-
Notifications
You must be signed in to change notification settings - Fork 4
/
authjwt.go
47 lines (39 loc) · 1.06 KB
/
authjwt.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package authjwt
import (
"errors"
"net/http"
"strings"
"github.com/golang-jwt/jwt/v4"
"github.com/ngamux/ngamux"
)
var (
ErrorForbidden = errors.New("forbidden")
)
func defaultErrorHandler(rw http.ResponseWriter, err error) error {
return ngamux.Res(rw).Status(http.StatusForbidden).Json(ngamux.Map{
"error": err.Error(),
})
}
func New(configs ...Config) func(next ngamux.Handler) ngamux.Handler {
var config Config
if len(configs) > 0 {
config = configs[0]
}
config = makeConfig(config)
return func(next ngamux.Handler) ngamux.Handler {
return func(rw http.ResponseWriter, r *http.Request) error {
authorizationHeader := r.Header.Get(config.Header)
if authorizationHeader == "" {
return config.ErrorHandler(rw, ErrorForbidden)
}
tokenString := strings.ReplaceAll(authorizationHeader, "Bearer ", "")
token, err := jwt.Parse(tokenString, config.keyFunc)
if err == nil && token.Valid {
tmpR := ngamux.Req(r)
tmpR.Locals(config.ContextKey, token)
return next(rw, tmpR.Request)
}
return config.ErrorHandler(rw, err)
}
}
}