neko/internal/api/utils/auth.go

package utils

import (
	"context"
	"fmt"
	"net/http"
	"strings"

	"github.com/go-chi/render"
	"github.com/dgrijalva/jwt-go"
)

type key int

const (
    keyPrincipalID key = iota
)

func GetUserName(r *http.Request) interface{} {
	props, _ := r.Context().Value(keyPrincipalID).(jwt.MapClaims)
	return props["user_name"]
}

type HttpMiddleware = func(next http.Handler) http.Handler

func AuthMiddleware(next http.Handler, jwtSecrets ...[]byte) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		authHeader := strings.Split(r.Header.Get("Authorization"), "Bearer ")
		if len(authHeader) != 2 {
			_ = render.Render(w, r, ErrMessage(401, "Malformed JWT token."))
			return
		}

		jwtToken := authHeader[1]
		var jwtVerified *jwt.Token
		var err error
		for _, jwtSecret := range jwtSecrets {
			jwtVerified, err = jwt.Parse(jwtToken, func(token *jwt.Token) (interface{}, error) {
				if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
					return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
				}

				return jwtSecret, nil
			})

			if err == nil {
				break
			}
		}

		if err != nil {
			_ = render.Render(w, r, ErrMessage(401, "Invalid JWT token."))
			return
		}

		if claims, ok := jwtVerified.Claims.(jwt.MapClaims); ok && jwtVerified.Valid {
			ctx := context.WithValue(r.Context(), keyPrincipalID, claims)
			// Access context values in handlers like this
			// props, _ := r.Context().Value("props").(jwt.MapClaims)
			next.ServeHTTP(w, r.WithContext(ctx))
		} else {
			_ = render.Render(w, r, ErrMessage(401, "Unauthorized."))
		}
	})
}
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`package utils`

			`import (`
			`"context"`
			`"fmt"`
			`"net/http"`
			`"strings"`

			`"github.com/go-chi/render"`
			`"github.com/dgrijalva/jwt-go"`
			`)`

API lint fix. 2020-11-01 09:58:57 +13:00			`type key int`

			`const (`
			`keyPrincipalID key = iota`
			`)`

use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`func GetUserName(r *http.Request) interface{} {`
API lint fix. 2020-11-01 09:58:57 +13:00			`props, _ := r.Context().Value(keyPrincipalID).(jwt.MapClaims)`
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`return props["user_name"]`
			`}`

			`type HttpMiddleware = func(next http.Handler) http.Handler`

			`func AuthMiddleware(next http.Handler, jwtSecrets ...[]byte) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`authHeader := strings.Split(r.Header.Get("Authorization"), "Bearer ")`
			`if len(authHeader) != 2 {`
API lint fix. 2020-11-01 09:58:57 +13:00			`_ = render.Render(w, r, ErrMessage(401, "Malformed JWT token."))`
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`return`
			`}`

			`jwtToken := authHeader[1]`
			`var jwtVerified *jwt.Token`
			`var err error`
			`for _, jwtSecret := range jwtSecrets {`
			`jwtVerified, err = jwt.Parse(jwtToken, func(token *jwt.Token) (interface{}, error) {`
			`if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {`
			`return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])`
			`}`

			`return jwtSecret, nil`
			`})`

			`if err == nil {`
			`break`
			`}`
			`}`

			`if err != nil {`
API lint fix. 2020-11-01 09:58:57 +13:00			`_ = render.Render(w, r, ErrMessage(401, "Invalid JWT token."))`
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`return`
			`}`

			`if claims, ok := jwtVerified.Claims.(jwt.MapClaims); ok && jwtVerified.Valid {`
API lint fix. 2020-11-01 09:58:57 +13:00			`ctx := context.WithValue(r.Context(), keyPrincipalID, claims)`
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`// Access context values in handlers like this`
			`// props, _ := r.Context().Value("props").(jwt.MapClaims)`
			`next.ServeHTTP(w, r.WithContext(ctx))`
			`} else {`
API lint fix. 2020-11-01 09:58:57 +13:00			`_ = render.Render(w, r, ErrMessage(401, "Unauthorized."))`
use custom JWT middleware. 2020-11-01 00:27:55 +13:00			`}`
			`})`
			`}`