From 831b6f0167b9c1747d128b4a5a648d4de42ff0a9 Mon Sep 17 00:00:00 2001
From: Zach Berwaldt <zberwaldt@tutamail.com>
Date: Thu, 7 Mar 2024 20:20:36 -0500
Subject: Refactor router and middleware packages

- Move middleware functions from `main.go` to `middleware.go` in the `middleware` package.
- Update import statements in `main.go` and use the `router` package instead of the `controllers` package.

```
Refactor router and middleware packages

Move middleware functions from `main.go` to `middleware.go` in the `middleware` package. Update import statements in `main.go` and use the `router` package instead of the `controllers` package.
```
---
 api/internal/middleware/middleware.go | 55 +++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 api/internal/middleware/middleware.go

(limited to 'api/internal/middleware')

diff --git a/api/internal/middleware/middleware.go b/api/internal/middleware/middleware.go
new file mode 100644
index 0000000..819f1e5
--- /dev/null
+++ b/api/internal/middleware/middleware.go
@@ -0,0 +1,55 @@
+package middleware
+
+import (
+	"errors"
+	"github.com/gin-gonic/gin"
+	"log"
+	"net/http"
+	"strings"
+)
+
+func TokenRequired() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		_, err := checkForTokenInContext(c)
+
+		if err != nil {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+
+func CORSMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
+
+		if c.Request.Method == "OPTIONS" {
+			log.Println(c.Request.Header)
+			c.AbortWithStatus(http.StatusNoContent)
+			return
+		}
+
+		c.Next()
+	}
+}
+
+func checkForTokenInContext(c *gin.Context) (string, error) {
+	authorizationHeader := c.GetHeader("Authorization")
+	if authorizationHeader == "" {
+		return "", errors.New("authorization header is missing")
+	}
+
+	parts := strings.Split(authorizationHeader, " ")
+
+	if len(parts) != 2 || parts[0] != "Bearer" {
+		return "", errors.New("invalid Authorization header format")
+	}
+
+	return parts[1], nil
+}
\ No newline at end of file
-- 
cgit v1.1