backend/internal/middleware/jwt_auth.go

package middleware

import (
	"github.com/gin-gonic/gin"
	"github.com/stonith404/pocket-id/backend/internal/service"
	"github.com/stonith404/pocket-id/backend/internal/utils"
	"net/http"
	"strings"
)

type JwtAuthMiddleware struct {
	jwtService *service.JwtService
}

func NewJwtAuthMiddleware(jwtService *service.JwtService) *JwtAuthMiddleware {
	return &JwtAuthMiddleware{jwtService: jwtService}
}

func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {
	return func(c *gin.Context) {
		// Extract the token from the cookie or the Authorization header
		token, err := c.Cookie("access_token")
		if err != nil {
			authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")
			if len(authorizationHeaderSplitted) == 2 {
				token = authorizationHeaderSplitted[1]
			} else {
				utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
				c.Abort()
				return
			}
		}

		claims, err := m.jwtService.VerifyAccessToken(token)
		if err != nil {
			utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")
			c.Abort()
			return
		}

		// Check if the user is an admin
		if adminOnly && !claims.IsAdmin {
			utils.HandlerError(c, http.StatusForbidden, "You don't have permission to access this resource")
			c.Abort()
			return
		}

		c.Set("userID", claims.Subject)
		c.Set("userIsAdmin", claims.IsAdmin)
		c.Next()
	}
}
initial commit 2024-08-12 11:00:25 +02:00			`package middleware`

			`import (`
			`"github.com/gin-gonic/gin"`
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`"github.com/stonith404/pocket-id/backend/internal/service"`
			`"github.com/stonith404/pocket-id/backend/internal/utils"`
initial commit 2024-08-12 11:00:25 +02:00			`"net/http"`
			`"strings"`
			`)`

refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`type JwtAuthMiddleware struct {`
			`jwtService *service.JwtService`
			`}`

			`func NewJwtAuthMiddleware(jwtService service.JwtService) JwtAuthMiddleware {`
			`return &JwtAuthMiddleware{jwtService: jwtService}`
			`}`
initial commit 2024-08-12 11:00:25 +02:00
refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`func (m *JwtAuthMiddleware) Add(adminOnly bool) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
initial commit 2024-08-12 11:00:25 +02:00			`// Extract the token from the cookie or the Authorization header`
			`token, err := c.Cookie("access_token")`
			`if err != nil {`
			`authorizationHeaderSplitted := strings.Split(c.GetHeader("Authorization"), " ")`
			`if len(authorizationHeaderSplitted) == 2 {`
			`token = authorizationHeaderSplitted[1]`
			`} else {`
			`utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")`
			`c.Abort()`
			`return`
			`}`
			`}`

refactor: use dependency injection in backend 2024-08-17 21:57:14 +02:00			`claims, err := m.jwtService.VerifyAccessToken(token)`
initial commit 2024-08-12 11:00:25 +02:00			`if err != nil {`
			`utils.HandlerError(c, http.StatusUnauthorized, "You're not signed in")`
			`c.Abort()`
			`return`
			`}`

			`// Check if the user is an admin`
			`if adminOnly && !claims.IsAdmin {`
			`utils.HandlerError(c, http.StatusForbidden, "You don't have permission to access this resource")`
			`c.Abort()`
			`return`
			`}`

			`c.Set("userID", claims.Subject)`
			`c.Set("userIsAdmin", claims.IsAdmin)`
			`c.Next()`
			`}`
			`}`