From ca37a475c94caf69d457974e0822b759ddd80263 Mon Sep 17 00:00:00 2001
From: valitovgaziz <valitovgaziz@yandex.ru>
Date: Mon, 29 Sep 2025 01:37:05 +0500
Subject: [PATCH] 	new file:   internal/middleware/auth.go add middleware
 for authenticate

---
 .../internal/middleware/auth.go               | 35 +++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 serv_golang_rest_api/internal/middleware/auth.go

diff --git a/serv_golang_rest_api/internal/middleware/auth.go b/serv_golang_rest_api/internal/middleware/auth.go
new file mode 100644
index 0000000..2fbac6a
--- /dev/null
+++ b/serv_golang_rest_api/internal/middleware/auth.go
@@ -0,0 +1,35 @@
+// middleware/auth.go
+package middleware
+
+import (
+    "context"
+    "net/http"
+    "strings"
+    "serv_golang_rest_api/internal/utils"
+)
+
+func AuthMiddleware(next http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        authHeader := r.Header.Get("Authorization")
+        if authHeader == "" {
+            utils.WriteError(w, http.StatusUnauthorized, "Authorization header required")
+            return
+        }
+        
+        parts := strings.Split(authHeader, " ")
+        if len(parts) != 2 || parts[0] != "Bearer" {
+            utils.WriteError(w, http.StatusUnauthorized, "Invalid authorization format")
+            return
+        }
+        
+        claims, err := utils.ValidateJWT(parts[1])
+        if err != nil {
+            utils.WriteError(w, http.StatusUnauthorized, "Invalid token")
+            return
+        }
+        
+        // Добавляем claims в контекст
+        ctx := context.WithValue(r.Context(), "userClaims", claims)
+        next.ServeHTTP(w, r.WithContext(ctx))
+    })
+}
\ No newline at end of file