middleware method
Create guard middleware
Implementation
@override
Middleware middleware() {
return (Handler handler) {
return (Request request) async {
// Check if route is excepted
if (_isExcepted(request.url.path)) {
return await handler(request);
}
// Extract session ID from cookie
final sessionId = _extractSessionId(request);
if (sessionId == null) {
return Response(401,
body:
'{"error": "Unauthorized", "message": "No session cookie found"}',
headers: {'Content-Type': 'application/json'});
}
// Verify session
final session = _sessions[sessionId];
if (session == null || session.isExpired) {
// Remove expired session
if (session != null) {
_sessions.remove(sessionId);
}
return Response(401,
body:
'{"error": "Unauthorized", "message": "Invalid or expired session"}',
headers: {'Content-Type': 'application/json'});
}
// Add user data to request context
final authContext = {
'user': session.data,
'session': session,
'session_id': sessionId,
'user_id': session.userId,
'is_authenticated': true,
'guard': 'session',
};
final updatedRequest = request.change(context: authContext);
return await handler(updatedRequest);
};
};
}