first commit
This commit is contained in:
Akhil Gupta
71
server/controllers/middlewares.go
Normal file
71
server/controllers/middlewares.go
Normal file
@@ -0,0 +1,71 @@
|
||||
package controllers
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/akhilrex/hammond/db"
|
||||
"github.com/dgrijalva/jwt-go"
|
||||
"github.com/dgrijalva/jwt-go/request"
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// Strips 'BEARER ' prefix from token string
|
||||
func stripBearerPrefixFromTokenString(tok string) (string, error) {
|
||||
// Should be a bearer token
|
||||
if len(tok) > 6 && strings.ToUpper(tok[0:6]) == "BEARER " {
|
||||
return tok[7:], nil
|
||||
}
|
||||
return tok, nil
|
||||
}
|
||||
|
||||
// Extract token from Authorization header
|
||||
// Uses PostExtractionFilter to strip "TOKEN " prefix from header
|
||||
var AuthorizationHeaderExtractor = &request.PostExtractionFilter{
|
||||
request.HeaderExtractor{"Authorization"},
|
||||
stripBearerPrefixFromTokenString,
|
||||
}
|
||||
|
||||
// Extractor for OAuth2 access tokens. Looks in 'Authorization'
|
||||
// header then 'access_token' argument for a token.
|
||||
var MyAuth2Extractor = &request.MultiExtractor{
|
||||
AuthorizationHeaderExtractor,
|
||||
request.ArgumentExtractor{"access_token"},
|
||||
}
|
||||
|
||||
// A helper to write user_id and user_model to the context
|
||||
func UpdateContextUserModel(c *gin.Context, my_user_id string) {
|
||||
var myUserModel db.User
|
||||
if my_user_id != "" {
|
||||
|
||||
db.DB.First(&myUserModel, map[string]string{
|
||||
"ID": my_user_id,
|
||||
})
|
||||
}
|
||||
c.Set("userId", my_user_id)
|
||||
c.Set("userModel", myUserModel)
|
||||
}
|
||||
|
||||
// You can custom middlewares yourself as the doc: https://github.com/gin-gonic/gin#custom-middleware
|
||||
// r.Use(AuthMiddleware(true))
|
||||
func AuthMiddleware(auto401 bool) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
UpdateContextUserModel(c, "")
|
||||
token, err := request.ParseFromRequest(c.Request, MyAuth2Extractor, func(token *jwt.Token) (interface{}, error) {
|
||||
b := ([]byte(os.Getenv("JWT_SECRET")))
|
||||
return b, nil
|
||||
})
|
||||
if err != nil {
|
||||
if auto401 {
|
||||
c.AbortWithError(http.StatusUnauthorized, err)
|
||||
}
|
||||
return
|
||||
}
|
||||
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
|
||||
my_user_id := claims["id"].(string)
|
||||
//fmt.Println(my_user_id,claims["id"])
|
||||
UpdateContextUserModel(c, my_user_id)
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user