(FIX): More auth issues solved.

If a user is logged into an account that cannot be found, they will be silently logged out, so they can log back into their account. In the event that the data becomes stale.
(FIX): Fixed the auth issue, at least on the profile page.
2025-07-27 13:00:03 -07:00 · 2025-07-27 12:47:25 -07:00
4 changed files with 29 additions and 21 deletions
--- a/internal/app/handlers/auth_handler.go
+++ b/internal/app/handlers/auth_handler.go
@ -36,18 +36,7 @@ func GoogleCallback(ctx *gin.Context) {
 	if jwt, dbUser, googleUserInfo, err := deps.AuthService.GoogleAuthSuccess(state, code); err != nil {
 		ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 	} else {
-		// TODO: Update these values when using a real domain. Maybe an ENV?
 		domain.SetCookie(ctx, "jwt_token", jwt, time.Hour*24*7)
-		// ctx.SetCookie(
-		// 	"jwt_token",
-		// 	jwt,
-		// 	int(time.Now().Add(7*24*time.Hour).Sub(time.Now()).Seconds()),
-		// 	"/",
-		// 	"",    // TODO: Real live domain
-		// 	false, // TODO: True in prod
-		// 	true,
-		// )
-
 		// ctx.JSON(http.StatusOK, gin.H{"jwt": jwt, "googleUserInfo": googleUserInfo, "dbUser": dbUser})
 		_ = dbUser
 		_ = googleUserInfo
@ -60,11 +49,7 @@ func GoogleCallback(ctx *gin.Context) {
 // require authentication will require the user to sign back in before accessing them again.
 // This route will direct the user back to the home page.
 func Logout(ctx *gin.Context) {
-	// TODO: Use same values as the GoogleCallback function
 	domain.SetCookie(ctx, "jwt_token", "", -1)
 	domain.SetCookie(ctx, "search-filters", "", -1)
-	// ctx.SetCookie("jwt_token", "", -1, "/", "", false, true) // TODO: Update settings
-	// ctx.SetCookie("search-filters", "", -1, "/", "", false, true)
-
 	ctx.Redirect(http.StatusSeeOther, domain.WEB_HOME)
 }
--- a/internal/app/handlers/page_handler.go
+++ b/internal/app/handlers/page_handler.go
@ -28,6 +28,14 @@ func HomePage(ctx *gin.Context) {

 	loggedIn := domain.IsLoggedIn(ctx)

+	// Ensure user is logged in with a valid account
+	if user := deps.UserService.GetAuthenicatedUser(ctx); user == nil {
+		// Log (stale) user out
+		domain.SetCookie(ctx, "jwt_token", "", -1)
+		domain.SetCookie(ctx, "search-filters", "", -1)
+		loggedIn = false
+	}
+
 	var page templ.Component
 	if loggedIn {
 		userId := ctx.MustGet("userId").(int)
@ -150,6 +158,12 @@ func ProfilePage(ctx *gin.Context) {
 	// Else, get the user data
 	deps := ctx.MustGet("deps").(*domainServer.InjectedDependencies)
 	user := deps.UserService.GetAuthenicatedUser(ctx)
+	if user == nil {
+		// User is failing to be found, direct to the login page
+		ctx.Redirect(http.StatusSeeOther, domainServer.WEB_LOGIN)
+		return
+	}
+
 	recipes, err := deps.RecipeService.GetUserRecipes(user.Id)
 	if err != nil {
 		ctx.JSON(http.StatusInternalServerError, gin.H{
@ -179,7 +193,7 @@ func ProfilePage(ctx *gin.Context) {
 	}

 	title := "Potion - Profile"
-	page := pages.ProfilePage(user, recipes, favorites, engagements)
+	page := pages.ProfilePage(*user, recipes, favorites, engagements)

 	ctx.HTML(http.StatusOK, "", layouts.AppLayout(title, page))
 }
@ -208,6 +222,15 @@ func RecipePage(ctx *gin.Context) {
 	// Get signed in user, if they exist
 	var userId *int = nil
 	var loggedIn = domainServer.IsLoggedIn(ctx)
+
+	// Ensure user is logged in with a valid account
+	if user := deps.UserService.GetAuthenicatedUser(ctx); user == nil {
+		// Log (stale) user out
+		domain.SetCookie(ctx, "jwt_token", "", -1)
+		domain.SetCookie(ctx, "search-filters", "", -1)
+		loggedIn = false
+	}
+
 	if loggedIn {
 		storeId := ctx.MustGet("userId").(int)
 		userId = &storeId
--- a/internal/app/service/user_service.go
+++ b/internal/app/service/user_service.go
@ -25,19 +25,19 @@ func NewUserService(userRepository domain.UserRepository) domain.UserService {
 // user is actually logged in, if not, a blank user will be returned. To ensure success, call the
 // `domain.IsLoggedIn()` function first to ensure the user is logged in. If that passes, this
 // function should yield a result.
-func (s *UserService) GetAuthenicatedUser(ctx *gin.Context) domain.User {
+func (s *UserService) GetAuthenicatedUser(ctx *gin.Context) *domain.User {
 	val, ok := ctx.Get("userId")
 	if !ok {
-		return domain.User{}
+		return nil
 	}

 	id := val.(int)
 	user, err := s.userRepository.GetUser(id)
 	if err != nil {
-		return domain.User{}
+		return nil
 	}

-	return *user
+	return user
 }

 // GetUser will get a user from the database via its ID. This is not related to the Google ID in
--- a/internal/domain/user/service.go
+++ b/internal/domain/user/service.go
@ -3,6 +3,6 @@ package domain
 import "github.com/gin-gonic/gin"

 type UserService interface {
-	GetAuthenicatedUser(ctx *gin.Context) User
+	GetAuthenicatedUser(ctx *gin.Context) *User
 	GetUser(id int) (*User, error)
 }
Author	SHA1	Message	Date
Hayden Hargreaves	dbf8470195	(FIX): More auth issues solved. If a user is logged into an account that cannot be found, they will be silently logged out, so they can log back into their account. In the event that the data becomes stale.	2025-07-27 13:00:03 -07:00
Hayden Hargreaves	a28f8edd54	(FIX): Fixed the auth issue, at least on the profile page.	2025-07-27 12:47:25 -07:00