/
rest_jwt_auth.go
96 lines (67 loc) · 2.09 KB
/
rest_jwt_auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
package rest
import (
"fmt"
"net/http"
"time"
"github.com/dgrijalva/jwt-go"
)
var mySigningKey = []byte("thisisafabrichyperledgerdemo")
var savedToken = make(map[string]string)
func (app *RestApp) processAuthentication(w http.ResponseWriter, key string) string {
validToken, err := GenerateJWT(key)
if err != nil {
fmt.Fprintf(w, err.Error())
}
client := &http.Client{}
r, _ := http.NewRequest("GET", "http://localhost:"+PORT+"/token_auth", nil)
r.Header.Set("Token", validToken)
_, err = client.Do(r)
if err != nil {
respondJSON(w, map[string]string{"error": "Auth Error - "+err.Error()})
}
savedToken["token"] = validToken
return validToken
}
func GenerateJWT(email string) (string, error) {
token := jwt.New(jwt.SigningMethodHS256)
claims := token.Claims.(jwt.MapClaims)
claims["authorized"] = true
claims["user"] = email
claims["exp"] = time.Now().Add(time.Minute * 30).Unix()
tokenString, err := token.SignedString(mySigningKey)
if err != nil {
fmt.Println("something went wrong: %s", err.Error())
return "", err
}
return tokenString, nil
}
func (app *RestApp) hasSavedToken(endpoint func(http.ResponseWriter, *http.Request, string)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if savedToken["token"] != "" {
token := savedToken["token"]
endpoint(w, r, token)
} else {
respondJSON(w, map[string]string{"error": "Not Authorized"})
}
}
}
func (app *RestApp) isAuthorized(endpoint func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if r.Header["Token"] != nil {
token, err := jwt.Parse(r.Header["Token"][0], func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("There was a error")
}
return mySigningKey, nil
})
if err != nil {
respondJSON(w, map[string]string{"error": err.Error()})
}
if token.Valid {
endpoint(w, r)
}
} else {
respondJSON(w, map[string]string{"error": "Not Authorized"})
}
}
}