chore: remove cashed

backend/internal/api/middleware/auth.go

@@ -0,0 +1,63 @@
+package middleware
+
+import (
+	"net/http"
+	"strings"
+
+	"github.com/Wikid82/CaddyProxyManagerPlus/backend/internal/services"
+	"github.com/gin-gonic/gin"
+)
+
+func AuthMiddleware(authService *services.AuthService) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		authHeader := c.GetHeader("Authorization")
+		if authHeader == "" {
+			// Try cookie
+			cookie, err := c.Cookie("auth_token")
+			if err == nil {
+				authHeader = "Bearer " + cookie
+			}
+		}
+
+		if authHeader == "" {
+			// Try query param
+			token := c.Query("token")
+			if token != "" {
+				authHeader = "Bearer " + token
+			}
+		}
+
+		if authHeader == "" {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Authorization header required"})
+			return
+		}
+
+		tokenString := strings.TrimPrefix(authHeader, "Bearer ")
+		claims, err := authService.ValidateToken(tokenString)
+		if err != nil {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"})
+			return
+		}
+
+		c.Set("userID", claims.UserID)
+		c.Set("role", claims.Role)
+		c.Next()
+	}
+}
+
+func RequireRole(role string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		userRole, exists := c.Get("role")
+		if !exists {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
+			return
+		}
+
+		if userRole.(string) != role && userRole.(string) != "admin" {
+			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Forbidden"})
+			return
+		}
+
+		c.Next()
+	}
+}