Nexus/pkg/internal/auth/token.go

package auth

import (
	"git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
	"github.com/gofiber/fiber/v2"
	"strings"
)

var JReader *sec.JwtReader

func SoftAuthMiddleware(c *fiber.Ctx) error {
	atk := tokenExtract(c)
	c.Locals("nex_token", atk)

	if claims, err := tokenRead(atk); err == nil && claims != nil {
		c.Locals("nex_principal", claims)
	} else if err != nil {
		c.Locals("nex_auth_error", err)
	}

	return c.Next()
}

func HardAuthMiddleware(c *fiber.Ctx) error {
	if c.Locals("nex_principal") == nil {
		err := c.Locals("nex_auth_error").(error)
		return fiber.NewError(fiber.StatusUnauthorized, err.Error())
	}

	return c.Next()
}

func tokenExtract(c *fiber.Ctx) string {
	var atk string
	if cookie := c.Cookies(sec.CookieAccessToken); len(cookie) > 0 {
		atk = cookie
	}
	if header := c.Get(fiber.HeaderAuthorization); len(header) > 0 {
		tk := strings.Replace(header, "Bearer", "", 1)
		atk = strings.TrimSpace(tk)
	}
	if tk := c.Query("tk"); len(tk) > 0 {
		atk = strings.TrimSpace(tk)
	}
	return atk
}

func tokenRead(in string) (*sec.JwtClaims, error) {
	if JReader == nil {
		return nil, nil
	}

	claims, err := sec.ReadJwt[sec.JwtClaims](JReader, in)
	return &claims, err
}
:sparkles: Auth stuff 2024-10-21 16:12:28 +00:00			`package auth`

			`import (`
			`"git.solsynth.dev/hypernet/nexus/pkg/nex/sec"`
			`"github.com/gofiber/fiber/v2"`
			`"strings"`
			`)`

			`var JReader *sec.JwtReader`

			`func SoftAuthMiddleware(c *fiber.Ctx) error {`
			`atk := tokenExtract(c)`
			`c.Locals("nex_token", atk)`

			`if claims, err := tokenRead(atk); err == nil && claims != nil {`
			`c.Locals("nex_principal", claims)`
			`} else if err != nil {`
			`c.Locals("nex_auth_error", err)`
			`}`

			`return c.Next()`
			`}`

			`func HardAuthMiddleware(c *fiber.Ctx) error {`
			`if c.Locals("nex_principal") == nil {`
			`err := c.Locals("nex_auth_error").(error)`
			`return fiber.NewError(fiber.StatusUnauthorized, err.Error())`
			`}`

			`return c.Next()`
			`}`

			`func tokenExtract(c *fiber.Ctx) string {`
			`var atk string`
			`if cookie := c.Cookies(sec.CookieAccessToken); len(cookie) > 0 {`
			`atk = cookie`
			`}`
			`if header := c.Get(fiber.HeaderAuthorization); len(header) > 0 {`
			`tk := strings.Replace(header, "Bearer", "", 1)`
			`atk = strings.TrimSpace(tk)`
			`}`
			`if tk := c.Query("tk"); len(tk) > 0 {`
			`atk = strings.TrimSpace(tk)`
			`}`
			`return atk`
			`}`

			`func tokenRead(in string) (*sec.JwtClaims, error) {`
			`if JReader == nil {`
			`return nil, nil`
			`}`

			`claims, err := sec.ReadJwt[sec.JwtClaims](JReader, in)`
			`return &claims, err`
			`}`