-
Vikram Ingawale authored2938c4dc
middleware.go 2.88 KiB
package middleware
import (
"errors"
"fmt"
"golangtemplate/servers/app/models"
"net/http"
"runtime/debug"
"time"
"corelab.mkcl.org/MKCLOS/coredevelopmentplatform/corepkgv2/loggermdl"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"github.com/golang-jwt/jwt/v5/request"
)
// Init -Init
func Init(g *gin.Engine) {
g.Use(cors.Default())
g.Use(Recovery())
}
type Principal struct {
UserID string `json:"userId"`
Groups []string `json:"groups"`
SessionExpiration time.Time `json:"sessionExpiration"`
ClientIP string `json:"clientIP"`
HitsCount int `json:"hitsCount"`
Token string `json:"token"`
Metadata string `json:"metadata"`
jwt.RegisteredClaims
}
var group = []string{"delete"}
// Recovery - a recoverymdl for gin to log the panic and recover
func Recovery() gin.HandlerFunc {
return func(c *gin.Context) {
defer func() {
if err := recover(); err != nil {
loggermdl.LogError("recovered:", err)
loggermdl.LogError(string(debug.Stack()))
// write to access log
gin.DefaultErrorWriter.Write(debug.Stack())
}
}()
c.Next()
}
}
func CustomLogger() gin.HandlerFunc {
return gin.LoggerWithFormatter(func(params gin.LogFormatterParams) string {
return fmt.Sprintf("", params.ClientIP, params.BodySize, params.Request, params.Method, params.Path)
})
}
func Auth() gin.HandlerFunc {
return func(c *gin.Context) {
_, err := request.ParseFromRequest(c.Request, request.OAuth2Extractor, func(token *jwt.Token) (interface{}, error) {
b := ([]byte(models.JWTKey))
return b, nil
})
if err != nil {
c.AbortWithError(401, err)
}
}
}
func RolebasedAuth() gin.HandlerFunc {
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
return func(c *gin.Context) {
// Decode the JWT token
tokenString := c.Request.Header.Get("Authorization")
if tokenString == "" {
c.AbortWithError(401, errors.New("missing Authorization header"))
return
}
// Decode the JWT token
token, err := jwt.ParseWithClaims(tokenString, &Principal{}, func(token *jwt.Token) (interface{}, error) {
return []byte(models.JWTKey), nil
})
if err != nil {
c.AbortWithError(401, err)
c.IndentedJSON(http.StatusUnauthorized, "Error parsing token")
return
}
if !token.Valid {
c.AbortWithError(401, errors.New("invalid token"))
c.IndentedJSON(http.StatusUnauthorized, "Token is invalid")
return
}
claims, ok := token.Claims.(*Principal)
if !ok || claims == nil {
c.AbortWithError(401, errors.New("invalid claims"))
c.IndentedJSON(http.StatusUnauthorized, "Invalid claims")
return
}
isPresent := false
for _, i := range group {
for _, j := range claims.Groups {
if i == j {
isPresent = true
break
}
}
}
if !isPresent {
c.AbortWithError(403, errors.New("Access forbidden."))
c.IndentedJSON(http.StatusForbidden, "No roles present.")
return
}
c.Next()
}
}