middleware.go 2.88 KiB
package middleware
import (
	"errors"
	"fmt"
	"golangtemplate/servers/app/models"
	"net/http"
	"runtime/debug"
	"time"
	"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/loggermdl"
	"github.com/gin-contrib/cors"
	"github.com/gin-gonic/gin"
	"github.com/golang-jwt/jwt/v5"
	"github.com/golang-jwt/jwt/v5/request"
// Init -Init
func Init(g *gin.Engine) {
	g.Use(cors.Default())
	g.Use(Recovery())
type Principal struct {
	UserID            string    `json:"userId"`
	Groups            []string  `json:"groups"`
	SessionExpiration time.Time `json:"sessionExpiration"`
	ClientIP          string    `json:"clientIP"`
	HitsCount         int       `json:"hitsCount"`
	Token             string    `json:"token"`
	Metadata          string    `json:"metadata"`
	jwt.RegisteredClaims
var group = []string{"delete"}
// Recovery - a recoverymdl for gin to log the panic and recover
func Recovery() gin.HandlerFunc {
	return func(c *gin.Context) {
		defer func() {
			if err := recover(); err != nil {
				loggermdl.LogError("recovered:", err)
				loggermdl.LogError(string(debug.Stack()))
				// write to access log
				gin.DefaultErrorWriter.Write(debug.Stack())
		}()
		c.Next()
func CustomLogger() gin.HandlerFunc {
	return gin.LoggerWithFormatter(func(params gin.LogFormatterParams) string {
		return fmt.Sprintf("", params.ClientIP, params.BodySize, params.Request, params.Method, params.Path)
func Auth() gin.HandlerFunc {
	return func(c *gin.Context) {
		_, err := request.ParseFromRequest(c.Request, request.OAuth2Extractor, func(token *jwt.Token) (interface{}, error) {
			b := ([]byte(models.JWTKey))
			return b, nil
		if err != nil {
			c.AbortWithError(401, err)
func RolebasedAuth() gin.HandlerFunc {
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
return func(c *gin.Context) { // Decode the JWT token tokenString := c.Request.Header.Get("Authorization") if tokenString == "" { c.AbortWithError(401, errors.New("missing Authorization header")) return } // Decode the JWT token token, err := jwt.ParseWithClaims(tokenString, &Principal{}, func(token *jwt.Token) (interface{}, error) { return []byte(models.JWTKey), nil }) if err != nil { c.AbortWithError(401, err) c.IndentedJSON(http.StatusUnauthorized, "Error parsing token") return } if !token.Valid { c.AbortWithError(401, errors.New("invalid token")) c.IndentedJSON(http.StatusUnauthorized, "Token is invalid") return } claims, ok := token.Claims.(*Principal) if !ok || claims == nil { c.AbortWithError(401, errors.New("invalid claims")) c.IndentedJSON(http.StatusUnauthorized, "Invalid claims") return } isPresent := false for _, i := range group { for _, j := range claims.Groups { if i == j { isPresent = true break } } } if !isPresent { c.AbortWithError(403, errors.New("Access forbidden.")) c.IndentedJSON(http.StatusForbidden, "No roles present.") return } c.Next() } }