2023-03-07 01:42:26 -05:00
|
|
|
package middleware
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
h "npm/internal/api/http"
|
|
|
|
"npm/internal/entity/user"
|
|
|
|
|
2023-05-31 21:37:25 -04:00
|
|
|
"github.com/go-chi/jwtauth/v5"
|
2023-03-07 01:42:26 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
// SSEAuth will validate that the jwt token provided to get this far is a SSE token
|
|
|
|
// and that the user is enabled
|
|
|
|
func SSEAuth(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
ctx := r.Context()
|
|
|
|
token, claims, err := jwtauth.FromContext(ctx)
|
2023-05-29 01:18:18 -04:00
|
|
|
|
2023-03-07 01:42:26 -05:00
|
|
|
if err != nil {
|
|
|
|
h.ResultErrorJSON(w, r, http.StatusUnauthorized, err.Error(), nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-05-29 01:18:18 -04:00
|
|
|
if token == nil {
|
|
|
|
h.ResultErrorJSON(w, r, http.StatusUnauthorized, "No token given", nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if claims != nil {
|
|
|
|
h.ResultErrorJSON(w, r, http.StatusUnauthorized, "Unauthorised", nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-05-25 21:04:43 -04:00
|
|
|
userID := uint(claims["uid"].(float64))
|
2023-07-26 22:38:35 -04:00
|
|
|
_, enabled, _ := user.IsEnabled(userID)
|
2023-05-31 21:37:25 -04:00
|
|
|
if token == nil || !enabled {
|
|
|
|
h.ResultErrorJSON(w, r, http.StatusUnauthorized, "Unauthorised", nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
iss, _ := token.Get("iss")
|
|
|
|
if iss != "sse" {
|
2023-03-07 01:42:26 -05:00
|
|
|
h.ResultErrorJSON(w, r, http.StatusUnauthorized, "Unauthorised", nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Should be all good now
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
})
|
|
|
|
}
|