create and moove into new directories for BegushiyBashkir and

yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarbacreate and moove into new directories for BegushiyBashkir and yalarba
2025-10-24 05:22:44 +05:00
parent 358c14428f
commit 15357fd3c0
211 changed files with 3 additions and 3 deletions
@@ -0,0 +1,49 @@
+// pkg/middleware/admin_middleware.go
+package middleware
+
+import (
+	"api_bb/pkg/logger"
+	"api_bb/pkg/utils"
+	"net/http"
+
+	"go.uber.org/zap"
+)
+
+// AdminMiddleware проверяет, что пользователь имеет роль администратора
+func AdminMiddleware(next http.Handler) http.Handler {
+	logger := logger.NewWrapper(logger.Get().With(zap.String("middleware", "admin")))
+
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		logger.Info("admin middleware check",
+			zap.String("method", r.Method),
+			zap.String("path", r.URL.Path),
+			zap.String("remote_addr", r.RemoteAddr),
+		)
+
+		// Получаем пользователя из контекста
+		user, ok := GetUserFromContext(r.Context())
+		if !ok {
+			logger.Warn("admin middleware failed - user not found in context")
+			utils.RespondWithError(w, http.StatusUnauthorized, "Authentication required")
+			return
+		}
+
+		// Проверяем роль пользователя
+		if user.Role != "admin" {
+			logger.Warn("admin middleware failed - insufficient permissions",
+				zap.Uint("user_id", user.ID),
+				zap.String("user_role", user.Role),
+				zap.String("required_role", "admin"),
+			)
+			utils.RespondWithError(w, http.StatusForbidden, "Insufficient permissions: admin role required")
+			return
+		}
+
+		logger.Debug("admin middleware passed",
+			zap.Uint("user_id", user.ID),
+			zap.String("user_email", user.Email),
+		)
+
+		next.ServeHTTP(w, r)
+	})
+}
@@ -0,0 +1,137 @@
+// middleware/auth.go
+package middleware
+
+import (
+	"context"
+	"net/http"
+	"strings"
+
+	"api_bb/internal/models"
+	"api_bb/internal/repository"
+	"api_bb/internal/service"
+	"api_bb/pkg/logger"
+
+	"go.uber.org/zap"
+)
+
+type contextKey string
+
+const (
+	UserIDKey contextKey = "userID"
+	UserKey   contextKey = "user"
+)
+
+func AuthMiddleware(jwtService service.JWTService, userRepo repository.UserRepository) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			var tokenString string
+			logger := logger.Get()
+			logger.Debug("authMiddleware Start")
+
+			// Пробуем получить токен из заголовка Authorization
+			authHeader := r.Header.Get("Authorization")
+			if strings.HasPrefix(authHeader, "Bearer ") {
+				tokenString = strings.TrimPrefix(authHeader, "Bearer ")
+				logger.Debug("Token found in Authorization header")
+			}
+
+			// Если нет в заголовке, пробуем из куки
+			if tokenString == "" {
+				cookie, err := r.Cookie("auth_token")
+				if err == nil {
+					tokenString = cookie.Value
+					logger.Debug("Token found in auth_token cookie")
+				} else {
+					logger.Debug("No auth_token cookie found", zap.Error(err))
+				}
+			}
+
+			if tokenString == "" {
+				logger.Debug("No token found in request")
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			token, err := jwtService.ValidateToken(tokenString)
+			if err != nil || !token.Valid {
+				logger.Warn("Invalid token",
+					zap.Error(err),
+					zap.Bool("token_valid", token != nil && token.Valid))
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			userID, err := jwtService.ExtractUserID(token)
+			if err != nil {
+				logger.Error("Failed to extract user ID from token",
+					zap.Error(err))
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			logger.Debug("Extracted user ID from token",
+				zap.Any("user_id", userID))
+
+			user, err := userRepo.FindByID(userID)
+			if err != nil {
+				logger.Error("Failed to find user by ID",
+					zap.Any("user_id", userID),
+					zap.Error(err))
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			// Добавляем пользователя в контекст
+			ctx := context.WithValue(r.Context(), UserIDKey, userID)
+			ctx = context.WithValue(ctx, UserKey, user)
+
+			logger.Debug("User authenticated successfully",
+				zap.Any("user_id", userID),
+				zap.String("username", user.FirstName))
+
+				
+			logger.Debug("authMiddleware End")
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
+// RequireAuth middleware требует аутентификации
+func RequireAuth(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		logger := logger.Get()
+		userID := r.Context().Value(UserIDKey)
+		logger.Debug("RequireAuth method start")
+		logger.Debug("Extracted user ID from token",
+			zap.Any("user_id", userID))
+
+		if userID == nil {
+			logger.Warn("Authentication required but no user ID in context")
+			http.Error(w, `{"error": "Authentication required"}`, http.StatusUnauthorized)
+			return
+		}
+
+		logger.Debug("User authenticated", zap.Any("user_id", userID))
+			logger.Debug("authMiddleware End")
+		next.ServeHTTP(w, r)
+	})
+}
+
+// GetUserFromContext получает пользователя из контекста
+func GetUserFromContext(ctx context.Context) (*models.User, bool) {
+	logger := logger.Get()
+	user, ok := ctx.Value(UserKey).(*models.User)
+	logger.Debug("GetUserFromContext method")
+	logger.Debug("Extracted user ID from token",
+		zap.Any("user_id", user.ID))
+
+	if !ok {
+		logger.Debug("No user found in context")
+	} else {
+		logger.Debug("User retrieved from context",
+			zap.Any("user_id", user.ID),
+			zap.String("username", user.FirstName))
+	}
+
+	return user, ok
+}
@@ -0,0 +1,20 @@
+
+// pkg/middleware/cors.go
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/go-chi/cors"
+)
+
+func CORS() func(http.Handler) http.Handler {
+	return cors.Handler(cors.Options{
+		AllowedOrigins:   []string{"http://localhost:3001", "https://begushiybashkir.ru"},
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
+		ExposedHeaders:   []string{"Link", "Content-Length"},
+		AllowCredentials: true,
+		MaxAge:           300,
+	})
+}
@@ -0,0 +1,46 @@
+// pkg/middleware/logger.go
+package middleware
+
+import (
+	"net/http"
+	"time"
+
+	"api_bb/pkg/logger"
+
+	"github.com/go-chi/chi/v5/middleware"
+	"go.uber.org/zap"
+)
+
+// Logger middleware для логирования HTTP запросов
+func ZapLogger(next http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        start := time.Now()
+        
+        // Получаем request ID
+        reqID := middleware.GetReqID(r.Context())
+        
+        // Создаем логгер с контекстом запроса
+        requestLogger := logger.Get().With(
+            zap.String("method", r.Method),
+            zap.String("path", r.URL.Path),
+            zap.String("remote_addr", r.RemoteAddr),
+            zap.String("user_agent", r.UserAgent()),
+            zap.String("request_id", reqID),
+        )
+        
+        // Обертываем ResponseWriter для получения статуса
+        wrappedWriter := middleware.NewWrapResponseWriter(w, r.ProtoMajor)
+        
+        // Обрабатываем запрос
+        next.ServeHTTP(wrappedWriter, r)
+        
+        // Логируем результат
+        duration := time.Since(start)
+        
+        requestLogger.Info("request completed",
+            zap.Int("status", wrappedWriter.Status()),
+            zap.Int("bytes", wrappedWriter.BytesWritten()),
+            zap.Duration("duration", duration),
+        )
+    })
+}
@@ -0,0 +1,35 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/go-chi/chi/v5/middleware"
+	"github.com/go-chi/cors"
+)
+
+func CommonMiddleware() []func(http.Handler) http.Handler {
+	return []func(http.Handler) http.Handler{
+		HandleOptions,
+		CORS(),
+		ZapLogger,
+		middleware.Recoverer,
+		middleware.RequestID,
+		cors.Handler(cors.Options{
+			AllowedOrigins: []string{
+				"https://xn--80abahjtcfl5d0a8di.xn--p1ai",
+				"https://begushiybashkir.ru",
+				"http://localhost:3000",
+				"http://localhost:3001",
+				"http://localhost:5173"},
+			AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+			AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
+			ExposedHeaders:   []string{
+                "Link",
+                "Content-Length",
+                "Set-Cookie",
+            },
+			AllowCredentials: true,
+			MaxAge:           300,
+		}),
+	}
+}
@@ -0,0 +1,19 @@
+// pkg/middleware/options.go
+package middleware
+
+import "net/http"
+
+// HandleOptions автоматически обрабатывает OPTIONS запросы
+func HandleOptions(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == "OPTIONS" {
+			w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+			w.Header().Set("Access-Control-Allow-Credentials", "true")
+			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+			w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With")
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}