refresh token check route added to MW

2025-09-09 00:01:34 +03:00 · 2025-09-09 00:01:34 +03:00 · 60a93824d5
commit 60a93824d5
parent 4a5d488ec5
3 changed files with 53 additions and 28 deletions
--- a/internal/router/handler.go
+++ b/internal/router/handler.go
@ -11,17 +11,19 @@ import (
 )

 type router struct {
-	apiPrefix     string
-	engine        *gin.Engine
-	ginMode       string
-	excludeRoutes map[string]shared.ExcludeRoute
-	tokenProv     interfaces.JWTProvider
+	apiPrefix         string
+	engine            *gin.Engine
+	ginMode           string
+	excludeRoutes     map[string]shared.ExcludeRoute
+	tokenProv         interfaces.JWTProvider
+	usersRefreshRoute string
 }

 type Deps struct {
-	ApiPrefix string
-	GinMode   string
-	TokenProv interfaces.JWTProvider
+	ApiPrefix         string
+	GinMode           string
+	TokenProv         interfaces.JWTProvider
+	UsersRefreshRoute string
 }

 func NewRouter(deps Deps) interfaces.Router {
@ -37,9 +39,10 @@ func NewRouter(deps Deps) interfaces.Router {
 	}

 	return &router{
-		apiPrefix: deps.ApiPrefix,
-		engine:    engine,
-		tokenProv: deps.TokenProv,
+		apiPrefix:         deps.ApiPrefix,
+		engine:            engine,
+		tokenProv:         deps.TokenProv,
+		usersRefreshRoute: deps.UsersRefreshRoute,
 	}
 }

@ -55,9 +58,10 @@ func (r *router) Set() *gin.Engine {
 	r.engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))

 	r.engine.Use(authMiddleware(mwDeps{
-		prefix:        r.apiPrefix,
-		excludeRoutes: &r.excludeRoutes,
-		tokenProv:     r.tokenProv,
+		prefix:            r.apiPrefix,
+		excludeRoutes:     &r.excludeRoutes,
+		tokenProv:         r.tokenProv,
+		usersRefreshRoute: r.usersRefreshRoute,
 	}))

 	return r.engine
--- a/internal/router/middleware.go
+++ b/internal/router/middleware.go
@ -10,9 +10,10 @@ import (
 )

 type mwDeps struct {
-	prefix        string
-	excludeRoutes *map[string]shared.ExcludeRoute
-	tokenProv     interfaces.JWTProvider
+	prefix            string
+	excludeRoutes     *map[string]shared.ExcludeRoute
+	tokenProv         interfaces.JWTProvider
+	usersRefreshRoute string
 }

 func authMiddleware(deps mwDeps) gin.HandlerFunc {
@ -23,6 +24,22 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 			return
 		}

+		if c.FullPath() == deps.usersRefreshRoute && c.Request.Method == "POST" {
+			refreshUuid, err := c.Cookie("refresh_uuid")
+			if err != nil {
+				c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Refresh token is required"})
+				log.WithField("msg", "Refresh token is required").Error("MW | Authorization")
+				c.Abort()
+				return
+			}
+
+			c.Set("refreshUuid", refreshUuid)
+
+			log.WithField("msg", "refresh token set to context").Debug("MW | Authorization")
+			c.Next()
+			return
+		}
+
 		token := c.GetHeader("Authorization")
 		if token == "" {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Authorization token is required"})
@ -31,7 +48,7 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 			return
 		}

-		userUuid, refreshUuid, err := deps.tokenProv.Parse(token)
+		userUuid, sessionUuid, err := deps.tokenProv.Parse(token)
 		if err != nil {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: err.Error()})
 			log.WithField("msg", "error parsing jwt").Error("MW | Authorization")
@ -40,13 +57,11 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 		}

 		c.Set("userUuid", userUuid)
-		if refreshUuid != "" {
-			c.Set("refreshUuid", refreshUuid)
-		}
+		c.Set("sessionUuid", sessionUuid)

 		log.WithFields(log.Fields{
 			"userUuid":    userUuid,
-			"refreshUuid": refreshUuid,
+			"sessionUuid": sessionUuid,
 		}).Debug("MW | Parsed uuids")

 		if !c.IsAborted() {