auth MW refactor

internal/api/user/controller.go

@@ -23,27 +23,28 @@ func newController(service *service, utils interfaces.Utils) *controller {
 	}
 }
 
-func (h *Handler) RegisterRoutes(r *gin.RouterGroup) {
+func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) {
 	userGroup := r.Group("/user")
 
-	userGroup.POST("/", h.controller.register)
+	userGroup.POST("/", authMW, h.controller.register)
-	userGroup.GET("/", h.controller.get)
+	userGroup.GET("/", authMW, h.controller.get)
-	userGroup.PUT("/", h.controller.update)
+	userGroup.PUT("/", authMW, h.controller.update)
-	userGroup.DELETE("/", h.controller.delete)
+	userGroup.DELETE("/", authMW, h.controller.delete)
 
 	//auth
 	h.controller.authPath = "/user/auth"
-
 	authGroup := userGroup.Group("/auth")
+
 	authGroup.POST("/login", h.controller.login)
-	authGroup.POST("/logout", h.controller.logout)
+	authGroup.POST("/logout", authMW, h.controller.logout)
 	authGroup.POST("/refresh", h.controller.refresh)
 }
 
 func (h *Handler) ExcludeRoutes() []shared.ExcludeRoute {
 	return []shared.ExcludeRoute{
 		{Route: "/user", Method: http.MethodPost},
-		{Route: "/user/login", Method: http.MethodPost},
+		{Route: "/user/auth/login", Method: http.MethodPost},
+		{Route: "/user/auth/refresh", Method: http.MethodPost},
 	}
 }
 

internal/app/handler.go

@@ -5,7 +5,6 @@ import (
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
 	"merch-parser-api/internal/interfaces"
-	"merch-parser-api/internal/shared"
 	"net/http"
 	"time"
 )
@@ -40,18 +39,6 @@ func NewApp(deps Deps) *App {
 	apiRoutes.GET("/", func(c *gin.Context) {
 		c.String(http.StatusOK, "API is ready")
 	})
-
-	var excludeRoutes []shared.ExcludeRoute
-
-	for _, m := range app.modules {
-		if hasRoutes, ok := m.(interfaces.ModuleRoutes); ok {
-			hasRoutes.RegisterRoutes(apiRoutes)
-			excludeRoutes = append(excludeRoutes, hasRoutes.ExcludeRoutes()...)
-		}
-	}
-
-	app.routerHandler.ExcludeRoutes(excludeRoutes)
-
 	return app
 }
 

internal/interfaces/app.go

@@ -2,13 +2,11 @@ package interfaces
 
 import (
 	"github.com/gin-gonic/gin"
-	"merch-parser-api/internal/shared"
 )
 
 type Module interface {
 }
 
 type ModuleRoutes interface {
-	RegisterRoutes(r *gin.RouterGroup)
+	RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc)
-	ExcludeRoutes() []shared.ExcludeRoute
 }

internal/interfaces/router.go

@@ -2,10 +2,9 @@ package interfaces
 
 import (
 	"github.com/gin-gonic/gin"
-	"merch-parser-api/internal/shared"
 )
 
 type Router interface {
 	Set() *gin.Engine
-	ExcludeRoutes(routes []shared.ExcludeRoute)
+	AuthMW() gin.HandlerFunc
 }

internal/router/handler.go

@@ -65,23 +65,5 @@ func (r *router) Set() *gin.Engine {
 	//swagger
 	r.engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
 
-	r.engine.Use(authMiddleware(mwDeps{
-		prefix:        r.apiPrefix,
-		excludeRoutes: &r.excludeRoutes,
-		tokenProv:     r.tokenProv,
-	}))
-
 	return r.engine
 }
-
-func (r *router) ExcludeRoutes(routes []shared.ExcludeRoute) {
-	log.Debug("Excluded routes:")
-	excludedRoutes := make(map[string]shared.ExcludeRoute, len(routes))
-
-	for _, route := range routes {
-		log.Debugf("%s %s", route.Method, route.Route)
-		ex := joinPaths(r.apiPrefix, route.Route)
-		excludedRoutes[ex] = shared.ExcludeRoute{Route: ex, Method: route.Method}
-	}
-	r.excludeRoutes = excludedRoutes
-}

internal/router/helper.go

@@ -1,64 +0,0 @@
-package router
-
-import (
-	"fmt"
-	"merch-parser-api/internal/shared"
-	"net/http"
-	"strings"
-)
-
-func excluded(prefix, path, method string, excludedRoutes *map[string]shared.ExcludeRoute) bool {
-	if excludedRoutes == nil {
-		return false
-	}
-
-	nPath := normalizePath(path)
-
-	switch {
-	case nPath == "/"+prefix && method == http.MethodGet: //ignore api base path for GET method
-		return true
-	case nPath == "/swagger/*any":
-		return true
-	case nPath == "/version":
-		return true
-	}
-
-	if value, ok := (*excludedRoutes)[nPath]; ok {
-		fmt.Println(value, ok)
-		if isSameRoute(nPath, value.Route) && value.Method == method {
-			return true
-		}
-	}
-
-	return false
-}
-
-func normalizePath(path string) string {
-	return strings.TrimRight(path, "/")
-}
-
-func joinPaths(paths ...string) string {
-	result := ""
-	for _, p := range paths {
-		if result == "" {
-			result = strings.TrimRight(p, "/")
-		} else {
-			result = result + "/" + strings.Trim(p, "/")
-		}
-	}
-	return "/" + strings.TrimLeft(result, "/")
-}
-
-func isSameRoute(path, excluded string) bool {
-	path = strings.Split(path, "?")[0]
-	path = strings.TrimSuffix(path, "/")
-	excluded = strings.TrimSuffix(excluded, "/")
-
-	if strings.HasSuffix(excluded, "/*any") || strings.HasSuffix(excluded, "/*") {
-		base := strings.TrimSuffix(excluded, "/*any")
-		base = strings.TrimSuffix(base, "/*")
-		return strings.HasPrefix(path, base)
-	}
-
-	return path == excluded
-}

internal/router/middleware.go

@@ -3,42 +3,12 @@ package router
 import (
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
-	"merch-parser-api/internal/interfaces"
-	"merch-parser-api/internal/shared"
 	"merch-parser-api/pkg/responses"
 	"net/http"
 )
 
-type mwDeps struct {
+func (r *router) AuthMW() gin.HandlerFunc {
-	prefix        string
-	excludeRoutes *map[string]shared.ExcludeRoute
-	tokenProv     interfaces.JWTProvider
-}
-
-func authMiddleware(deps mwDeps) gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if excluded(deps.prefix, c.FullPath(), c.Request.Method, deps.excludeRoutes) {
-			log.WithField("msg", "route excluded from auth check").Info("MW | Authorization")
-			c.Next()
-			return
-		}
-
-		if (c.FullPath() == "/user/auth/refresh" || c.FullPath() == "/user/auth/logout") && c.Request.Method == "POST" {
-			refreshUuid, err := c.Cookie("refresh_uuid")
-			if err != nil {
-				c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Refresh token is required"})
-				log.WithField("msg", "Refresh token is required").Error("MW | Authorization")
-				c.Abort()
-				return
-			}
-
-			c.Set("refreshUuid", refreshUuid)
-
-			log.WithField("msg", "refresh token set to context").Debug("MW | Authorization")
-			c.Next()
-			return
-		}
-
 		token := c.GetHeader("Authorization")
 		if token == "" {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Authorization token is required"})
@@ -47,7 +17,7 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 			return
 		}
 
-		userUuid, err := deps.tokenProv.Parse(token)
+		userUuid, err := r.tokenProv.Parse(token)
 		if err != nil {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: err.Error()})
 			log.WithField("msg", "error parsing jwt").Error("MW | Authorization")
@@ -56,14 +26,8 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 		}
 
 		c.Set("userUuid", userUuid)
+		log.WithField("userUuid", userUuid).Debug("MW | User uuid")
 
-		log.WithFields(log.Fields{
+		c.Next()
-			"userUuid": userUuid,
-		}).Debug("MW | Parsed uuids")
-
-		if !c.IsAborted() {
-			log.WithField("msg", "context aborted").Info("MW | Authorization")
-			c.Next()
-		}
 	}
 }