AuThEnTiCaTiOn and clean up....

middleware/auth.go

@@ -0,0 +1,45 @@
+package middleware
+
+import (
+	"net/http"
+	"time"
+
+	"synlotto-website/helpers"
+)
+
+const SessionTimeout = 30 * time.Minute
+
+func Auth(required bool) func(http.HandlerFunc) http.HandlerFunc {
+	return func(next http.HandlerFunc) http.HandlerFunc {
+		return func(w http.ResponseWriter, r *http.Request) {
+			session, _ := helpers.GetSession(w, r)
+
+			_, ok := session.Values["user_id"].(int)
+
+			if required && !ok {
+				http.Redirect(w, r, "/login", http.StatusSeeOther)
+				return
+			}
+
+			if ok {
+				last, hasLast := session.Values["last_activity"].(time.Time)
+				if hasLast && time.Since(last) > SessionTimeout {
+					session.Options.MaxAge = -1
+					session.Save(r, w)
+
+					newSession, _ := helpers.GetSession(w, r)
+					newSession.Values["flash"] = "Your session has timed out."
+					newSession.Save(r, w)
+
+					http.Redirect(w, r, "/login", http.StatusSeeOther)
+					return
+				}
+
+				session.Values["last_activity"] = time.Now()
+				session.Save(r, w)
+			}
+
+			next(w, r)
+		}
+	}
+}