Mathis/lemma
1
0
Fork 0
mirror of https://github.com/lordmathis/lemma.git synced 2025-11-07 00:14:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement JWTManager interface

Browse Source
This commit is contained in:
Matúš Námešný
2024-11-21 21:25:29 +01:00
parent 435dce89d9
commit 2faefb6db5
4 changed files with 59 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
server/internal/auth/middleware.go
View File

@@ -11,9 +11,8 @@ import (
type contextKey string
const (
UserContextKey contextKey = "user"
)
// UserContextKey is the key used to store user claims in the request context
const UserContextKey contextKey = "user"
// UserClaims represents the user information stored in the request context
type UserClaims struct {
@@ -23,17 +22,25 @@ type UserClaims struct {
// Middleware handles JWT authentication for protected routes
type Middleware struct {
jwtService *JWTService
jwtManager JWTManager
}
// NewMiddleware creates a new authentication middleware
func NewMiddleware(jwtService *JWTService) *Middleware {
// Parameters:
// - jwtManager: the JWT manager to use for token operations
// Returns:
// - *Middleware: the new middleware instance
func NewMiddleware(jwtManager JWTManager) *Middleware {
return &Middleware{
jwtService: jwtService,
jwtManager: jwtManager,
}
}
// Authenticate middleware validates JWT tokens and sets user information in context
// Parameters:
// - next: the next handler to call
// Returns:
// - http.Handler: the handler function
func (m *Middleware) Authenticate(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Extract token from Authorization header
@@ -51,7 +58,7 @@ func (m *Middleware) Authenticate(next http.Handler) http.Handler {
}
// Validate token
claims, err := m.jwtService.ValidateToken(parts[1])
claims, err := m.jwtManager.ValidateToken(parts[1])
if err != nil {
http.Error(w, "Invalid token", http.StatusUnauthorized)
return
@@ -75,6 +82,10 @@ func (m *Middleware) Authenticate(next http.Handler) http.Handler {
}
// RequireRole returns a middleware that ensures the user has the required role
// Parameters:
// - role: the required role
// Returns:
// - func(http.Handler) http.Handler: the middleware function
func (m *Middleware) RequireRole(role string) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -94,6 +105,11 @@ func (m *Middleware) RequireRole(role string) func(http.Handler) http.Handler {
}
}
// RequireWorkspaceAccess returns a middleware that ensures the user has access to the workspace
// Parameters:
// - next: the next handler to call
// Returns:
// - http.Handler: the handler function
func (m *Middleware) RequireWorkspaceAccess(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Get our handler context
@@ -119,6 +135,11 @@ func (m *Middleware) RequireWorkspaceAccess(next http.Handler) http.Handler {
}
// GetUserFromContext retrieves user claims from the request context
// Parameters:
// - ctx: the request context
// Returns:
// - *UserClaims: the user claims
// - error: any error that occurred
func GetUserFromContext(ctx context.Context) (*UserClaims, error) {
claims, ok := ctx.Value(UserContextKey).(UserClaims)
if !ok {