41 lines
881 B
Go
41 lines
881 B
Go
package middlewares
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
"system-trace/core/app/constants"
|
|
"system-trace/core/utils"
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
)
|
|
|
|
func ValidateSession(c *fiber.Ctx) error {
|
|
header := c.GetReqHeaders()[http.CanonicalHeaderKey("Authorization")]
|
|
if len(header) <= 0 || len(header[0]) <= 0 || !validateToken(c, header[0]) {
|
|
return c.Status(http.StatusForbidden).JSON(fiber.Map{
|
|
"error": constants.UNAUTHORIZED,
|
|
})
|
|
}
|
|
|
|
return c.Next()
|
|
}
|
|
|
|
func validateToken(c *fiber.Ctx, hash string) bool {
|
|
splitted := strings.Split(hash, " ")
|
|
if len(splitted) <= 1 {
|
|
return false
|
|
}
|
|
claims, err := utils.ValidateJWT(splitted[1])
|
|
fmt.Println(claims, err)
|
|
// id, ok := claims["ID"].(string)
|
|
// TODO validate date and check refresh token
|
|
if err != nil || claims["iss"] != constants.JWT_APP_ISS {
|
|
return false
|
|
}
|
|
|
|
// c.Locals("userId", id)
|
|
|
|
return true
|
|
}
|