feat: frontend

2025-11-17 21:07:51 -07:00
parent dd0ab39985
commit e1396e2d24
87 changed files with 13616 additions and 148 deletions
--- a/api/auth/auth.go
+++ b/api/auth/auth.go
@@ -8,6 +8,7 @@ import (
 	"log"
 	"net/http"
 	"net/url"
+	"ordr-api/dto"
 	"os"

 	"github.com/gin-contrib/sessions"
@@ -81,7 +82,10 @@ func LoginHandler(auth *Authenticator) gin.HandlerFunc {
 		}
 		audience_url := "https://" + os.Getenv("AUTH0_DOMAIN") + "/api/v2/"
 		auth_url := auth.AuthCodeURL(state, oauth2.AccessTypeOffline, oauth2.SetAuthURLParam("audience", audience_url))
-		ctx.Redirect(http.StatusTemporaryRedirect, auth_url)
+		var redirect dto.LoginRedirect
+		redirect.Status = "200 OK"
+		redirect.Location = auth_url
+		ctx.JSON(http.StatusOK, redirect)
 	}
 }

@@ -163,7 +167,7 @@ func AuthenticationCallbackHandler(auth *Authenticator) gin.HandlerFunc {
 		}

 		// Redirect to logged in page.
-		ctx.Redirect(http.StatusTemporaryRedirect, "/user")
+		ctx.Redirect(http.StatusTemporaryRedirect, os.Getenv("LOGGED_IN_REDIRECT"))
 	}
 }

--- a/api/auth/middleware/authentication_middleware.go
+++ b/api/auth/middleware/authentication_middleware.go
@@ -86,6 +86,9 @@ func HandleRefreshToken(session sessions.Session) bool {
 	}

 	refresh_token := session.Get("refresh_token")
+	if refresh_token == nil {
+		return false
+	}
 	refresh_request_dto := dto.RefreshTokenRequest{
 		GrantType:    "refresh_token",
 		ClientId:     os.Getenv("AUTH0_CLIENT_ID"),
@@ -139,28 +142,23 @@ func IsAuthenticated(auth *auth.Authenticator) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		session := sessions.Default(context)

-		if session.Get("profile") == nil {
-			context.Redirect(http.StatusSeeOther, "/auth/login")
-			context.Abort()
-			return
-		}
+		refresh_token := session.Get("refresh_token")

 		access_token := session.Get("access_token")

-		if access_token == nil {
-			context.Redirect(http.StatusSeeOther, "/auth/login")
-			return
-		}
+		log.Printf("%s", refresh_token)

-		if TokenIsNotExpired(access_token.(string)) {
-			context.Next()
-		} else {
-			if !HandleRefreshToken(session) {
-				context.Redirect(http.StatusSeeOther, "/auth/login")
-				return
-			} else {
+		if access_token != nil {
+			if TokenIsNotExpired(access_token.(string)) {
 				context.Next()
+				return
 			}
 		}
+
+		if !HandleRefreshToken(session) {
+			context.AbortWithStatus(http.StatusUnauthorized)
+			return
+		}
+		context.Next()
 	}
 }
--- a/api/auth/middleware/authorization_middleware.go
+++ b/api/auth/middleware/authorization_middleware.go
@@ -17,6 +17,7 @@ func IsAdmin(pool *pgxpool.Pool) gin.HandlerFunc {
 		if conn_err != nil {
 			log.Println(conn_err)
 			ctx.AbortWithStatus(http.StatusInternalServerError)
+			return
 		}
 		defer conn.Release()