Add auth check to get

2 files changed, 23 insertions, 2 deletions

diff --git a/backend/api/routes.go b/backend/api/routes.go
index d578632..f41505b 100644
--- a/backend/api/routes.go
+++ b/backend/api/routes.go
@@ -52,9 +52,16 @@ func getHashFunc(w http.ResponseWriter, r *http.Request) {
 	paste, err := cache.C.Get(hash)
 
 	// if hash was not found
-	if err != nil {
+	if err == cache.PasteNotFound {
 		w.WriteHeader(http.StatusNotFound)
-		fmt.Fprintf(w, "got err: %s", err.Error())
+		fmt.Fprintf(w, "got err: %s", err)
+		return
+	}
+
+	// if paste is password protected
+	if err == cache.UserUnauthorized {
+		w.WriteHeader(http.StatusUnauthorized)
+		fmt.Fprintf(w, "got err: %s", err)
 		return
 	}
 
@@ -64,6 +71,7 @@ func getHashFunc(w http.ResponseWriter, r *http.Request) {
 		"timestamp": time.Now(),
 		"title":     paste.Title,
 		"content":   paste.Content,
+		"expiry":    paste.Expiry,
 	}
 
 	jsonData, _ := json.Marshal(pasteMap)
diff --git a/backend/cache/cache.go b/backend/cache/cache.go
index bac7ea8..1a8a7a1 100644
--- a/backend/cache/cache.go
+++ b/backend/cache/cache.go
@@ -1,6 +1,7 @@
 package cache
 
 import (
+	"errors"
 	"sync"
 
 	"github.com/jackyzha0/ctrl-v/db"
@@ -13,6 +14,9 @@ type Cache struct {
 
 var C *Cache
 
+var PasteNotFound = errors.New("could not find a paste with that hash")
+var UserUnauthorized = errors.New("paste is password protected")
+
 func init() {
 	C = &Cache{
 		m: map[string]db.Paste{},
@@ -32,6 +36,15 @@ func (c *Cache) Get(hash string) (db.Paste, error) {
 
 	// if it doesnt, lookup from db
 	p, err := db.Lookup(hash)
+	if err != nil {
+		return p, PasteNotFound
+	}
+
+	// if there is a password
+	if p.Password != "" {
+		return db.Paste{}, UserUnauthorized
+	}
+
 	c.add(p)
 	return p, err
 }