Selaa lähdekoodia

add team and role id

Paul 5 vuotta sitten
vanhempi
commit
ba094d2383
2 muutettua tiedostoa jossa 85 lisäystä ja 0 poistoa
  1. 50
    0
      middleware/auth/auth.go
  2. 35
    0
      middleware/auth/optional_auth.go

+ 50
- 0
middleware/auth/auth.go Näytä tiedosto

@@ -18,6 +18,56 @@ const (
18 18
 )
19 19
 
20 20
 func Auth(authKey string, session Session) gin.HandlerFunc {
21
+	return func(ctx *gin.Context) {
22
+		var tokenFromCookie, tokenFromHeader string
23
+
24
+		tokenFromCookie, err := ctx.Cookie(ctxRequestCookieAuthorization)
25
+		if err == http.ErrNoCookie {
26
+			tokenFromHeader = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
27
+		}
28
+
29
+		if tokenFromHeader == "" {
30
+			tokenFromHeader = "Bearer " + tokenFromCookie
31
+		}
32
+
33
+		if len(tokenFromHeader) < 8 {
34
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
35
+			return
36
+		}
37
+
38
+		token, err := jwt.Parse(tokenFromHeader[7:], func(token *jwt.Token) (interface{}, error) {
39
+			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
40
+				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
41
+			}
42
+
43
+			return []byte(authKey), nil
44
+		})
45
+
46
+		if err != nil || !token.Valid {
47
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed"})
48
+			return
49
+		}
50
+
51
+		if !session.IsExistsJwtToken(token.Raw) {
52
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token expired by server"})
53
+			return
54
+		}
55
+
56
+		if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
57
+			if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
58
+				ctx.Set(CtxRequestHeaderUserId, int64(uid))
59
+			} else {
60
+				ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, mapClaims[CtxRequestHeaderUserId].(float64) error"})
61
+				return
62
+			}
63
+		} else {
64
+			ctx.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"msg": "auth failed, token.Claims.(jwt.MapClaims) error"})
65
+			return
66
+		}
67
+	}
68
+}
69
+
70
+func CloudTeamAuth(authKey string, session Session) gin.HandlerFunc {
21 71
 	return func(ctx *gin.Context) {
22 72
 		var tokenFromCookie, tokenFromHeader string
23 73
 

+ 35
- 0
middleware/auth/optional_auth.go Näytä tiedosto

@@ -9,6 +9,41 @@ import (
9 9
 )
10 10
 
11 11
 func OptionalAuth(authKey string) gin.HandlerFunc {
12
+	return func(ctx *gin.Context) {
13
+		var tokenFromCookie, tokenFromHeader string
14
+
15
+		tokenFromCookie, err := ctx.Cookie(ctxRequestCookieAuthorization)
16
+		if err == http.ErrNoCookie {
17
+			tokenFromHeader = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
18
+		}
19
+
20
+		if tokenFromHeader == "" {
21
+			tokenFromHeader = "Bearer " + tokenFromCookie
22
+		}
23
+
24
+		if len(tokenFromHeader) > 7 {
25
+			token, err := jwt.Parse(tokenFromHeader[7:], func(token *jwt.Token) (interface{}, error) {
26
+				if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
27
+					return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
28
+				}
29
+
30
+				return []byte(authKey), nil
31
+			})
32
+
33
+			if err != nil || !token.Valid {
34
+				return
35
+			}
36
+
37
+			if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
38
+				if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
39
+					ctx.Set(CtxRequestHeaderUserId, int64(uid))
40
+				}
41
+			}
42
+		}
43
+	}
44
+}
45
+
46
+func OptionalCloudTeamAuth(authKey string) gin.HandlerFunc {
12 47
 	return func(ctx *gin.Context) {
13 48
 		var tokenFromCookie, tokenFromHeader string
14 49