48 lines
1.2 KiB
Go
48 lines
1.2 KiB
Go
package app
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http"
|
|
|
|
"github.com/99designs/gqlgen/graphql"
|
|
"github.com/golang-jwt/jwt/v4"
|
|
)
|
|
|
|
// ExpiryMiddleware checks for expired tokens in GraphQL resolvers
|
|
func ExpiryMiddleware(ctx context.Context, next graphql.ResponseHandler) *graphql.Response {
|
|
if IsTokenExpired(ctx) {
|
|
return graphql.ErrorResponse(ctx, "token expired")
|
|
}
|
|
return next(ctx)
|
|
}
|
|
|
|
// AuthMiddleware parses JWT token and injects user context for HTTP requests
|
|
func AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
|
authHeader := r.Header.Get("Authorization")
|
|
tokenStr, err := getTokenFromHeader(authHeader)
|
|
if err != nil {
|
|
ctx := SetStatus(r.Context(), err.Error())
|
|
next.ServeHTTP(rw, r.WithContext(ctx))
|
|
return
|
|
}
|
|
|
|
user, err := getUserFromToken(tokenStr)
|
|
ctx := r.Context()
|
|
|
|
if err != nil {
|
|
ctx = SetStatus(ctx, err.Error())
|
|
if errors.Is(err, jwt.ErrTokenExpired) {
|
|
ctx = SetTokenExpired(ctx, true)
|
|
}
|
|
next.ServeHTTP(rw, r.WithContext(ctx))
|
|
return
|
|
}
|
|
|
|
ctx = SetCurrentUser(ctx, user)
|
|
ctx = SetStatus(ctx, "ok")
|
|
next.ServeHTTP(rw, r.WithContext(ctx))
|
|
})
|
|
}
|