diff options
| author | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 20:20:36 -0500 |
|---|---|---|
| committer | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 20:20:36 -0500 |
| commit | 831b6f0167b9c1747d128b4a5a648d4de42ff0a9 (patch) | |
| tree | 1042411d1027bdf18a4c8884f595c284e8b5570d /api/internal/middleware | |
| parent | 29f83e05270d0012ad9f273ac3364106fcff5f50 (diff) | |
Refactor router and middleware packages
- Move middleware functions from `main.go` to `middleware.go` in the `middleware` package.
- Update import statements in `main.go` and use the `router` package instead of the `controllers` package.
```
Refactor router and middleware packages
Move middleware functions from `main.go` to `middleware.go` in the `middleware` package. Update import statements in `main.go` and use the `router` package instead of the `controllers` package.
```
Diffstat (limited to 'api/internal/middleware')
| -rw-r--r-- | api/internal/middleware/middleware.go | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/api/internal/middleware/middleware.go b/api/internal/middleware/middleware.go new file mode 100644 index 0000000..819f1e5 --- /dev/null +++ b/api/internal/middleware/middleware.go | |||
| @@ -0,0 +1,55 @@ | |||
| 1 | package middleware | ||
| 2 | |||
| 3 | import ( | ||
| 4 | "errors" | ||
| 5 | "github.com/gin-gonic/gin" | ||
| 6 | "log" | ||
| 7 | "net/http" | ||
| 8 | "strings" | ||
| 9 | ) | ||
| 10 | |||
| 11 | func TokenRequired() gin.HandlerFunc { | ||
| 12 | return func(c *gin.Context) { | ||
| 13 | _, err := checkForTokenInContext(c) | ||
| 14 | |||
| 15 | if err != nil { | ||
| 16 | c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"}) | ||
| 17 | c.Abort() | ||
| 18 | return | ||
| 19 | } | ||
| 20 | |||
| 21 | c.Next() | ||
| 22 | } | ||
| 23 | } | ||
| 24 | |||
| 25 | func CORSMiddleware() gin.HandlerFunc { | ||
| 26 | return func(c *gin.Context) { | ||
| 27 | c.Writer.Header().Set("Access-Control-Allow-Origin", "*") | ||
| 28 | c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") | ||
| 29 | c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With") | ||
| 30 | c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT") | ||
| 31 | |||
| 32 | if c.Request.Method == "OPTIONS" { | ||
| 33 | log.Println(c.Request.Header) | ||
| 34 | c.AbortWithStatus(http.StatusNoContent) | ||
| 35 | return | ||
| 36 | } | ||
| 37 | |||
| 38 | c.Next() | ||
| 39 | } | ||
| 40 | } | ||
| 41 | |||
| 42 | func checkForTokenInContext(c *gin.Context) (string, error) { | ||
| 43 | authorizationHeader := c.GetHeader("Authorization") | ||
| 44 | if authorizationHeader == "" { | ||
| 45 | return "", errors.New("authorization header is missing") | ||
| 46 | } | ||
| 47 | |||
| 48 | parts := strings.Split(authorizationHeader, " ") | ||
| 49 | |||
| 50 | if len(parts) != 2 || parts[0] != "Bearer" { | ||
| 51 | return "", errors.New("invalid Authorization header format") | ||
| 52 | } | ||
| 53 | |||
| 54 | return parts[1], nil | ||
| 55 | } \ No newline at end of file | ||