51 lines
1.3 KiB
Go
51 lines
1.3 KiB
Go
package api
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"git.nochill.in/nochill/hiling_go/util/token"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// func CORSMiddleware() gin.HandlerFunc {
|
|
// return func(ctx *gin.Context) {
|
|
// ctx.Writer.Header().Set("Access-Control-Allow-Origin", "*")
|
|
// ctx.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
|
|
// ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
|
|
// ctx.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
|
|
|
|
// if ctx.Request.Method == "OPTIONS" {
|
|
// ctx.AbortWithStatus(204)
|
|
// return
|
|
// }
|
|
|
|
// ctx.Next()
|
|
// }
|
|
// }
|
|
|
|
const (
|
|
authorizationPayloadKey = "authorization_payload"
|
|
)
|
|
|
|
func authMiddleware(tokenMaker token.Maker) gin.HandlerFunc {
|
|
return func(ctx *gin.Context) {
|
|
|
|
str, err := ctx.Cookie("paseto")
|
|
if err != nil {
|
|
ctx.AbortWithStatusJSON(http.StatusUnauthorized, ErrorResponse(err, "Unauthorized"))
|
|
return
|
|
}
|
|
|
|
payload, err := tokenMaker.VerifyToken(str)
|
|
|
|
if err != nil {
|
|
ctx.AbortWithStatusJSON(http.StatusInternalServerError, ErrorResponse(err, "Something went wrong while try to verify token"))
|
|
return
|
|
}
|
|
|
|
ctx.Set(authorizationPayloadKey, payload)
|
|
|
|
ctx.Next()
|
|
}
|
|
}
|