package main import ( "fmt" "go-udemy-web-1/internal/helpers" "net/http" "github.com/justinas/nosurf" ) // WriteToConsole writes a log when user hits a page func WriteToConsole(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { fmt.Printf("Hit the page %s\n", r.URL.String()) next.ServeHTTP(w, r) }) } // NoSurf adds CSRF protection to all POST requests func NoSurf(next http.Handler) http.Handler { csrfHandler := nosurf.New(next) csrfHandler.SetBaseCookie(http.Cookie{ HttpOnly: true, Path: "/", Secure: app.InProduction, SameSite: http.SameSiteLaxMode, }) return csrfHandler } // SessionLoad loads and saves the session on every request func SessionLoad(next http.Handler) http.Handler { return session.LoadAndSave(next) } func Auth(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if !helpers.IsAuthenticated(r) { session.Put(r.Context(), "error", "Log in first!") http.Redirect(w, r, "/user/login", http.StatusSeeOther) return } next.ServeHTTP(w, r) }) }