mahdium/CatsOfMastodonGo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Switch from cookie to Bearer token auth and add CORS support - Semi finished

Browse Source
This commit is contained in:
Mohammad Mahdi
2025-05-16 16:20:30 +03:30
parent 2e4b97e4bc
commit cb5149b7bc
8 changed files with 61 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
internal/auth/jwt.go
View File

@@ -1,6 +1,7 @@
package auth
import (
"strings"
"time"
"github.com/gin-gonic/gin"
@@ -38,26 +39,31 @@ func (j *JwtTokenGenerator) GenerateToken(claims map[string]interface{}) (string
// Gin middleware
func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
token, err := c.Request.Cookie("token")
if err != nil {
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
t, err := jwt.Parse(token.Value, func(t *jwt.Token) (interface{}, error) {
tokenString := strings.TrimPrefix(authHeader, "Bearer ")
t, err := jwt.Parse(tokenString, func(t *jwt.Token) (interface{}, error) {
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, jwt.ErrSignatureInvalid
}
return []byte(j.Key), nil
})
if err != nil {
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
claims, ok := t.Claims.(jwt.MapClaims)
if !ok || claims["role"] != "admin" { // Check role, only if its admin let it go
if !ok || claims["role"] != "admin" {
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
c.Next()
}
}