}
|
||||
|
||||
// RequireAuth ensures the user is authenticated and has completed onboarding
|
||||
func RequireAuth(next http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
user := ctxkeys.User(r.Context())
|
||||
if user == nil {
|
||||
// For HTMX requests, use HX-Redirect header to force full page redirect
|
||||
if r.Header.Get("HX-Request") == "true" {
|
||||
w.Header().Set("HX-Redirect", "/auth")
|
||||
w.WriteHeader(http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
// For regular requests, use standard redirect
|
||||
http.Redirect(w, r, "/auth", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
// Check if user has completed onboarding
|
||||
// Uses profile.Name as indicator (empty = incomplete onboarding)
|
||||
profile := ctxkeys.Profile(r.Context())
|
||||
if profile.Name == "" && r.URL.Path != "/auth/onboarding" {
|
||||
// User hasn't completed onboarding, redirect to onboarding
|
||||
if r.Header.Get("HX-Request") == "true" {
|
||||
w.Header().Set("HX-Redirect", "/auth/onboarding")
|
||||
w.WriteHeader(http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
http.Redirect(w, r, "/auth/onboarding", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
next.ServeHTTP(w, r)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue