package server import ( "fmt" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt/v5" domain "github.com/haydenhargreaves/Potion/internal/domain/server" ) // DepedencyInjectionMiddleware injects the dependencies into the context set. This is a middleware // that is used to apply the required services. func DepedencyInjectionMiddleware(deps *domain.InjectedDependencies) gin.HandlerFunc { return func(ctx *gin.Context) { ctx.Set("deps", deps) ctx.Next() } } // JwtAuthMiddleWare handles collection the JWT from the browser's cookies and setting the // appropriate data. If the data is not found, this middleware will do effectively nothing, by not // setting any values. Protected routes can use this lack of a value as a sign that the user is not // logged in and direct the user to login. func JwtAuthMiddleWare(jwtSecretKey []byte) gin.HandlerFunc { return func(ctx *gin.Context) { // JWT cookie not found tokenString, err := ctx.Cookie("jwt_token") if err != nil { ctx.Next() return } claims := &domain.JwtClaims{} token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) { if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"]) } return jwtSecretKey, nil }) // Error occurred when parsing if err != nil { ctx.Next() return } // NOTE: If we need deeper error handling // if err != nil { // if errors.Is(err, jwt.ErrSignatureInvalid) { // ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token signature"}) // } else if errors.Is(err, jwt.ErrTokenExpired) || errors.Is(err, jwt.ErrTokenNotValidYet) { // ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Token expired or not yet valid"}) // } else { // log.Printf("JWT parsing error: %v", err) // ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"}) // } // ctx.Abort() // return // } // Token is invalid if !token.Valid { ctx.Next() return } // Found: Set the values ctx.Set("userId", claims.UserId) ctx.Set("userEmail", claims.Email) ctx.Next() } }