74 lines
1.6 KiB
Go
74 lines
1.6 KiB
Go
package rest
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"git.sch9.ru/new_gate/ms-auth/internal/models"
|
|
"git.sch9.ru/new_gate/ms-auth/internal/users"
|
|
"git.sch9.ru/new_gate/ms-auth/pkg"
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/golang-jwt/jwt/v4"
|
|
"strings"
|
|
)
|
|
|
|
const (
|
|
TokenKey = "token"
|
|
)
|
|
|
|
func AuthMiddleware(jwtSecret string, userUC users.UseCase) fiber.Handler {
|
|
return func(c *fiber.Ctx) error {
|
|
const op = "AuthMiddleware"
|
|
|
|
authHeader := c.Get("Authorization", "")
|
|
if authHeader == "" {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
authParts := strings.Split(authHeader, " ")
|
|
if len(authParts) != 2 || strings.ToLower(authParts[0]) != "bearer" {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
parsedToken, err := jwt.ParseWithClaims(authParts[1], &models.JWT{}, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
|
}
|
|
|
|
return []byte(jwtSecret), nil
|
|
})
|
|
if err != nil {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
token, ok := parsedToken.Claims.(*models.JWT)
|
|
if !ok {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
err = token.Valid()
|
|
if err != nil {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
ctx := c.Context()
|
|
|
|
// check if session exists
|
|
_, err = userUC.ReadSession(ctx, token.SessionId)
|
|
if err != nil {
|
|
if errors.Is(err, pkg.ErrNotFound) {
|
|
c.Locals(TokenKey, nil)
|
|
return c.Next()
|
|
}
|
|
|
|
return c.SendStatus(pkg.ToREST(err))
|
|
}
|
|
|
|
c.Locals(TokenKey, token)
|
|
return c.Next()
|
|
}
|
|
}
|