fix: auth && auth_test
This commit is contained in:
$(pass /github/name)
@@ -28,6 +28,9 @@ func GenerateToken(userID int64) (string, error) {
|
||||
}
|
||||
|
||||
func verifyToken(tokenString string) (*jwt.Token, error) {
|
||||
if tokenString == "" {
|
||||
return nil, fmt.Errorf("Authorization token is required")
|
||||
}
|
||||
token, err := jwtParser.Parse(tokenString, func(_ *jwt.Token) (interface{}, error) {
|
||||
return jwtKey, nil
|
||||
})
|
||||
@@ -36,55 +39,53 @@ func verifyToken(tokenString string) (*jwt.Token, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return token, nil
|
||||
}
|
||||
func GetUserIDFromContext(c *gin.Context) (int64, error) {
|
||||
|
||||
tokenString, err := c.Cookie("jwt")
|
||||
if err != nil {
|
||||
|
||||
logger.Error.Printf("Error getting cookie: %v\n", err)
|
||||
return 0, err
|
||||
}
|
||||
if tokenString == "" {
|
||||
logger.Error.Printf("Token is empty: %v\n", err)
|
||||
return 0, fmt.Errorf("Authorization token is required")
|
||||
}
|
||||
|
||||
token, err := verifyToken(tokenString)
|
||||
if err != nil || !token.Valid {
|
||||
|
||||
logger.Error.Printf("Token is invalid: %v\n", err)
|
||||
return 0, fmt.Errorf("Token not valid!")
|
||||
if !token.Valid {
|
||||
return nil, fmt.Errorf("invalid token")
|
||||
}
|
||||
|
||||
claims, ok := token.Claims.(jwt.MapClaims)
|
||||
|
||||
logger.Error.Printf("claims userid: %v", claims["user_id"].(float64))
|
||||
if !ok {
|
||||
logger.Error.Printf("Invalid Token claims")
|
||||
return 0, fmt.Errorf("Invalid token claims")
|
||||
return nil, fmt.Errorf("invalid token claims")
|
||||
}
|
||||
userID, ok := claims["user_id"].(float64)
|
||||
|
||||
exp, ok := claims["exp"].(float64)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("invalid expiration claim")
|
||||
}
|
||||
|
||||
userID, ok := claims["user_id"].(float64)
|
||||
if !ok {
|
||||
logger.Error.Printf("Invalid user ID: %v", userID)
|
||||
return 0, fmt.Errorf("Invalid user ID")
|
||||
return nil, fmt.Errorf("Invalid user ID")
|
||||
}
|
||||
|
||||
return int64(userID), nil
|
||||
if time.Now().Unix() > int64(exp) {
|
||||
return nil, fmt.Errorf("token expired")
|
||||
}
|
||||
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func AuthMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
|
||||
userID, err := GetUserIDFromContext(c)
|
||||
tokenString, err := c.Cookie("jwt")
|
||||
if err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
|
||||
logger.Error.Printf("No Auth token: %v\n", err)
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "No Auth token"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
token, err := verifyToken(tokenString)
|
||||
if err != nil {
|
||||
logger.Error.Printf("Token is invalid: %v\n", err)
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Auth token invalid"})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
claims, _ := token.Claims.(jwt.MapClaims)
|
||||
userID, _ := claims["user_id"].(float64)
|
||||
|
||||
// Generate a new token
|
||||
newToken, err := GenerateToken(int64(userID))
|
||||
if err != nil {
|
||||
|
||||
@@ -111,6 +111,9 @@ func TestAuthMiddleware(t *testing.T) {
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
logger.Error.Print("==============================================================")
|
||||
logger.Error.Printf("Testing : %v", tt.name)
|
||||
logger.Error.Print("==============================================================")
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
// Setup
|
||||
r := gin.New()
|
||||
|
||||
Reference in New Issue
Block a user