56 lines
1.4 KiB
Go
56 lines
1.4 KiB
Go
package frame
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/zhang2092/gohelpers/pkg/token"
|
|
)
|
|
|
|
const (
|
|
authorizationHeaderKey = "authorization"
|
|
authorizationTypeBearer = "bearer"
|
|
authorizationPayloadKey = "authorization_payload"
|
|
)
|
|
|
|
// AuthJWT creates a gin middleware for authorization
|
|
//goland:noinspection GoUnusedExportedFunction
|
|
func AuthJWT(tokenMaker token.Maker) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
authorizationHeader := c.GetHeader(authorizationHeaderKey)
|
|
|
|
if len(authorizationHeader) == 0 {
|
|
err := errors.New("authorization header is not provided")
|
|
WrapContext(c).Error(http.StatusUnauthorized, err.Error())
|
|
return
|
|
}
|
|
|
|
fields := strings.Fields(authorizationHeader)
|
|
if len(fields) < 2 {
|
|
err := errors.New("invalid authorization header format")
|
|
WrapContext(c).Error(http.StatusUnauthorized, err.Error())
|
|
return
|
|
}
|
|
|
|
authorizationType := strings.ToLower(fields[0])
|
|
if authorizationType != authorizationTypeBearer {
|
|
err := fmt.Errorf("unsupported authorization type %s", authorizationType)
|
|
WrapContext(c).Error(http.StatusUnauthorized, err.Error())
|
|
return
|
|
}
|
|
|
|
accessToken := fields[1]
|
|
payload, err := tokenMaker.VerifyToken(accessToken)
|
|
if err != nil {
|
|
WrapContext(c).Error(http.StatusUnauthorized, err.Error())
|
|
return
|
|
}
|
|
|
|
c.Set(authorizationPayloadKey, payload)
|
|
c.Next()
|
|
}
|
|
}
|