auth finished

2026-04-19 15:30:05 +00:00 · 2024-09-06 22:56:08 +02:00
parent b1be8502c9
commit f26529b1a3
11 changed files with 397 additions and 35 deletions
--- a/proxy/middleware.go
+++ b/proxy/middleware.go
@@ -20,7 +20,7 @@ func AuthMiddleware(next http.Handler) http.Handler {

 		user, err := GetUserByCookie(cookie.Value)
 		if err != nil || cookie.Value == "" {
-			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
 			return
 		}

@@ -43,10 +43,13 @@ func CookieMiddleware(next http.Handler) http.Handler {
 				HttpOnly: true,
 				Secure:   true,
 				Path:     "/",
+				Domain:   ".illegalesachen.download",
+				SameSite: http.SameSiteLaxMode,
 			}

 			http.SetCookie(w, newCookie)
 			cookie = newCookie
+			r.AddCookie(cookie)
 		}

 		ctx := context.WithValue(r.Context(), "cookie", cookie.Value)
@@ -54,6 +57,30 @@ func CookieMiddleware(next http.Handler) http.Handler {
 	})
 }

+func CORS(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		w.Header().Set("Access-Control-Allow-Origin", "https://music.illegalesachen.download")
+		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+		w.Header().Set("Access-Control-Allow-Credentials", "true")
+
+		if r.Method == http.MethodOptions {
+			w.WriteHeader(http.StatusNoContent)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
+
+func Logger(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		fmt.Println(r.URL)
+		next.ServeHTTP(w, r)
+	})
+
+}
+
 func generateRandomString(length int) string {
 	bytes := make([]byte, length)
 	_, err := rand.Read(bytes)