64 lines
1.6 KiB
Go
64 lines
1.6 KiB
Go
package handlers
|
|
|
|
import (
|
|
"time"
|
|
|
|
"git.jamestombleson.com/jtom38/newsbot-portal/apiclient"
|
|
"git.jamestombleson.com/jtom38/newsbot-portal/internal/domain"
|
|
"github.com/golang-jwt/jwt/v5"
|
|
"github.com/labstack/echo/v4"
|
|
)
|
|
|
|
func ValidateJwtMiddleware(jwtSecret string) echo.MiddlewareFunc {
|
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
|
return func(c echo.Context) error {
|
|
cookie, err := c.Cookie(domain.CookieToken)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if cookie.Value == "" {
|
|
return echo.NewHTTPError(401, "Authorization token is missing.")
|
|
}
|
|
|
|
token, err := jwt.ParseWithClaims(cookie.Value, &jwtToken{}, func(token *jwt.Token) (interface{}, error) {
|
|
return []byte(jwtSecret), nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if !token.Valid {
|
|
return echo.NewHTTPError(401, "Invalid authorization token.")
|
|
//return errors.New("invalid jwt token")
|
|
}
|
|
|
|
claims := token.Claims.(*jwtToken)
|
|
if !claims.Exp.After(time.Now()) {
|
|
return echo.NewHTTPError(401, "Your Authorization token has expired.")
|
|
//return errors.New("the jwt token has expired")
|
|
}
|
|
//if claims.Iss != issuer {
|
|
// return jwtToken{}, errors.New("the issuer was invalid")
|
|
//}
|
|
|
|
return next(c)
|
|
}
|
|
}
|
|
}
|
|
|
|
func RefreshJwtMiddleware(api apiclient.ApiClient) echo.MiddlewareFunc {
|
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
|
return func(c echo.Context) error {
|
|
resp, err := api.Users.RefreshJwtTokenFromContext(c)
|
|
if err != nil {
|
|
return next(c)
|
|
}
|
|
|
|
SetCookie(c, domain.CookieToken, resp.Token, "/")
|
|
SetCookie(c, domain.CookieRefreshToken, resp.RefreshToken, "/")
|
|
|
|
return next(c)
|
|
}
|
|
}
|
|
} |