AnthoLume/api/auth.go

package api

import (
	"crypto/md5"
	"fmt"
	"net/http"
	"strings"
	"time"

	argon2 "github.com/alexedwards/argon2id"
	"github.com/gin-contrib/sessions"
	"github.com/gin-gonic/gin"
	log "github.com/sirupsen/logrus"
	"reichard.io/bbank/database"
)

// Authorization Data
type authData struct {
	UserName string
	IsAdmin  bool
}

// KOSync API Auth Headers
type authKOHeader struct {
	AuthUser string `header:"x-auth-user"`
	AuthKey  string `header:"x-auth-key"`
}

// OPDS Auth Headers
type authOPDSHeader struct {
	Authorization string `header:"authorization"`
}

func (api *API) authorizeCredentials(username string, password string) (auth *authData) {
	user, err := api.DB.Queries.GetUser(api.DB.Ctx, username)
	if err != nil {
		return
	}

	if match, err := argon2.ComparePasswordAndHash(password, *user.Pass); err != nil || match != true {
		return
	}

	return &authData{
		UserName: user.ID,
		IsAdmin:  user.Admin,
	}
}

func (api *API) authKOMiddleware(c *gin.Context) {
	session := sessions.Default(c)

	// Check Session First
	if auth, ok := getSession(session); ok == true {
		c.Set("Authorization", auth)
		c.Header("Cache-Control", "private")
		c.Next()
		return
	}

	// Session Failed -> Check Headers (Allowed on API for KOSync Compatibility)

	var rHeader authKOHeader
	if err := c.ShouldBindHeader(&rHeader); err != nil {
		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Incorrect Headers"})
		return
	}
	if rHeader.AuthUser == "" || rHeader.AuthKey == "" {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid Authorization Headers"})
		return
	}

	authData := api.authorizeCredentials(rHeader.AuthUser, rHeader.AuthKey)
	if authData == nil {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		return
	}

	if err := setSession(session, *authData); err != nil {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		return
	}

	c.Set("Authorization", *authData)
	c.Header("Cache-Control", "private")
	c.Next()
}

func (api *API) authOPDSMiddleware(c *gin.Context) {
	c.Header("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)

	user, rawPassword, hasAuth := c.Request.BasicAuth()

	// Validate Auth Fields
	if hasAuth != true || user == "" || rawPassword == "" {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid Authorization Headers"})
		return
	}

	// Validate Auth
	password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))
	authData := api.authorizeCredentials(user, password)
	if authData == nil {
		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
		return
	}

	c.Set("Authorization", *authData)
	c.Header("Cache-Control", "private")
	c.Next()
}

func (api *API) authWebAppMiddleware(c *gin.Context) {
	session := sessions.Default(c)

	// Check Session
	if auth, ok := getSession(session); ok == true {
		c.Set("Authorization", auth)
		c.Header("Cache-Control", "private")
		c.Next()
		return
	}

	c.Redirect(http.StatusFound, "/login")
	c.Abort()
	return
}

func (api *API) authAdminWebAppMiddleware(c *gin.Context) {
	if data, _ := c.Get("Authorization"); data != nil {
		auth := data.(authData)
		if auth.IsAdmin == true {
			c.Next()
			return
		}
	}

	errorPage(c, http.StatusUnauthorized, "Admin Permissions Required")
	c.Abort()
	return
}

func (api *API) appAuthFormLogin(c *gin.Context) {
	templateVars := api.getBaseTemplateVars("login", c)

	username := strings.TrimSpace(c.PostForm("username"))
	rawPassword := strings.TrimSpace(c.PostForm("password"))

	if username == "" || rawPassword == "" {
		templateVars["Error"] = "Invalid Credentials"
		c.HTML(http.StatusUnauthorized, "page/login", templateVars)
		return
	}

	// MD5 - KOSync Compatiblity
	password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))
	authData := api.authorizeCredentials(username, password)
	if authData == nil {
		templateVars["Error"] = "Invalid Credentials"
		c.HTML(http.StatusUnauthorized, "page/login", templateVars)
		return
	}

	// Set Session
	session := sessions.Default(c)
	if err := setSession(session, *authData); err != nil {
		templateVars["Error"] = "Invalid Credentials"
		c.HTML(http.StatusUnauthorized, "page/login", templateVars)
		return
	}

	c.Header("Cache-Control", "private")
	c.Redirect(http.StatusFound, "/")
}

func (api *API) appAuthFormRegister(c *gin.Context) {
	if !api.Config.RegistrationEnabled {
		errorPage(c, http.StatusUnauthorized, "Nice try. Registration is disabled.")
		return
	}

	templateVars := api.getBaseTemplateVars("login", c)
	templateVars["Register"] = true

	username := strings.TrimSpace(c.PostForm("username"))
	rawPassword := strings.TrimSpace(c.PostForm("password"))

	if username == "" || rawPassword == "" {
		templateVars["Error"] = "Invalid User or Password"
		c.HTML(http.StatusBadRequest, "page/login", templateVars)
		return
	}
	password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))

	hashedPassword, err := argon2.CreateHash(password, argon2.DefaultParams)
	if err != nil {
		templateVars["Error"] = "Registration Disabled or User Already Exists"
		c.HTML(http.StatusBadRequest, "page/login", templateVars)
		return
	}

	rows, err := api.DB.Queries.CreateUser(api.DB.Ctx, database.CreateUserParams{
		ID:   username,
		Pass: &hashedPassword,
	})

	// SQL Error
	if err != nil {
		log.Error("[appAuthFormRegister] CreateUser DB Error:", err)
		templateVars["Error"] = "Registration Disabled or User Already Exists"
		c.HTML(http.StatusBadRequest, "page/login", templateVars)
		return
	}

	// User Already Exists
	if rows == 0 {
		log.Warn("[appAuthFormRegister] User Already Exists:", username)
		templateVars["Error"] = "Registration Disabled or User Already Exists"
		c.HTML(http.StatusBadRequest, "page/login", templateVars)
		return
	}

	// Get User
	user, err := api.DB.Queries.GetUser(api.DB.Ctx, username)
	if err != nil {
		log.Error("[appAuthFormRegister] GetUser DB Error:", err)
		templateVars["Error"] = "Registration Disabled or User Already Exists"
		c.HTML(http.StatusBadRequest, "page/login", templateVars)
		return
	}

	// Set Session
	auth := authData{
		UserName: user.ID,
		IsAdmin:  user.Admin,
	}
	session := sessions.Default(c)
	if err := setSession(session, auth); err != nil {
		errorPage(c, http.StatusUnauthorized, "Unauthorized.")
		return
	}

	c.Header("Cache-Control", "private")
	c.Redirect(http.StatusFound, "/")
}

func (api *API) appAuthLogout(c *gin.Context) {
	session := sessions.Default(c)
	session.Clear()
	session.Save()
	c.Redirect(http.StatusFound, "/login")
}

func getSession(session sessions.Session) (auth authData, ok bool) {
	// Check Session
	authorizedUser := session.Get("authorizedUser")
	isAdmin := session.Get("isAdmin")
	expiresAt := session.Get("expiresAt")
	if authorizedUser == nil || isAdmin == nil || expiresAt == nil {
		return
	}

	// Create Auth Object
	auth = authData{
		UserName: authorizedUser.(string),
		IsAdmin:  isAdmin.(bool),
	}

	// Refresh
	if expiresAt.(int64)-time.Now().Unix() < 60*60*24 {
		log.Info("[getSession] Refreshing Session")
		setSession(session, auth)
	}

	// Authorized
	return auth, true
}

func setSession(session sessions.Session, auth authData) error {
	// Set Session Cookie
	session.Set("authorizedUser", auth.UserName)
	session.Set("isAdmin", auth.IsAdmin)
	session.Set("expiresAt", time.Now().Unix()+(60*60*24*7))
	return session.Save()
}
Initial Commit 2023-09-18 23:57:18 +00:00			`package api`

			`import (`
			`"crypto/md5"`
			`"fmt"`
			`"net/http"`
			`"strings"`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`"time"`
Initial Commit 2023-09-18 23:57:18 +00:00
			`argon2 "github.com/alexedwards/argon2id"`
			`"github.com/gin-contrib/sessions"`
			`"github.com/gin-gonic/gin"`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`log "github.com/sirupsen/logrus"`
Initial Commit 2023-09-18 23:57:18 +00:00			`"reichard.io/bbank/database"`
			`)`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`// Authorization Data`
			`type authData struct {`
			`UserName string`
			`IsAdmin bool`
			`}`

[remove] unused JSON API routes 2023-09-26 23:14:33 +00:00			`// KOSync API Auth Headers`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`type authKOHeader struct {`
Initial Commit 2023-09-18 23:57:18 +00:00			AuthUser string `header:"x-auth-user"`
			AuthKey string `header:"x-auth-key"`
			`}`

[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`// OPDS Auth Headers`
			`type authOPDSHeader struct {`
			Authorization string `header:"authorization"`
			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`func (api API) authorizeCredentials(username string, password string) (auth authData) {`
Initial Commit 2023-09-18 23:57:18 +00:00			`user, err := api.DB.Queries.GetUser(api.DB.Ctx, username)`
			`if err != nil {`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`return`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

[add] settings (pw & time offset), [fix] PWA issues, [fix] misc styling issues 2023-09-27 22:58:47 +00:00			`if match, err := argon2.ComparePasswordAndHash(password, *user.Pass); err != nil \|\| match != true {`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`return`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`return &authData{`
			`UserName: user.ID,`
			`IsAdmin: user.Admin,`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`func (api API) authKOMiddleware(c gin.Context) {`
Initial Commit 2023-09-18 23:57:18 +00:00			`session := sessions.Default(c)`

[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Check Session First`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if auth, ok := getSession(session); ok == true {`
			`c.Set("Authorization", auth)`
[fix] map concurrency issue, [add] better logging, [add] activity template, [fix] safari redirect issue, [add] timezone framework 2023-09-21 00:35:01 +00:00			`c.Header("Cache-Control", "private")`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.Next()`
			`return`
			`}`

[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Session Failed -> Check Headers (Allowed on API for KOSync Compatibility)`

[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`var rHeader authKOHeader`
Initial Commit 2023-09-18 23:57:18 +00:00			`if err := c.ShouldBindHeader(&rHeader); err != nil {`
			`c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Incorrect Headers"})`
			`return`
			`}`
			`if rHeader.AuthUser == "" \|\| rHeader.AuthKey == "" {`
			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid Authorization Headers"})`
			`return`
			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`authData := api.authorizeCredentials(rHeader.AuthUser, rHeader.AuthKey)`
			`if authData == nil {`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})`
			`return`
			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if err := setSession(session, *authData); err != nil {`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})`
			`return`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`c.Set("Authorization", *authData)`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`c.Header("Cache-Control", "private")`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.Next()`
			`}`

[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`func (api API) authOPDSMiddleware(c gin.Context) {`
			c.Header("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)

			`user, rawPassword, hasAuth := c.Request.BasicAuth()`

			`// Validate Auth Fields`
			`if hasAuth != true \|\| user == "" \|\| rawPassword == "" {`
			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid Authorization Headers"})`
			`return`
			`}`

			`// Validate Auth`
			`password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`authData := api.authorizeCredentials(user, password)`
			`if authData == nil {`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})`
			`return`
			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`c.Set("Authorization", *authData)`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`c.Header("Cache-Control", "private")`
			`c.Next()`
			`}`

Initial Commit 2023-09-18 23:57:18 +00:00			`func (api API) authWebAppMiddleware(c gin.Context) {`
			`session := sessions.Default(c)`

[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Check Session`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if auth, ok := getSession(session); ok == true {`
			`c.Set("Authorization", auth)`
[fix] map concurrency issue, [add] better logging, [add] activity template, [fix] safari redirect issue, [add] timezone framework 2023-09-21 00:35:01 +00:00			`c.Header("Cache-Control", "private")`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.Next()`
			`return`
			`}`

			`c.Redirect(http.StatusFound, "/login")`
			`c.Abort()`
[add] better error handling, [add] font selector, [add] tailwind generation 2023-10-25 23:52:01 +00:00			`return`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`func (api API) authAdminWebAppMiddleware(c gin.Context) {`
			`if data, _ := c.Get("Authorization"); data != nil {`
			`auth := data.(authData)`
			`if auth.IsAdmin == true {`
			`c.Next()`
			`return`
			`}`
			`}`

			`errorPage(c, http.StatusUnauthorized, "Admin Permissions Required")`
			`c.Abort()`
			`return`
			`}`

[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`func (api API) appAuthFormLogin(c gin.Context) {`
			`templateVars := api.getBaseTemplateVars("login", c)`

Initial Commit 2023-09-18 23:57:18 +00:00			`username := strings.TrimSpace(c.PostForm("username"))`
			`rawPassword := strings.TrimSpace(c.PostForm("password"))`

			`if username == "" \|\| rawPassword == "" {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars["Error"] = "Invalid Credentials"`
			`c.HTML(http.StatusUnauthorized, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`
[remove] unused JSON API routes 2023-09-26 23:14:33 +00:00
			`// MD5 - KOSync Compatiblity`
Initial Commit 2023-09-18 23:57:18 +00:00			`password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`authData := api.authorizeCredentials(username, password)`
			`if authData == nil {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars["Error"] = "Invalid Credentials"`
			`c.HTML(http.StatusUnauthorized, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`

[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Set Session`
Initial Commit 2023-09-18 23:57:18 +00:00			`session := sessions.Default(c)`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if err := setSession(session, *authData); err != nil {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars["Error"] = "Invalid Credentials"`
			`c.HTML(http.StatusUnauthorized, "page/login", templateVars)`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`return`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`c.Header("Cache-Control", "private")`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.Redirect(http.StatusFound, "/")`
			`}`

[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`func (api API) appAuthFormRegister(c gin.Context) {`
[add] split wanted files vs wanted metadata for ko apis, [add] documentation 2023-09-19 23:29:55 +00:00			`if !api.Config.RegistrationEnabled {`
[add] better error handling, [add] font selector, [add] tailwind generation 2023-10-25 23:52:01 +00:00			`errorPage(c, http.StatusUnauthorized, "Nice try. Registration is disabled.")`
			`return`
[add] split wanted files vs wanted metadata for ko apis, [add] documentation 2023-09-19 23:29:55 +00:00			`}`

[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars := api.getBaseTemplateVars("login", c)`
			`templateVars["Register"] = true`

Initial Commit 2023-09-18 23:57:18 +00:00			`username := strings.TrimSpace(c.PostForm("username"))`
			`rawPassword := strings.TrimSpace(c.PostForm("password"))`

			`if username == "" \|\| rawPassword == "" {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars["Error"] = "Invalid User or Password"`
			`c.HTML(http.StatusBadRequest, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`
			`password := fmt.Sprintf("%x", md5.Sum([]byte(rawPassword)))`

			`hashedPassword, err := argon2.CreateHash(password, argon2.DefaultParams)`
			`if err != nil {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`templateVars["Error"] = "Registration Disabled or User Already Exists"`
			`c.HTML(http.StatusBadRequest, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`

			`rows, err := api.DB.Queries.CreateUser(api.DB.Ctx, database.CreateUserParams{`
			`ID: username,`
[add] settings (pw & time offset), [fix] PWA issues, [fix] misc styling issues 2023-09-27 22:58:47 +00:00			`Pass: &hashedPassword,`
Initial Commit 2023-09-18 23:57:18 +00:00			`})`

			`// SQL Error`
			`if err != nil {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`log.Error("[appAuthFormRegister] CreateUser DB Error:", err)`
			`templateVars["Error"] = "Registration Disabled or User Already Exists"`
			`c.HTML(http.StatusBadRequest, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`

			`// User Already Exists`
			`if rows == 0 {`
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`log.Warn("[appAuthFormRegister] User Already Exists:", username)`
			`templateVars["Error"] = "Registration Disabled or User Already Exists"`
			`c.HTML(http.StatusBadRequest, "page/login", templateVars)`
Initial Commit 2023-09-18 23:57:18 +00:00			`return`
			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`// Get User`
			`user, err := api.DB.Queries.GetUser(api.DB.Ctx, username)`
			`if err != nil {`
			`log.Error("[appAuthFormRegister] GetUser DB Error:", err)`
			`templateVars["Error"] = "Registration Disabled or User Already Exists"`
			`c.HTML(http.StatusBadRequest, "page/login", templateVars)`
			`return`
			`}`

[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Set Session`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`auth := authData{`
			`UserName: user.ID,`
			`IsAdmin: user.Admin,`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00			`session := sessions.Default(c)`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if err := setSession(session, auth); err != nil {`
[add] better error handling, [add] font selector, [add] tailwind generation 2023-10-25 23:52:01 +00:00			`errorPage(c, http.StatusUnauthorized, "Unauthorized.")`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`return`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`c.Header("Cache-Control", "private")`
Initial Commit 2023-09-18 23:57:18 +00:00			`c.Redirect(http.StatusFound, "/")`
			`}`
[remove] unused JSON API routes 2023-09-26 23:14:33 +00:00
[refactor] app routes, [add] progress table 2024-01-01 04:12:46 +00:00			`func (api API) appAuthLogout(c gin.Context) {`
[remove] unused JSON API routes 2023-09-26 23:14:33 +00:00			`session := sessions.Default(c)`
			`session.Clear()`
			`session.Save()`
			`c.Redirect(http.StatusFound, "/login")`
			`}`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`func getSession(session sessions.Session) (auth authData, ok bool) {`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Check Session`
			`authorizedUser := session.Get("authorizedUser")`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`isAdmin := session.Get("isAdmin")`
			`expiresAt := session.Get("expiresAt")`
			`if authorizedUser == nil \|\| isAdmin == nil \|\| expiresAt == nil {`
			`return`
			`}`

			`// Create Auth Object`
			`auth = authData{`
			`UserName: authorizedUser.(string),`
			`IsAdmin: isAdmin.(bool),`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`}`

			`// Refresh`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`if expiresAt.(int64)-time.Now().Unix() < 606024 {`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`log.Info("[getSession] Refreshing Session")`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`setSession(session, auth)`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`// Authorized`
			`return auth, true`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`}`

[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`func setSession(session sessions.Session, auth authData) error {`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`// Set Session Cookie`
[add] admin panel, [add] better logging 2024-01-10 02:08:40 +00:00			`session.Set("authorizedUser", auth.UserName)`
			`session.Set("isAdmin", auth.IsAdmin)`
[add] heavy query caching, [add] wpm leaderboard 2023-10-03 20:47:38 +00:00			`session.Set("expiresAt", time.Now().Unix()+(606024*7))`
			`return session.Save()`
			`}`