52 lines
1.3 KiB
Go
52 lines
1.3 KiB
Go
|
package api
|
||
|
|
||
|
import (
|
||
|
"errors"
|
||
|
"fmt"
|
||
|
"net/http"
|
||
|
"strings"
|
||
|
|
||
|
"git.nochill.in/nochill/naice_pos/token"
|
||
|
"github.com/gin-gonic/gin"
|
||
|
)
|
||
|
|
||
|
const (
|
||
|
authorizationHeaderKey = "authorization"
|
||
|
authorizationTypeBearer = "bearer"
|
||
|
authorizationPayloadKey = "authorization_payload"
|
||
|
)
|
||
|
|
||
|
func authMiddleware(tokenMaker token.Maker) gin.HandlerFunc {
|
||
|
return func(ctx *gin.Context) {
|
||
|
authorizationHeader := ctx.GetHeader(authorizationHeaderKey)
|
||
|
if len(authorizationHeader) == 0 {
|
||
|
err := errors.New("authorization header is not provided")
|
||
|
ctx.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse(err))
|
||
|
return
|
||
|
}
|
||
|
|
||
|
fields := strings.Fields(authorizationHeader)
|
||
|
if len(fields) < 2 {
|
||
|
err := errors.New("Invalid authorization header format")
|
||
|
ctx.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse(err))
|
||
|
return
|
||
|
}
|
||
|
|
||
|
authorizationType := strings.ToLower(fields[0])
|
||
|
if authorizationType != authorizationTypeBearer {
|
||
|
err := fmt.Errorf("Authorization only accept bearer type")
|
||
|
ctx.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse(err))
|
||
|
}
|
||
|
|
||
|
accessToken := fields[1]
|
||
|
payload, err := tokenMaker.VerifyToken(accessToken)
|
||
|
if err != nil {
|
||
|
ctx.AbortWithStatusJSON(http.StatusUnauthorized, errorResponse(err))
|
||
|
return
|
||
|
}
|
||
|
|
||
|
ctx.Set(authorizationPayloadKey, payload)
|
||
|
ctx.Next()
|
||
|
}
|
||
|
}
|