Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var JwtAuthentication = func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { notAuth := []string{"/api/users/new", "/api/users/login", "/api/healthcheck", "/api/stats"} requestPath := r.URL.Path for _, value := range notAuth { if value == requestPath { next.ServeHTTP(w, r) return } } var response map[string]interface{} tokenHeader := r.Header.Get("Authorization") if tokenHeader == "" { response = u.Message(false, "Missing auth token") w.WriteHeader(http.StatusForbidden) w.Header().Add("Content-Type", "application/json") u.Respond(w, response) return } tk := &models.Token{} token, err := jwt.ParseWithClaims(tokenHeader, tk, func(token *jwt.Token) (interface{}, error) { return []byte(os.Getenv("token_password")), nil }) if err != nil { response = u.Message(false, "Malformed authentication token") w.WriteHeader(http.StatusForbidden) w.Header().Add("Content-Type", "application/json") u.Respond(w, response) return } if !token.Valid { response = u.Message(false, "Token is not valid.") w.WriteHeader(http.StatusForbidden) w.Header().Add("Content-Type", "application/json") u.Respond(w, response) return } ctx := context.WithValue(r.Context(), "user", tk.UserID) r = r.WithContext(ctx) next.ServeHTTP(w, r) }) }
JwtAuthentication middleware for authorizing endpoints
Functions ¶
This section is empty.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.