6 files changed, 49 insertions, 18 deletions

diff --git a/deps.edn b/deps.edn
index 242ce57..1b4659d 100644
--- a/deps.edn
+++ b/deps.edn
@@ -1,7 +1,9 @@
 {:paths ["src" "resources"]
- :deps  {http-kit/http-kit {:mvn/version "2.8.0"}
-         metosin/reitit    {:mvn/version "0.8.0"}
-         hiccup/hiccup     {:mvn/version "2.0.0-RC5"}}
+ :deps  {http-kit/http-kit       {:mvn/version "2.8.0"}
+         metosin/reitit          {:mvn/version "0.8.0"}
+         hiccup/hiccup           {:mvn/version "2.0.0-RC5"}
+         ring-oauth2/ring-oauth2 {:mvn/version "0.3.0"}
+         lynxeyes/dotenv         {:mvn/version "1.1.0"}}
  :aliases
  {:neil  {:project {:name    chef/chef
                     :version "0.0.1"}}
diff --git a/src/chef/core.clj b/src/chef/core.clj
index 86aeb17..638698d 100644
--- a/src/chef/core.clj
+++ b/src/chef/core.clj
@@ -5,4 +5,4 @@
 
 (defn -main [& args]
   (println "Starting http server...")
-  (http-server/run-server croutes/ring-handler {:port 8080}))
+  (http-server/run-server @croutes/ring-handler {:port 8080}))
diff --git a/src/chef/pages/admin.clj b/src/chef/pages/admin.clj
index c06b475..3e2b0a1 100644
--- a/src/chef/pages/admin.clj
+++ b/src/chef/pages/admin.clj
@@ -1,10 +1,11 @@
 (ns chef.pages.admin
-  (:require [chef.pages.utils :as cputils]
+  (:require [chef.utils :as cutils]
             [hiccup2.core :as html]
             [ring.util.response :as ruresp]))
 
 (defn handler [req]
-  (-> (cputils/gen-page "chef - Dashboard" [:i "Coming soon..."])
-      html/html
-      str
-      ruresp/response))
+  (cutils/auth-only req
+                    (-> (cutils/gen-page "chef - Dashboard" [:i "Coming soon..."])
+                        html/html
+                        str
+                        ruresp/response)))
diff --git a/src/chef/pages/home.clj b/src/chef/pages/home.clj
index 725ba2b..84f643f 100644
--- a/src/chef/pages/home.clj
+++ b/src/chef/pages/home.clj
@@ -1,10 +1,15 @@
 (ns chef.pages.home
   (:require [hiccup2.core :as html]
             [ring.util.response :as ruresp]
-            [chef.pages.utils :as cputils]))
+            [chef.utils :as cutils]
+            [ring.middleware.session :as rmsession]))
 
 (defn handler [req]
-  (-> (cputils/gen-page "chef" [:i "Coming soon..."])
-      html/html
-      str
-      ruresp/response))
+  (let [access-token (get-in req [:oauth2/access-tokens :auth])
+        resp (-> (cutils/gen-page "chef" [:i "Coming soon..."])
+                 html/html
+                 str
+                 ruresp/response)]
+    (if (some? access-token)
+      (assoc resp :session (assoc (:session req) :oauth-token access-token))
+      resp)))
diff --git a/src/chef/routes.clj b/src/chef/routes.clj
index 51c721a..c2fd6c7 100644
--- a/src/chef/routes.clj
+++ b/src/chef/routes.clj
@@ -1,5 +1,10 @@
 (ns chef.routes
   (:require [reitit.ring :as rring]
+            [ring.middleware.oauth2 :as rmoauth2]
+            [ring.middleware.params :as rmparams]
+            [ring.middleware.session :as rmsession]
+            [dotenv :as env]
+            [clojure.string :as cstr]
 
             [chef.pages.home :as cphome]
             [chef.pages.admin :as cpadmin]))
@@ -8,6 +13,17 @@
              ["/admin/" {:get {:handler cpadmin/handler}}]
              ["/static/*" (rring/create-resource-handler)]])
 
-(def ring-handler (-> router
-                      rring/router
-                      (rring/ring-handler (rring/redirect-trailing-slash-handler))))
+(def ring-handler (delay (-> router
+                             rring/router
+                             (rring/ring-handler (rring/redirect-trailing-slash-handler))
+                             (rmoauth2/wrap-oauth2 {:auth {:authorize-uri    (env/env "OAUTH_AUTH_URI")
+                                                           :access-token-uri (env/env "OAUTH_ACCESS_TOKEN_URI")
+                                                           :client-id        (env/env "OAUTH_CLIENT_ID")
+                                                           :client-secret    (env/env "OAUTH_CLIENT_SECRET")
+                                                           :scopes           (cstr/split (env/env "OAUTH_SCOPES") #",")
+                                                           :launch-uri       "/auth"
+                                                           :redirect-uri     "/auth/callback"
+                                                           :landing-uri      "/"
+                                                           :pkce?            true}})
+                             rmparams/wrap-params
+                             rmsession/wrap-session)))
diff --git a/src/chef/pages/utils.clj b/src/chef/utils.clj
index 72d33fd..a721617 100644
--- a/src/chef/pages/utils.clj
+++ b/src/chef/utils.clj
@@ -1,4 +1,5 @@
-(ns chef.pages.utils)
+(ns chef.utils
+  (:require [ring.util.response :as ruresp]))
 
 (defn gen-page [title & content]
   [:html
@@ -6,3 +7,9 @@
     [:meta {:name "viewport" :content "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"}]
     [:title title]]
    (apply conj [:body] content [[:script {:src "/static/htmx.js"}]])])
+
+(defmacro auth-only [request & body]
+  `(if (some? (get-in ~request [:session :oauth-token]))
+     (do ~@body)
+     ~(-> (ruresp/response "Unauthorized.")
+          (ruresp/status 401))))