56 lines
1.2 KiB
Go
56 lines
1.2 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"git.artlef.fr/PersonalLibraryManager/internal/jwtauth"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/golang-jwt/jwt/v5"
|
|
)
|
|
|
|
func Auth() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
//do not check current user if we are creating an account or logging in
|
|
if strings.HasPrefix(c.FullPath(), "/ws/auth/") {
|
|
return
|
|
}
|
|
|
|
//do not check static files
|
|
if strings.HasPrefix(c.FullPath(), "/static/bookcover/") {
|
|
return
|
|
}
|
|
|
|
username, err := parseUserFromJwt(c)
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized,
|
|
gin.H{"error": "You must be logged in to access this resource."})
|
|
} else {
|
|
c.Set("user", username)
|
|
}
|
|
}
|
|
}
|
|
|
|
func parseUserFromJwt(c *gin.Context) (string, error) {
|
|
|
|
jwtokenStr := jwtFromBearerToken(c.GetHeader("Authorization"))
|
|
jwtoken, parseErr := jwt.Parse(jwtokenStr,
|
|
func(token *jwt.Token) (any, error) {
|
|
return jwtauth.GetJwtKey()
|
|
}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))
|
|
if parseErr != nil {
|
|
return "", parseErr
|
|
}
|
|
return jwtoken.Claims.GetSubject()
|
|
}
|
|
|
|
func jwtFromBearerToken(bearerToken string) string {
|
|
splitToken := strings.Split(bearerToken, " ")
|
|
if len(splitToken) == 2 {
|
|
return splitToken[1]
|
|
} else {
|
|
return ""
|
|
}
|
|
}
|