newsbot-portal/internal/handlers/middleware.go

package handlers

import (
	"time"

	"git.jamestombleson.com/jtom38/newsbot-portal/apiclient"
	"git.jamestombleson.com/jtom38/newsbot-portal/internal/domain"
	"github.com/golang-jwt/jwt/v5"
	"github.com/labstack/echo/v4"
)

func ValidateJwtMiddleware(jwtSecret string) echo.MiddlewareFunc {
	return func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(c echo.Context) error {
			cookie, err := c.Cookie(domain.CookieToken)
			if err != nil {
				return err
			}

			if cookie.Value == "" {
				return echo.NewHTTPError(401, "Authorization token is missing.")
			}

			token, err := jwt.ParseWithClaims(cookie.Value, &jwtToken{}, func(token *jwt.Token) (interface{}, error) {
				return []byte(jwtSecret), nil
			})
			if err != nil {
				return err
			}

			if !token.Valid {
				return echo.NewHTTPError(401, "Invalid authorization token.")
				//return errors.New("invalid jwt token")
			}

			claims := token.Claims.(*jwtToken)
			if !claims.Exp.After(time.Now()) {
				return echo.NewHTTPError(401, "Your Authorization token has expired.")
				//return errors.New("the jwt token has expired")
			}
			//if claims.Iss != issuer {
			//	return jwtToken{}, errors.New("the issuer was invalid")
			//}

			return next(c)
		}
	}
}

func RefreshJwtMiddleware(api apiclient.ApiClient) echo.MiddlewareFunc {
	return func(next echo.HandlerFunc) echo.HandlerFunc {
		return func(c echo.Context) error {
			resp, err := api.Users.RefreshJwtTokenFromContext(c)
			if err != nil {
				return next(c)
			}

			SetCookie(c, domain.CookieToken, resp.Token, "/")
			SetCookie(c, domain.CookieRefreshToken, resp.RefreshToken, "/")

			return next(c)
		}
	}
}
Attempting middleware but unsure. Made new funcs to check jwt 2024-07-07 07:58:26 -07:00			`package handlers`

			`import (`
			`"time"`

			`"git.jamestombleson.com/jtom38/newsbot-portal/apiclient"`
			`"git.jamestombleson.com/jtom38/newsbot-portal/internal/domain"`
			`"github.com/golang-jwt/jwt/v5"`
			`"github.com/labstack/echo/v4"`
			`)`

			`func ValidateJwtMiddleware(jwtSecret string) echo.MiddlewareFunc {`
			`return func(next echo.HandlerFunc) echo.HandlerFunc {`
			`return func(c echo.Context) error {`
			`cookie, err := c.Cookie(domain.CookieToken)`
			`if err != nil {`
			`return err`
			`}`

			`if cookie.Value == "" {`
			`return echo.NewHTTPError(401, "Authorization token is missing.")`
			`}`

			`token, err := jwt.ParseWithClaims(cookie.Value, &jwtToken{}, func(token *jwt.Token) (interface{}, error) {`
			`return []byte(jwtSecret), nil`
			`})`
			`if err != nil {`
			`return err`
			`}`

			`if !token.Valid {`
			`return echo.NewHTTPError(401, "Invalid authorization token.")`
			`//return errors.New("invalid jwt token")`
			`}`

			`claims := token.Claims.(*jwtToken)`
			`if !claims.Exp.After(time.Now()) {`
			`return echo.NewHTTPError(401, "Your Authorization token has expired.")`
			`//return errors.New("the jwt token has expired")`
			`}`
			`//if claims.Iss != issuer {`
			`// return jwtToken{}, errors.New("the issuer was invalid")`
			`//}`

			`return next(c)`
			`}`
			`}`
			`}`

			`func RefreshJwtMiddleware(api apiclient.ApiClient) echo.MiddlewareFunc {`
			`return func(next echo.HandlerFunc) echo.HandlerFunc {`
			`return func(c echo.Context) error {`
			`resp, err := api.Users.RefreshJwtTokenFromContext(c)`
			`if err != nil {`
			`return next(c)`
			`}`

			`SetCookie(c, domain.CookieToken, resp.Token, "/")`
			`SetCookie(c, domain.CookieRefreshToken, resp.RefreshToken, "/")`

			`return next(c)`
			`}`
			`}`
			`}`