80 lines
2.3 KiB
Go
80 lines
2.3 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http"
|
|
|
|
"git.urec56.ru/urec/chat_back_go/internal/domain"
|
|
)
|
|
|
|
// Auth достаёт jwt токен из хедера `Authorization` по схеме `Bearer` и кидает в контекст юзера
|
|
func (m *Middleware) Auth(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
t, err := m.serv.ExtractAuthToken(r)
|
|
if err != nil {
|
|
m.l.Infof("[%s] error extracting token: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
userID, err := m.serv.DecodeAuthToken(t)
|
|
if err != nil {
|
|
m.l.Infof("[%s] error decoding token: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
user, err := m.serv.Get(userID, false)
|
|
if err != nil {
|
|
if errors.Is(err, domain.UserNotFoundError) {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
return
|
|
}
|
|
m.l.Infof("[%s] error resolving user: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
ctx := r.Context()
|
|
ctx = context.WithValue(ctx, "user", user)
|
|
r = r.WithContext(ctx)
|
|
next(w, r)
|
|
}
|
|
}
|
|
|
|
// VerificatedAuth достаёт jwt токен из хедера `Authorization` по схеме `Bearer` и кидает в контекст верифицированного юзера
|
|
func (m *Middleware) VerificatedAuth(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
t, err := m.serv.ExtractAuthToken(r)
|
|
if err != nil {
|
|
m.l.Infof("[%s] error extracting token: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
userID, err := m.serv.DecodeAuthToken(t)
|
|
if err != nil {
|
|
m.l.Infof("[%s] error decoding token: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
user, err := m.serv.GetVerificated(userID)
|
|
if err != nil {
|
|
if errors.Is(err, domain.UserNotFoundError) {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
return
|
|
} else if errors.Is(err, domain.UnverifiedUserError) {
|
|
w.WriteHeader(http.StatusConflict)
|
|
return
|
|
}
|
|
m.l.Infof("[%s] error resolving user: %s", r.URL.Path, err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
ctx := r.Context()
|
|
ctx = context.WithValue(ctx, "user", user)
|
|
r = r.WithContext(ctx)
|
|
next(w, r)
|
|
}
|
|
}
|