refresh token check route added to MW

2025-09-09 00:01:34 +03:00 · 2025-09-09 00:01:34 +03:00 · 60a93824d5
commit 60a93824d5
parent 4a5d488ec5
3 changed files with 53 additions and 28 deletions
--- a/cmd/main.go
+++ b/cmd/main.go
@ -2,6 +2,7 @@ package main

 import (
 	"context"
+	"fmt"
 	log "github.com/sirupsen/logrus"
 	"merch-parser-api/config"
 	_ "merch-parser-api/docs" //for swagger
@ -49,11 +50,15 @@ func main() {
 	utilsProvider := utils.NewUtils()
 	log.Debug("Utils provider initialized")

+	//for users package anf router
+	usersRefreshRoute := fmt.Sprintf("%s/auth/refresh", c.AppConf.ApiPrefix)
+
 	//deps providers
 	routerHandler := router.NewRouter(router.Deps{
 		ApiPrefix:         c.AppConf.ApiPrefix,
 		GinMode:           c.AppConf.GinMode,
 		TokenProv:         jwtProvider,
+		UsersRefreshRoute: usersRefreshRoute,
 	})
 	log.Debug("Router handler initialized")

@ -69,6 +74,7 @@ func main() {
 		Auth:         authProvider,
 		DB:           database,
 		Utils:        utilsProvider,
+		RefreshRoute: usersRefreshRoute,
 	})

 	//collect modules
--- a/internal/router/handler.go
+++ b/internal/router/handler.go
@ -16,12 +16,14 @@ type router struct {
 	ginMode           string
 	excludeRoutes     map[string]shared.ExcludeRoute
 	tokenProv         interfaces.JWTProvider
+	usersRefreshRoute string
 }

 type Deps struct {
 	ApiPrefix         string
 	GinMode           string
 	TokenProv         interfaces.JWTProvider
+	UsersRefreshRoute string
 }

 func NewRouter(deps Deps) interfaces.Router {
@ -40,6 +42,7 @@ func NewRouter(deps Deps) interfaces.Router {
 		apiPrefix:         deps.ApiPrefix,
 		engine:            engine,
 		tokenProv:         deps.TokenProv,
+		usersRefreshRoute: deps.UsersRefreshRoute,
 	}
 }

@ -58,6 +61,7 @@ func (r *router) Set() *gin.Engine {
 		prefix:            r.apiPrefix,
 		excludeRoutes:     &r.excludeRoutes,
 		tokenProv:         r.tokenProv,
+		usersRefreshRoute: r.usersRefreshRoute,
 	}))

 	return r.engine
--- a/internal/router/middleware.go
+++ b/internal/router/middleware.go
@ -13,6 +13,7 @@ type mwDeps struct {
 	prefix            string
 	excludeRoutes     *map[string]shared.ExcludeRoute
 	tokenProv         interfaces.JWTProvider
+	usersRefreshRoute string
 }

 func authMiddleware(deps mwDeps) gin.HandlerFunc {
@ -23,6 +24,22 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 			return
 		}

+		if c.FullPath() == deps.usersRefreshRoute && c.Request.Method == "POST" {
+			refreshUuid, err := c.Cookie("refresh_uuid")
+			if err != nil {
+				c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Refresh token is required"})
+				log.WithField("msg", "Refresh token is required").Error("MW | Authorization")
+				c.Abort()
+				return
+			}
+
+			c.Set("refreshUuid", refreshUuid)
+
+			log.WithField("msg", "refresh token set to context").Debug("MW | Authorization")
+			c.Next()
+			return
+		}
+
 		token := c.GetHeader("Authorization")
 		if token == "" {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: "Authorization token is required"})
@ -31,7 +48,7 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 			return
 		}

-		userUuid, refreshUuid, err := deps.tokenProv.Parse(token)
+		userUuid, sessionUuid, err := deps.tokenProv.Parse(token)
 		if err != nil {
 			c.JSON(http.StatusUnauthorized, responses.ErrorResponse401{Error: err.Error()})
 			log.WithField("msg", "error parsing jwt").Error("MW | Authorization")
@ -40,13 +57,11 @@ func authMiddleware(deps mwDeps) gin.HandlerFunc {
 		}

 		c.Set("userUuid", userUuid)
-		if refreshUuid != "" {
-			c.Set("refreshUuid", refreshUuid)
-		}
+		c.Set("sessionUuid", sessionUuid)

 		log.WithFields(log.Fields{
 			"userUuid":    userUuid,
-			"refreshUuid": refreshUuid,
+			"sessionUuid": sessionUuid,
 		}).Debug("MW | Parsed uuids")

 		if !c.IsAborted() {