| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- package auth
-
- import (
- "fmt"
- "time"
-
- "github.com/dgrijalva/jwt-go"
- "github.com/gin-gonic/gin"
- )
-
- func OptionalAuth(authKey string) gin.HandlerFunc {
- return func(ctx *gin.Context) {
- var (
- err error
- tk = ctx.Request.Header.Get(ctxRequestHeaderAuthorization)
- )
-
- if tk == "" {
- tk, err = ctx.Cookie(ctxRequestCookieAuthorization)
- if err != nil {
- return
- }
-
- tk = "Bearer " + tk
- }
-
- if len(tk) < 8 {
- return
- }
-
- token, err := jwt.Parse(tk[7:], func(token *jwt.Token) (interface{}, error) {
- if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
- return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
- }
-
- return []byte(authKey), nil
- })
-
- if err != nil || !token.Valid {
- return
- }
-
- if mapClaims, ok := token.Claims.(jwt.MapClaims); ok {
- if expired, ok := mapClaims[ctxRequestTokenExpired].(float64); ok {
- if int64(expired) < time.Now().Unix() {
- // Only cookie is blank value, check token expired
- if _, err := ctx.Cookie(ctxRequestCookieAuthorization); err != nil {
- return
- }
- }
- }
-
- if uid, ok := mapClaims[CtxRequestHeaderUserId].(float64); ok {
- ctx.Set(CtxRequestHeaderUserId, int64(uid))
- }
- }
- }
- }
|
