feat: ✨ added more utilities functions

2024-11-03 20:57:03 +01:00
parent c90eedf430
commit 16b74bb80d
10 changed files with 542 additions and 1 deletions
@@ -0,0 +1,42 @@
+package middleware
+
+import (
+	"gopher-toolbox/token"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/stretchr/testify/require"
+)
+
+func Test_authMiddleware(t *testing.T) {
+
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+
+	paseto := token.New()
+	user := token.UserPayload{
+		Username: "test",
+		// Permissions: map[string]bool{
+		// 	"view_customer": true,
+		// },
+	}
+	publicToken, error := paseto.Create(user)
+	require.NoError(t, error)
+	payload, error := paseto.Verify(publicToken)
+	require.NoError(t, error)
+
+	c.Request = httptest.NewRequest("GET", "/", nil)
+	c.Request.Header.Set("Authorization", "Bearer "+publicToken)
+
+	authorizationHeader := c.GetHeader("Authorization")
+	require.Equal(t, "Bearer "+publicToken, authorizationHeader)
+
+	authMW := AuthMiddleware(paseto)
+	authMW(c)
+
+	payloadFromMW, exists := c.Get("payload")
+	require.True(t, exists)
+	require.Equal(t, payload, payloadFromMW)
+}
@@ -0,0 +1,77 @@
+package middleware
+
+import (
+	"context"
+	"gopher-toolbox/token"
+	"log/slog"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+func AuthMiddleware(token *token.Paseto) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		authorizationHeader := c.GetHeader("Authorization")
+		if len(authorizationHeader) == 0 {
+			slog.Error("authorization header is required")
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "authorization_header_required"})
+			return
+		}
+
+		fields := strings.Fields(authorizationHeader)
+		if len(fields) != 2 || fields[0] != "Bearer" {
+			slog.Error("invalid authorization header")
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid_authorization_header"})
+			return
+		}
+
+		accessToken := fields[1]
+		payload, err := token.Verify(accessToken)
+		if err != nil {
+			slog.Error("error verifying token", "error", err.Error())
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "invalid_signature"})
+			return
+		}
+
+		c.Set("payload", payload)
+		c.Next()
+	}
+}
+
+func PermissionMiddleware(requiredPermissions ...string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// payloadInterface, exists := c.Get("payload")
+		// if !exists {
+		// 	c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "authentication required"})
+		// 	return
+		// }
+
+		// payload, ok := payloadInterface.(*token.Payload)
+		// if !ok {
+		// 	c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "invalid payload type"})
+		// 	return
+		// }
+
+		// for _, requiredPermission := range requiredPermissions {
+		// 	hasPermission, exists := payload.User.Permissions[requiredPermission]
+		// 	if !exists || !hasPermission {
+		// 		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": fmt.Sprintf("Permission '%s' required", requiredPermission)})
+		// 		return
+		// 	}
+		// }
+
+		c.Next()
+	}
+}
+
+func RequestIDMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		requestID := uuid.New().String()
+		ctx := context.WithValue(c.Request.Context(), "request_id", requestID)
+		c.Request = c.Request.WithContext(ctx)
+		c.Writer.Header().Set("X-Request-ID", requestID)
+		c.Next()
+	}
+}