diff options
author | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 20:20:36 -0500 |
---|---|---|
committer | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 20:20:36 -0500 |
commit | 831b6f0167b9c1747d128b4a5a648d4de42ff0a9 (patch) | |
tree | 1042411d1027bdf18a4c8884f595c284e8b5570d /api/internal/middleware | |
parent | 29f83e05270d0012ad9f273ac3364106fcff5f50 (diff) |
Refactor router and middleware packages
- Move middleware functions from `main.go` to `middleware.go` in the `middleware` package.
- Update import statements in `main.go` and use the `router` package instead of the `controllers` package.
```
Refactor router and middleware packages
Move middleware functions from `main.go` to `middleware.go` in the `middleware` package. Update import statements in `main.go` and use the `router` package instead of the `controllers` package.
```
Diffstat (limited to 'api/internal/middleware')
-rw-r--r-- | api/internal/middleware/middleware.go | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/api/internal/middleware/middleware.go b/api/internal/middleware/middleware.go new file mode 100644 index 0000000..819f1e5 --- /dev/null +++ b/api/internal/middleware/middleware.go | |||
@@ -0,0 +1,55 @@ | |||
1 | package middleware | ||
2 | |||
3 | import ( | ||
4 | "errors" | ||
5 | "github.com/gin-gonic/gin" | ||
6 | "log" | ||
7 | "net/http" | ||
8 | "strings" | ||
9 | ) | ||
10 | |||
11 | func TokenRequired() gin.HandlerFunc { | ||
12 | return func(c *gin.Context) { | ||
13 | _, err := checkForTokenInContext(c) | ||
14 | |||
15 | if err != nil { | ||
16 | c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"}) | ||
17 | c.Abort() | ||
18 | return | ||
19 | } | ||
20 | |||
21 | c.Next() | ||
22 | } | ||
23 | } | ||
24 | |||
25 | func CORSMiddleware() gin.HandlerFunc { | ||
26 | return func(c *gin.Context) { | ||
27 | c.Writer.Header().Set("Access-Control-Allow-Origin", "*") | ||
28 | c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") | ||
29 | c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With") | ||
30 | c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT") | ||
31 | |||
32 | if c.Request.Method == "OPTIONS" { | ||
33 | log.Println(c.Request.Header) | ||
34 | c.AbortWithStatus(http.StatusNoContent) | ||
35 | return | ||
36 | } | ||
37 | |||
38 | c.Next() | ||
39 | } | ||
40 | } | ||
41 | |||
42 | func checkForTokenInContext(c *gin.Context) (string, error) { | ||
43 | authorizationHeader := c.GetHeader("Authorization") | ||
44 | if authorizationHeader == "" { | ||
45 | return "", errors.New("authorization header is missing") | ||
46 | } | ||
47 | |||
48 | parts := strings.Split(authorizationHeader, " ") | ||
49 | |||
50 | if len(parts) != 2 || parts[0] != "Bearer" { | ||
51 | return "", errors.New("invalid Authorization header format") | ||
52 | } | ||
53 | |||
54 | return parts[1], nil | ||
55 | } \ No newline at end of file | ||