github.com/tuingking/flamingo@v0.0.0-20220403134817-2796ae0e84ca/handler/rest/middleware/satpam.go

github.com/tuingking/flamingo@v0.0.0-20220403134817-2796ae0e84ca/handler/rest/middleware/satpam.go (about)

     1  package middleware
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  
     7  	"github.com/pkg/errors"
     8  	"github.com/sirupsen/logrus"
     9  	"github.com/tuingking/flamingo/infra/contextkey"
    10  	"github.com/tuingking/flamingo/internal/auth"
    11  )
    12  
    13  var (
    14  	ErrNoTokenFound = errors.New("no token found")
    15  	ErrUnauthorized = errors.New("token is unauthorized")
    16  	ErrAlgoInvalid  = errors.New("algorithm mismatch")
    17  	ErrExpired      = errors.New("token is expired")
    18  )
    19  
    20  // Satpam is middleware to verify access token taken from `Authorization: Bearer ...`
    21  func Satpam(authsvc auth.Service) func(http.Handler) http.Handler {
    22  	return func(next http.Handler) http.Handler {
    23  		fn := func(w http.ResponseWriter, r *http.Request) {
    24  			accessToken := r.Header.Get("Authorization")
    25  			claims, err := authsvc.VerifyAccessToken(accessToken)
    26  			if err != nil {
    27  				logrus.Error(errors.Wrap(err, "[SATPAM] VerifyAccessToken"))
    28  				http.Error(w, "Unauthorized", http.StatusUnauthorized)
    29  				return
    30  			}
    31  
    32  			ctx := context.WithValue(r.Context(), contextkey.Identity, claims)
    33  
    34  			next.ServeHTTP(w, r.WithContext(ctx))
    35  		}
    36  		return http.HandlerFunc(fn)
    37  	}
    38  }