Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var JwtAuthentication = func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { requestPath := r.URL.Path requestMethod := r.Method notAuth := []string{"/api/user/signup", "/api/user/login"} for _, value := range notAuth { if value == requestPath { next.ServeHTTP(w, r) return } } if strings.HasPrefix(requestPath, "/api/books") && requestMethod == http.MethodGet { next.ServeHTTP(w, r) return } response := make(map[string]interface{}) tokenHeader := r.Header.Get("Authorization") if tokenHeader == "" { response = u.Message(false, "Missing auth token") w.Header().Add("Content-Type", "application/json") u.Respond(w, response, http.StatusForbidden) return } splitted := strings.Split(tokenHeader, " ") if len(splitted) != 2 { response = u.Message(false, "Invalid/Malformed auth token") w.Header().Add("Content-Type", "application/json") u.Respond(w, response, http.StatusForbidden) return } tokenPart := splitted[1] tk := &models.Token{} token, err := jwt.ParseWithClaims(tokenPart, tk, func(token *jwt.Token) (interface{}, error) { return []byte(os.Getenv("token_password")), nil }) if err != nil { response = u.Message(false, "Malformed authentication token") w.Header().Add("Content-Type", "application/json") u.Respond(w, response, http.StatusForbidden) return } if !token.Valid { response = u.Message(false, "Token is not valid.") w.Header().Add("Content-Type", "application/json") u.Respond(w, response, http.StatusForbidden) return } fmt.Sprintf("User %v", tk.UserId) ctx := context.WithValue(r.Context(), "user", tk.UserId) r = r.WithContext(ctx) next.ServeHTTP(w, r) }) }
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.