feat: database user creation && readme explanation

idk but it did something
fix: add creation date upon user registration
2025-05-10 15:31:34 +02:00 · 2025-05-06 21:34:26 +01:00 · 2025-05-06 19:00:17 +02:00 · 2025-05-06 07:11:27 +00:00
4 changed files with 55 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,8 @@
 # stereo.cat backend  
  
 written in Go, uses Gin.
+
+## database shit  
+  
+Instead of using Discord oAuth as a database, we instead use it as a login source, only using it to source a username/id, avatar data and a secure login/registration flow.  
+We store these attributes alongside stereo.cat specific attributes in our own database. There is a trade-off however: this means that avatar & username data is not updated in real-time, only when the oauth flow is executed.
--- a/internal/api/routes/auth.go
+++ b/internal/api/routes/auth.go
@ -31,7 +31,17 @@ func RegisterAuthRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
 			panic(err)
 		}

-		c.String(http.StatusOK, jwt)
+		res := cfg.Database.FirstOrCreate(&user)
+
+		if res.Error != nil {
+			panic(res.Error)
+		}
+
+		// TODO: redirect to dashboard
+		c.JSON(http.StatusOK, gin.H{
+			"jwt":   jwt,
+			"known": res.RowsAffected == 0,
+		})
 	})

 	api.GET("/auth/me", auth.JwtMiddleware(cfg.JWTSecret), func(c *gin.Context) {
--- a/internal/auth/client/client.go
+++ b/internal/auth/client/client.go
@ -8,6 +8,8 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
+	"time"
+
 	"stereo.cat/backend/internal/auth"
 )

@ -28,8 +30,9 @@ func New(redirectUri, clientId, clientSecret string) Client {
 }

 func (c Client) GetUser(t auth.TokenResponse) (auth.User, error) {
-    user := auth.User {
+	user := auth.User{
 		Blacklisted: false,
+		CreatedAt:   time.Now(),
 	}

 	req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/%s", api, "users/@me"), nil)
--- a/internal/auth/jwt.go
+++ b/internal/auth/jwt.go
@ -1,6 +1,7 @@
 package auth

 import (
+	"encoding/json"
 	"fmt"
 	"net/http"
 	"strings"
@ -28,20 +29,35 @@ func JwtMiddleware(secret string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")

-        if jwtSplit[0] != "Bearer" {
+		if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
 			invalidAuth(c)
 			return
 		}

 		claims, err := ValidateJWT(jwtSplit[1], secret)
-
 		if err != nil {
 			invalidAuth(c)
 			return
 		}

-        c.Set("claims", claims)
+		if userClaims, ok := claims["user"].(map[string]interface{}); ok {
+			userJSON, err := json.Marshal(userClaims) // Convert map to JSON
+			if err != nil {
+				invalidAuth(c)
+				return
+			}

+			var user User
+			err = json.Unmarshal(userJSON, &user)
+			if err != nil {
+				invalidAuth(c)
+				return
+			}
+
+			claims["user"] = user
+		}
+
+		c.Set("claims", claims)
 		c.Next()
 	}
 }
Author	SHA1	Message	Date
hex	0521b523c4	feat: database user creation && readme explanation	2025-05-10 15:31:34 +02:00
grngxd	fbd23fe2cf	idk but it did something	2025-05-06 21:34:26 +01:00
hex	95a94bfed5	fix: add creation date upon user registration	2025-05-06 19:00:17 +02:00
hexlocation	a0f58e0d44	Merge pull request 'authentication' (#2 ) from authentication into dev Reviewed-on: #2	2025-05-06 07:11:27 +00:00