-
Notifications
You must be signed in to change notification settings - Fork 4
/
middlewares.go
49 lines (40 loc) · 1.34 KB
/
middlewares.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package middlewares
import (
"context"
"net/http"
"os"
"strings"
jwt "github.com/dgrijalva/jwt-go"
"github.com/peterwade153/ivents/api/responses"
)
// SetContentTypeMiddleware sets content-type to json
func SetContentTypeMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
next.ServeHTTP(w, r)
})
}
// AuthJwtVerify verify token and add userID to the request context
func AuthJwtVerify(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var resp = map[string]interface{}{"status": "failed", "message": "Missing authorization token"}
var header = r.Header.Get("Authorization")
header = strings.TrimSpace(header)
if header == "" {
responses.JSON(w, http.StatusForbidden, resp)
return
}
token, err := jwt.Parse(header, func(token *jwt.Token) (interface{}, error) {
return []byte(os.Getenv("SECRET")), nil
})
if err != nil {
resp["status"] = "failed"
resp["message"] = "Invalid token, please login"
responses.JSON(w, http.StatusForbidden, resp)
return
}
claims, _ := token.Claims.(jwt.MapClaims)
ctx := context.WithValue(r.Context(), "userID", claims["userID"]) // adding the user ID to the context
next.ServeHTTP(w, r.WithContext(ctx))
})
}