rename to badger

.gitignore

@@ -0,0 +1 @@
+go.sum

.traefik.yml

@@ -0,0 +1,10 @@
+displayName: gerbil
+type: middleware
+
+import: github.com/fosrl/gerbil
+
+summary: Middleware auth bouncer for Fossorial
+
+testData:
+  apiAddress: http://pangolin:3001
+  validToken: abc123

README.md

@@ -1 +1,3 @@
 # badger
+
+Custom Traefik plugin middleware for auth

go.mod

@@ -0,0 +1,3 @@
+module github.com/fosrl/badger
+
+go 1.21.5

main.go

@@ -0,0 +1,69 @@
+package badger
+
+import (
+	"context"
+	"net/http"
+	"time"
+)
+
+type Config struct {
+	APIAddress string `json:"apiAddress"`
+	ValidToken string `json:"validToken"`
+}
+
+func CreateConfig() *Config {
+	return &Config{}
+}
+
+type Badger struct {
+	next       http.Handler
+	name       string
+	apiAdress  string
+	validToken string
+}
+
+func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
+	return &Badger{
+		next:       next,
+		name:       name,
+		apiAdress:  config.APIAddress,
+		validToken: config.ValidToken,
+	}, nil
+}
+
+// THIS IS AN EAXMPLE FOR TESTING
+
+var usedTokens = make(map[string]bool)
+
+const cookieName = "access_token"
+const cookieDuration = 1 * time.Minute
+
+func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
+	if _, err := req.Cookie(cookieName); err == nil {
+		p.next.ServeHTTP(rw, req)
+		return
+	}
+
+	queryToken := req.URL.Query().Get("token")
+	if queryToken == "" {
+		http.Error(rw, "Missing token", http.StatusUnauthorized)
+		return
+	}
+
+	if queryToken != p.validToken || usedTokens[queryToken] {
+		http.Error(rw, "Invalid or already used token", http.StatusUnauthorized)
+		return
+	}
+
+	usedTokens[queryToken] = true
+
+	expiration := time.Now().Add(cookieDuration)
+	http.SetCookie(rw, &http.Cookie{
+		Name:    cookieName,
+		Value:   "temporary-access",
+		Expires: expiration,
+		Path:    "/",
+	})
+
+	p.next.ServeHTTP(rw, req)
+}