Seyora24
2 years ago
1 changed files with 57 additions and 0 deletions
@ -0,0 +1,57 @@
|
||||
package middleware |
||||
|
||||
import ( |
||||
"fmt" |
||||
"tugas1/initializers" |
||||
|
||||
"net/http" |
||||
"os" |
||||
"time" |
||||
"tugas1/models" |
||||
|
||||
"github.com/gin-gonic/gin" |
||||
"github.com/golang-jwt/jwt/v4" |
||||
) |
||||
|
||||
func RequireAuth(c *gin.Context) { |
||||
// Get the cookie off req
|
||||
tokenString, err := c.Cookie("Authorization") |
||||
|
||||
if err != nil { |
||||
c.AbortWithStatus(http.StatusUnauthorized) |
||||
} |
||||
|
||||
// Parse takes the token string and a function for looking up the key. The latter is especially
|
||||
|
||||
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { |
||||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { |
||||
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) |
||||
} |
||||
|
||||
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
|
||||
return []byte(os.Getenv("SECRET")), nil |
||||
}) |
||||
|
||||
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { |
||||
// Check the exp
|
||||
if float64(time.Now().Unix()) > claims["exp"].(float64) { |
||||
c.AbortWithStatus(http.StatusUnauthorized) |
||||
} |
||||
|
||||
// Find the user with token sub
|
||||
var user models.Post |
||||
initializers.DB.First(&user, claims["sub"]) |
||||
|
||||
if user.ID == 0 { |
||||
|
||||
} |
||||
// Attach to req
|
||||
c.Set("user", user) |
||||
|
||||
// Continue
|
||||
c.Next() |
||||
} else { |
||||
c.AbortWithStatus(http.StatusUnauthorized) |
||||
} |
||||
|
||||
} |
Loading…
Reference in new issue