Check authentication from jwt on all routes
This commit is contained in:
@@ -1,15 +1,12 @@
|
|||||||
package jwtauth
|
package jwtauth
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/base64"
|
|
||||||
"os"
|
|
||||||
|
|
||||||
"github.com/golang-jwt/jwt/v5"
|
"github.com/golang-jwt/jwt/v5"
|
||||||
)
|
)
|
||||||
|
|
||||||
func GenerateJwtToken(username string) (string, error) {
|
func GenerateJwtToken(username string) (string, error) {
|
||||||
var s string
|
var s string
|
||||||
key, err := base64.URLEncoding.DecodeString(os.Getenv(getKeyVariableName()))
|
key, err := GetJwtKey()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return s, err
|
return s, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -37,3 +37,7 @@ func InitKey() error {
|
|||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func GetJwtKey() ([]byte, error) {
|
||||||
|
return base64.URLEncoding.DecodeString(os.Getenv(getKeyVariableName()))
|
||||||
|
}
|
||||||
|
|||||||
52
internal/middleware/auth.go
Normal file
52
internal/middleware/auth.go
Normal file
@@ -0,0 +1,52 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"git.artlef.fr/PersonalLibraryManager/internal/jwtauth"
|
||||||
|
"github.com/gin-gonic/gin"
|
||||||
|
"github.com/golang-jwt/jwt/v5"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Auth() gin.HandlerFunc {
|
||||||
|
return func(c *gin.Context) {
|
||||||
|
|
||||||
|
//do not check current user if we are creating an account or logging in
|
||||||
|
if strings.HasPrefix(c.FullPath(), "/auth") {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
username, err := parseUserFromJwt(c)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
c.AbortWithStatusJSON(http.StatusUnauthorized,
|
||||||
|
gin.H{"error": "You must be logged in to access this resource."})
|
||||||
|
} else {
|
||||||
|
c.Set("user", username)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseUserFromJwt(c *gin.Context) (string, error) {
|
||||||
|
|
||||||
|
jwtokenStr := jwtFromBearerToken(c.GetHeader("Authorization"))
|
||||||
|
jwtoken, parseErr := jwt.Parse(jwtokenStr,
|
||||||
|
func(token *jwt.Token) (any, error) {
|
||||||
|
return jwtauth.GetJwtKey()
|
||||||
|
}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))
|
||||||
|
if parseErr != nil {
|
||||||
|
return "", parseErr
|
||||||
|
}
|
||||||
|
return jwtoken.Claims.GetSubject()
|
||||||
|
}
|
||||||
|
|
||||||
|
func jwtFromBearerToken(bearerToken string) string {
|
||||||
|
splitToken := strings.Split(bearerToken, " ")
|
||||||
|
if len(splitToken) == 2 {
|
||||||
|
return splitToken[1]
|
||||||
|
} else {
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
}
|
||||||
2
main.go
2
main.go
@@ -8,6 +8,7 @@ import (
|
|||||||
"git.artlef.fr/PersonalLibraryManager/internal/config"
|
"git.artlef.fr/PersonalLibraryManager/internal/config"
|
||||||
"git.artlef.fr/PersonalLibraryManager/internal/db"
|
"git.artlef.fr/PersonalLibraryManager/internal/db"
|
||||||
"git.artlef.fr/PersonalLibraryManager/internal/jwtauth"
|
"git.artlef.fr/PersonalLibraryManager/internal/jwtauth"
|
||||||
|
"git.artlef.fr/PersonalLibraryManager/internal/middleware"
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
@@ -24,6 +25,7 @@ func setup(config *config.Config) *gin.Engine {
|
|||||||
}
|
}
|
||||||
r := gin.Default()
|
r := gin.Default()
|
||||||
r.Use(cors.Default()) // All origins allowed by default
|
r.Use(cors.Default()) // All origins allowed by default
|
||||||
|
r.Use(middleware.Auth())
|
||||||
r.GET("/books", func(c *gin.Context) {
|
r.GET("/books", func(c *gin.Context) {
|
||||||
api.GetBooksHanderl(c, db)
|
api.GetBooksHanderl(c, db)
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user