merch-tracker-v2/api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refresh token check route added to MW

Browse source
This commit is contained in:
nquidox 2025-09-09 00:01:34 +03:00
parent 4a5d488ec5
commit 60a93824d5
3 changed files with 53 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

18
cmd/main.go
View file

@ -2,6 +2,7 @@ package main
import ( import (
"context" "context"
"fmt"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"merch-parser-api/config" "merch-parser-api/config"
_ "merch-parser-api/docs" //for swagger _ "merch-parser-api/docs" //for swagger
@ -49,11 +50,15 @@ func main() {
utilsProvider := utils.NewUtils() utilsProvider := utils.NewUtils()
log.Debug("Utils provider initialized") log.Debug("Utils provider initialized")
//for users package anf router
usersRefreshRoute := fmt.Sprintf("%s/auth/refresh", c.AppConf.ApiPrefix)
//deps providers //deps providers
routerHandler := router.NewRouter(router.Deps{ routerHandler := router.NewRouter(router.Deps{
ApiPrefix: c.AppConf.ApiPrefix, ApiPrefix: c.AppConf.ApiPrefix,
GinMode: c.AppConf.GinMode, GinMode: c.AppConf.GinMode,
TokenProv: jwtProvider, TokenProv: jwtProvider,
UsersRefreshRoute: usersRefreshRoute,
}) })
log.Debug("Router handler initialized") log.Debug("Router handler initialized")
@ -66,9 +71,10 @@ func main() {
//register app modules //register app modules
users := user.NewHandler(user.Deps{ users := user.NewHandler(user.Deps{
Auth: authProvider, Auth: authProvider,
DB: database, DB: database,
Utils: utilsProvider, Utils: utilsProvider,
RefreshRoute: usersRefreshRoute,
}) })
//collect modules //collect modules

32
internal/router/handler.go
View file

@ -11,17 +11,19 @@ import (
) )
type router struct { type router struct {
apiPrefix string apiPrefix string
engine *gin.Engine engine *gin.Engine
ginMode string ginMode string
excludeRoutes map[string]shared.ExcludeRoute excludeRoutes map[string]shared.ExcludeRoute
tokenProv interfaces.JWTProvider tokenProv interfaces.JWTProvider
usersRefreshRoute string
} }
type Deps struct { type Deps struct {
ApiPrefix string ApiPrefix string
GinMode string GinMode string
TokenProv interfaces.JWTProvider TokenProv interfaces.JWTProvider
UsersRefreshRoute string
} }
func NewRouter(deps Deps) interfaces.Router { func NewRouter(deps Deps) interfaces.Router {
@ -37,9 +39,10 @@ func NewRouter(deps Deps) interfaces.Router {
} }
return &router{ return &router{
apiPrefix: deps.ApiPrefix, apiPrefix: deps.ApiPrefix,
engine: engine, engine: engine,
tokenProv: deps.TokenProv, tokenProv: deps.TokenProv,
usersRefreshRoute: deps.UsersRefreshRoute,
} }
} }
@ -55,9 +58,10 @@ func (r *router) Set() *gin.Engine {
r.engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler)) r.engine.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
r.engine.Use(authMiddleware(mwDeps{ r.engine.Use(authMiddleware(mwDeps{
prefix: r.apiPrefix, prefix: r.apiPrefix,
excludeRoutes: &r.excludeRoutes, excludeRoutes: &r.excludeRoutes,
tokenProv: r.tokenProv, tokenProv: r.tokenProv,
usersRefreshRoute: r.usersRefreshRoute,
})) }))
return r.engine return r.engine

31
internal/router/middleware.go
View file

@ -10,9 +10,10 @@ import (
) )
type mwDeps struct { type mwDeps struct {
prefix string prefix string
excludeRoutes *map[string]shared.ExcludeRoute excludeRoutes *map[string]shared.ExcludeRoute
tokenProv interfaces.JWTProvider tokenProv interfaces.JWTProvider
usersRefreshRoute string
} }
func authMiddleware(deps mwDeps) gin.HandlerFunc { func authMiddleware(deps mwDeps) gin.HandlerFunc {
@ -23,6 +24,22 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
return return
} }
if c.FullPath() == deps.usersRefreshRoute && c.Request.Method == "POST" {
refreshUuid, err := c.Cookie("refresh_uuid")
if err != nil {
c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Refresh token is required"})
log.WithField("msg", "Refresh token is required").Error("MW | Authorization")
c.Abort()
return
}
c.Set("refreshUuid", refreshUuid)
log.WithField("msg", "refresh token set to context").Debug("MW | Authorization")
c.Next()
return
}
token := c.GetHeader("Authorization") token := c.GetHeader("Authorization")
if token == "" { if token == "" {
c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Authorization token is required"}) c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Authorization token is required"})
@ -31,7 +48,7 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
return return
} }
userUuid, refreshUuid, err := deps.tokenProv.Parse(token) userUuid, sessionUuid, err := deps.tokenProv.Parse(token)
if err != nil { if err != nil {
c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: err.Error()}) c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: err.Error()})
log.WithField("msg", "error parsing jwt").Error("MW | Authorization") log.WithField("msg", "error parsing jwt").Error("MW | Authorization")
@ -40,13 +57,11 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
} }
c.Set("userUuid", userUuid) c.Set("userUuid", userUuid)
if refreshUuid != "" { c.Set("sessionUuid", sessionUuid)
c.Set("refreshUuid", refreshUuid)
}
log.WithFields(log.Fields{ log.WithFields(log.Fields{
"userUuid": userUuid, "userUuid": userUuid,
"refreshUuid": refreshUuid, "sessionUuid": sessionUuid,
}).Debug("MW | Parsed uuids") }).Debug("MW | Parsed uuids")
if !c.IsAborted() { if !c.IsAborted() {