64 lines
1.8 KiB
Go
64 lines
1.8 KiB
Go
package auth
|
|
|
|
import (
|
|
"database/sql"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/appwrite/sdk-for-go/client"
|
|
"github.com/appwrite/sdk-for-go/users"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type MyUser struct {
|
|
ID string
|
|
Role string
|
|
}
|
|
|
|
type AuthProvider struct {
|
|
AppwriteClient client.Client
|
|
DB *sql.DB
|
|
}
|
|
|
|
func (p *AuthProvider) ValidateSession() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
tokenHeader := c.GetHeader("Authorization")
|
|
token := strings.TrimSpace(strings.TrimPrefix(tokenHeader, "Bearer"))
|
|
if token == "" {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Token ausente"})
|
|
return
|
|
}
|
|
|
|
p.AppwriteClient.SetJWT(token)
|
|
appwriteUsers := users.New(p.AppwriteClient)
|
|
remoteUser, err := appwriteUsers.Get()
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Sessão inválida no IDP"})
|
|
return
|
|
}
|
|
|
|
var userLocal MyUser
|
|
err = p.DB.QueryRow(
|
|
"SELECT id, role FROM users WHERE appwrite_id = $1",
|
|
remoteUser.Id,
|
|
).Scan(&userLocal.ID, &userLocal.Role)
|
|
|
|
if err == sql.ErrNoRows {
|
|
err = p.DB.QueryRow(
|
|
"INSERT INTO users (appwrite_id, email, full_name) VALUES ($1, $2, $3) RETURNING id, role",
|
|
remoteUser.Id,
|
|
remoteUser.Email,
|
|
remoteUser.Name,
|
|
).Scan(&userLocal.ID, &userLocal.Role)
|
|
}
|
|
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "Erro ao sincronizar usuário"})
|
|
return
|
|
}
|
|
|
|
c.Set("user_id", userLocal.ID)
|
|
c.Set("user_role", userLocal.Role)
|
|
c.Next()
|
|
}
|
|
}
|