valitovgaziz
46 lines
947 B
Go
46 lines
947 B
Go
package auth
|
|
|
|
import (
|
|
"api/src/models"
|
|
"context"
|
|
"net/http"
|
|
|
|
"github.com/golang-jwt/jwt/v4"
|
|
)
|
|
|
|
func AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
c, err := r.Cookie("token")
|
|
if err != nil {
|
|
if err == http.ErrNoCookie {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
tknStr := c.Value
|
|
claims := &models.Claims{}
|
|
|
|
tkn, err := jwt.ParseWithClaims(tknStr, claims, func(token *jwt.Token) (interface{}, error) {
|
|
return jwtKey, nil
|
|
})
|
|
|
|
if err != nil {
|
|
if err == jwt.ErrSignatureInvalid {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
return
|
|
}
|
|
if !tkn.Valid {
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
ctx := context.WithValue(r.Context(), "email", claims.Email)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
})
|
|
}
|