Mathis/lemma
1
0
Fork 0
mirror of https://github.com/lordmathis/lemma.git synced 2025-11-07 08:24:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Migrate backend auth to cookies

Browse Source
This commit is contained in:
Matúš Námešný
2024-12-05 21:56:35 +01:00
parent b4528c1561
commit de9e9102db
17 changed files with 237 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/internal/app/routes.go
View File

@@ -40,7 +40,8 @@ func setupRouter(o Options) *chi.Mux {
r.Use(cors.Handler(cors.Options{
AllowedOrigins: o.Config.CORSOrigins,
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-Requested-With"},
AllowedHeaders: []string{"Accept", "Content-Type", "X-CSRF-Token"},
ExposedHeaders: []string{"X-CSRF-Token"},
AllowCredentials: true,
MaxAge: 300,
}))
@@ -71,8 +72,8 @@ func setupRouter(o Options) *chi.Mux {
// Public routes (no authentication required)
r.Group(func(r chi.Router) {
r.Post("/auth/login", handler.Login(o.SessionService))
r.Post("/auth/refresh", handler.RefreshToken(o.SessionService))
r.Post("/auth/login", handler.Login(o.SessionService, o.CookieService))
r.Post("/auth/refresh", handler.RefreshToken(o.SessionService, o.CookieService))
})
// Protected routes (authentication required)
@@ -81,7 +82,7 @@ func setupRouter(o Options) *chi.Mux {
r.Use(context.WithUserContextMiddleware)
// Auth routes
r.Post("/auth/logout", handler.Logout(o.SessionService))
r.Post("/auth/logout", handler.Logout(o.SessionService, o.CookieService))
r.Get("/auth/me", handler.GetCurrentUser())
// User profile routes