Mohammad Mahdi
94694741a7
Run the modernize linter across the codebase. Change generated by running: ``` go run golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize@latest -fix -test ./... ``` Ref: https://pkg.go.dev/golang.org/x/tools/gopls/internal/analysis/modernize
64 lines
1.5 KiB
Go
64 lines
1.5 KiB
Go
package auth
|
|
|
|
import (
|
|
"CatsOfMastodonBotGo/internal/config"
|
|
"maps"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/golang-jwt/jwt/v5"
|
|
)
|
|
|
|
type JwtTokenGenerator struct {
|
|
cfg *config.Config
|
|
}
|
|
|
|
func NewJwtTokenGenerator(cfg *config.Config) *JwtTokenGenerator {
|
|
return &JwtTokenGenerator{cfg: cfg}
|
|
}
|
|
|
|
func (j *JwtTokenGenerator) GenerateToken(claims map[string]any) (string, error) {
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
|
"exp": time.Now().AddDate(0, 0, 1).Unix(),
|
|
"iat": time.Now().Unix(),
|
|
"iss": j.cfg.JwtIssuer,
|
|
"aud": j.cfg.JwtAudience,
|
|
})
|
|
maps.Copy(token.Claims.(jwt.MapClaims), claims)
|
|
|
|
return token.SignedString([]byte(j.cfg.JwtSecret))
|
|
}
|
|
|
|
// Gin middleware
|
|
func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
authHeader := c.GetHeader("Authorization")
|
|
if authHeader == "" {
|
|
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
|
|
return
|
|
}
|
|
|
|
tokenString := strings.TrimPrefix(authHeader, "Bearer ")
|
|
t, err := jwt.Parse(tokenString, func(t *jwt.Token) (any, error) {
|
|
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, jwt.ErrSignatureInvalid
|
|
}
|
|
return []byte(j.cfg.JwtSecret), nil
|
|
})
|
|
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
|
|
return
|
|
}
|
|
|
|
claims, ok := t.Claims.(jwt.MapClaims)
|
|
if !ok || claims["role"] != "admin" {
|
|
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|