Created
May 3, 2018 11:30
-
-
Save adigunhammedolalekan/0a5d5ef1d174c93dbe5814627771a6ec to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package app | |
| import ( | |
| "net/http" | |
| u "lens/utils" | |
| "strings" | |
| "go-contacts/models" | |
| jwt "github.com/dgrijalva/jwt-go" | |
| "os" | |
| "context" | |
| "fmt" | |
| ) | |
| var JwtAuthentication = func(next http.Handler) http.Handler { | |
| return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { | |
| notAuth := []string{"/api/user/new", "/api/user/login"} //List of endpoints that doesn't require auth | |
| requestPath := r.URL.Path //current request path | |
| //check if request does not need authentication, serve the request if it doesn't need it | |
| for _, value := range notAuth { | |
| if value == requestPath { | |
| next.ServeHTTP(w, r) | |
| return | |
| } | |
| } | |
| response := make(map[string] interface{}) | |
| tokenHeader := r.Header.Get("Authorization") //Grab the token from the header | |
| if tokenHeader == "" { //Token is missing, returns with error code 403 Unauthorized | |
| response = u.Message(false, "Missing auth token") | |
| w.WriteHeader(http.StatusForbidden) | |
| w.Header().Add("Content-Type", "application/json") | |
| u.Respond(w, response) | |
| return | |
| } | |
| splitted := strings.Split(tokenHeader, " ") //The token normally comes in format `Bearer {token-body}`, we check if the retrieved token matched this requirement | |
| if len(splitted) != 2 { | |
| response = u.Message(false, "Invalid/Malformed auth token") | |
| w.WriteHeader(http.StatusForbidden) | |
| w.Header().Add("Content-Type", "application/json") | |
| u.Respond(w, response) | |
| return | |
| } | |
| tokenPart := splitted[1] //Grab the token part, what we are truly interested in | |
| tk := &models.Token{} | |
| token, err := jwt.ParseWithClaims(tokenPart, tk, func(token *jwt.Token) (interface{}, error) { | |
| return []byte(os.Getenv("token_password")), nil | |
| }) | |
| if err != nil { //Malformed token, returns with http code 403 as usual | |
| response = u.Message(false, "Malformed authentication token") | |
| w.WriteHeader(http.StatusForbidden) | |
| w.Header().Add("Content-Type", "application/json") | |
| u.Respond(w, response) | |
| return | |
| } | |
| if !token.Valid { //Token is invalid, maybe not signed on this server | |
| response = u.Message(false, "Token is not valid.") | |
| w.WriteHeader(http.StatusForbidden) | |
| w.Header().Add("Content-Type", "application/json") | |
| u.Respond(w, response) | |
| return | |
| } | |
| //Everything went well, proceed with the request and set the caller to the user retrieved from the parsed token | |
| fmt.Sprintf("User %", tk.Username) //Useful for monitoring | |
| ctx := context.WithValue(r.Context(), "user", tk.UserId) | |
| r = r.WithContext(ctx) | |
| next.ServeHTTP(w, r) //proceed in the middleware chain! | |
| }); | |
| } |
I'm geting error at this line:
fmt.Sprintf("User %", tk.Username) //Useful for monitoring
Username undefined ...
May I get some help?
Im models I have:
/*
JWT claims struct
*/
type Token struct {
UserId uint
jwt.StandardClaims
}
//a struct to rep user account
type Account struct {
gorm.Model
Email string `json:"email"`
Password string `json:"password"`
Token string `json:"token";sql:"-"`
}
There shouldn't be space between User and % and Username field doesn't exist on Token, it's UserId
fmt.Sprintf("User %", tk.Username) should be fmt.Sprintf("User%", tk.UserId)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There shouldn't be a space between
map[string]andinterface{}on line 30.Cheers,
Aaron