hiling_go/api/middleware.go

51 lines
1.3 KiB
Go

package api
import (
"net/http"
"git.nochill.in/nochill/hiling_go/util/token"
"github.com/gin-gonic/gin"
)
// func CORSMiddleware() gin.HandlerFunc {
// return func(ctx *gin.Context) {
// ctx.Writer.Header().Set("Access-Control-Allow-Origin", "*")
// ctx.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
// ctx.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
// ctx.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
// if ctx.Request.Method == "OPTIONS" {
// ctx.AbortWithStatus(204)
// return
// }
// ctx.Next()
// }
// }
const (
authorizationPayloadKey = "authorization_payload"
)
func authMiddleware(tokenMaker token.Maker) gin.HandlerFunc {
return func(ctx *gin.Context) {
str, err := ctx.Cookie("paseto")
if err != nil {
ctx.AbortWithStatusJSON(http.StatusUnauthorized, ErrorResponse(err, "Unauthorized"))
return
}
payload, err := tokenMaker.VerifyToken(str)
if err != nil {
ctx.AbortWithStatusJSON(http.StatusInternalServerError, ErrorResponse(err, "Something went wrong while try to verify token"))
return
}
ctx.Set(authorizationPayloadKey, payload)
ctx.Next()
}
}