From 1fc9f8ab6688e88955afe1df4e9f13351ea1234c Mon Sep 17 00:00:00 2001 From: muqeeth26832 Date: Wed, 23 Oct 2024 23:23:11 +0530 Subject: [PATCH] middle ware added. will test auth soon --- backend-go/internal/auth/auth.go | 41 ++++++++++++++++++- backend-go/internal/auth/controller.go | 2 + .../internal/server/routes/lost_found.go | 10 ++--- backend-go/internal/server/server.go | 25 ++++++----- 4 files changed, 61 insertions(+), 17 deletions(-) diff --git a/backend-go/internal/auth/auth.go b/backend-go/internal/auth/auth.go index 5a95674..88e0132 100644 --- a/backend-go/internal/auth/auth.go +++ b/backend-go/internal/auth/auth.go @@ -4,9 +4,13 @@ import ( "context" "fmt" "log" + "net/http" "os" "regexp" + "strings" + "github.com/gin-gonic/gin" + "github.com/golang-jwt/jwt/v4" "google.golang.org/api/idtoken" ) @@ -23,7 +27,7 @@ func VerifyIDToken(token string) (bool, map[string]interface{}) { ctx := context.Background() // Validate the ID token - payload, err := idtoken.Validate(ctx, token, clientID) + payload, err := idtoken.Validate(ctx, token, clientID) if err != nil { return false, map[string]interface{}{"error": fmt.Sprintf("Token validation failed: %v", err)} } @@ -93,3 +97,38 @@ func IsUserExists(email string) (bool, int64) { var userID int64 = 0 return true, userID } + +func AuthMiddleware() gin.HandlerFunc { + return func(c *gin.Context) { + authHeader := c.GetHeader("Authorization") + if authHeader == "" { + c.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is missing"}) + c.Abort() + return + } + + tokenString := strings.TrimPrefix(authHeader, "Bearer ") + if tokenString == authHeader { // No "Bearer" prefix + c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token format"}) + c.Abort() + return + } + + isValid, claims := VerifyToken(tokenString) + if !isValid { + c.JSON(http.StatusUnauthorized, gin.H{"error": claims.(string)}) // Claims will be the error message + c.Abort() + return + } + + // Extract user ID from the claims (assuming it's stored under the "sub" key) + claimsMap := claims.(jwt.MapClaims) + userID := claimsMap["sub"].(string) + + // Store the userID in the context so that handlers can access it + c.Set("user_id", userID) + + // Proceed to the next handler + c.Next() + } +} diff --git a/backend-go/internal/auth/controller.go b/backend-go/internal/auth/controller.go index 5404f92..d752c79 100644 --- a/backend-go/internal/auth/controller.go +++ b/backend-go/internal/auth/controller.go @@ -1,6 +1,7 @@ package auth import ( + "fmt" "net/http" "github.com/gin-gonic/gin" @@ -49,4 +50,5 @@ func LoginHandler(c *gin.Context) { } else { c.JSON(http.StatusUnauthorized, gin.H{"error": msg}) } + fmt.Println(loginRequest.IDToken) } diff --git a/backend-go/internal/server/routes/lost_found.go b/backend-go/internal/server/routes/lost_found.go index 7144944..702f55f 100644 --- a/backend-go/internal/server/routes/lost_found.go +++ b/backend-go/internal/server/routes/lost_found.go @@ -2,15 +2,13 @@ package routes import ( "net/http" + "github.com/gin-gonic/gin" ) - -func SetupLostRouter(r *gin.Engine){ - lost_handler := r.Group("/some_route") - { - lost_handler.GET("/lost", HelloWorldHandler); - } +func SetupLostRouter(rg *gin.RouterGroup) { + rg.GET("/lost", HelloWorldHandler) + rg.POST("/lost", HelloWorldHandler) } func HelloWorldHandler(c *gin.Context) { diff --git a/backend-go/internal/server/server.go b/backend-go/internal/server/server.go index 8302139..0c4919c 100644 --- a/backend-go/internal/server/server.go +++ b/backend-go/internal/server/server.go @@ -1,14 +1,14 @@ package server import ( + "Dashboard/internal/auth" + "Dashboard/internal/database" + "Dashboard/internal/server/routes" // Import the routes "fmt" "net/http" - "os" - "strconv" "time" + "github.com/gin-gonic/gin" - "Dashboard/internal/server/routes" // Import the routes - "Dashboard/internal/database" ) type Server struct { @@ -17,22 +17,28 @@ type Server struct { db database.Service } - func (s *Server) RegisterRoutes() http.Handler { r := gin.Default() // Register routes from different files - routes.SetupLostRouter(r) r.GET("/health", routes.HealthHandler) + auth.SetupAuthRoutes(r) + + protected := r.Group("/protected") + + protected.Use(auth.AuthMiddleware()) + + routes.SetupLostRouter(protected) + return r } - func NewServer() *http.Server { - port, _ := strconv.Atoi(os.Getenv("PORT")) + // port, _ := strconv.Atoi(os.Getenv("PORT")) + // port, _ := strconv.Atoi(os.Getenv("8000")) NewServer := &Server{ - port: port, + port: 8000, db: database.New(), } @@ -46,6 +52,5 @@ func NewServer() *http.Server { WriteTimeout: 30 * time.Second, } - return server }