5e07383ab0
We don't need to fail, but we do need a way to know when a user is logged in. The new domain(server) function IsLoggedIn will do just that!
74 lines
2.1 KiB
Go
74 lines
2.1 KiB
Go
package server
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/golang-jwt/jwt/v5"
|
|
domain "github.com/haydenhargreaves/Potion/internal/domain/server"
|
|
)
|
|
|
|
// DepedencyInjectionMiddleware injects the dependencies into the context set. This is a middleware
|
|
// that is used to apply the required services.
|
|
func DepedencyInjectionMiddleware(deps *domain.InjectedDependencies) gin.HandlerFunc {
|
|
return func(ctx *gin.Context) {
|
|
ctx.Set("deps", deps)
|
|
ctx.Next()
|
|
}
|
|
}
|
|
|
|
// JwtAuthMiddleWare handles collection the JWT from the browser's cookies and setting the
|
|
// appropriate data. If the data is not found, this middleware will do effectively nothing, by not
|
|
// setting any values. Protected routes can use this lack of a value as a sign that the user is not
|
|
// logged in and direct the user to login.
|
|
func JwtAuthMiddleWare(jwtSecretKey []byte) gin.HandlerFunc {
|
|
return func(ctx *gin.Context) {
|
|
// JWT cookie not found
|
|
tokenString, err := ctx.Cookie("jwt_token")
|
|
if err != nil {
|
|
ctx.Next()
|
|
return
|
|
}
|
|
|
|
claims := &domain.JwtClaims{}
|
|
|
|
token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
|
|
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
|
}
|
|
return jwtSecretKey, nil
|
|
})
|
|
|
|
// Error occurred when parsing
|
|
if err != nil {
|
|
ctx.Next()
|
|
return
|
|
}
|
|
|
|
// NOTE: If we need deeper error handling
|
|
// if err != nil {
|
|
// if errors.Is(err, jwt.ErrSignatureInvalid) {
|
|
// ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token signature"})
|
|
// } else if errors.Is(err, jwt.ErrTokenExpired) || errors.Is(err, jwt.ErrTokenNotValidYet) {
|
|
// ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Token expired or not yet valid"})
|
|
// } else {
|
|
// log.Printf("JWT parsing error: %v", err)
|
|
// ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"})
|
|
// }
|
|
// ctx.Abort()
|
|
// return
|
|
// }
|
|
|
|
// Token is invalid
|
|
if !token.Valid {
|
|
ctx.Next()
|
|
return
|
|
}
|
|
|
|
// Found: Set the values
|
|
ctx.Set("userId", claims.UserId)
|
|
ctx.Set("userEmail", claims.Email)
|
|
ctx.Next()
|
|
}
|
|
}
|