54 lines
1.4 KiB
Go
54 lines
1.4 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"gitea.local/admin/hspguard/internal/auth"
|
|
"gitea.local/admin/hspguard/internal/types"
|
|
"gitea.local/admin/hspguard/internal/web"
|
|
)
|
|
|
|
func AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
authHeader := r.Header.Get("Authorization")
|
|
if authHeader == "" {
|
|
web.Error(w, "unauthorized", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
parts := strings.Split(authHeader, "Bearer ")
|
|
if len(parts) != 2 {
|
|
web.Error(w, "invalid auth header format", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
tokenStr := parts[1]
|
|
token, userClaims, err := auth.VerifyToken(tokenStr)
|
|
if err != nil || !token.Valid {
|
|
http.Error(w, fmt.Sprintf("invalid token: %v", err), http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
ctx := context.WithValue(r.Context(), types.UserIdKey, userClaims.UserID)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
})
|
|
}
|
|
|
|
func WithSkipper(mw func(http.Handler) http.Handler, excludedPaths ...string) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
for _, path := range excludedPaths {
|
|
if strings.HasPrefix(r.URL.Path, path) {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
}
|
|
mw(next).ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|
|
|