50 lines
978 B
Go
50 lines
978 B
Go
package auth
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
|
|
"git.handmade.network/hmn/hmn/src/config"
|
|
"git.handmade.network/hmn/hmn/src/oops"
|
|
)
|
|
|
|
const AuthCookieName = "HMNToken"
|
|
|
|
type Token struct {
|
|
Username string `json:"username"`
|
|
}
|
|
|
|
// TODO: ENCRYPT THIS
|
|
|
|
func EncodeToken(token Token) string {
|
|
tokenBytes, _ := json.Marshal(token)
|
|
return string(tokenBytes)
|
|
}
|
|
|
|
func DecodeToken(tokenStr string) (Token, error) {
|
|
var token Token
|
|
err := json.Unmarshal([]byte(tokenStr), &token)
|
|
if err != nil {
|
|
// TODO: Is this worthy of an oops error, or should this just be a value handled silently by code?
|
|
return Token{}, oops.New(err, "failed to unmarshal token")
|
|
}
|
|
|
|
return token, nil
|
|
}
|
|
|
|
func NewAuthCookie(username string) *http.Cookie {
|
|
return &http.Cookie{
|
|
Name: AuthCookieName,
|
|
Value: EncodeToken(Token{
|
|
Username: username,
|
|
}),
|
|
|
|
Domain: config.Config.CookieDomain,
|
|
// TODO: Path?
|
|
|
|
// Secure: true,
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteDefaultMode,
|
|
}
|
|
}
|