From 3d487fa48baff0a604e3588259afa640d448e47c Mon Sep 17 00:00:00 2001
From: LittleSheep <littlesheep.code@hotmail.com>
Date: Sun, 27 Oct 2024 00:20:44 +0800
Subject: [PATCH] :bug: Fix auth middlewares

---
 go.mod                    | 8 ++++----
 go.sum                    | 8 ++++++++
 pkg/internal/auth/http.go | 7 +++++--
 pkg/nex/sec/adaptor.go    | 4 ++--
 4 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/go.mod b/go.mod
index 2bc8923..9e19834 100644
--- a/go.mod
+++ b/go.mod
@@ -21,7 +21,7 @@ require (
 	google.golang.org/grpc v1.67.1
 	google.golang.org/protobuf v1.35.1
 	gorm.io/datatypes v1.2.4
-	gorm.io/driver/postgres v1.5.4
+	gorm.io/driver/postgres v1.5.9
 	gorm.io/gorm v1.25.12
 )
 
@@ -53,9 +53,9 @@ require (
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/hashicorp/serf v0.10.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
-	github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 // indirect
-	github.com/jackc/pgx/v5 v5.5.5 // indirect
-	github.com/jackc/puddle/v2 v2.2.1 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
+	github.com/jackc/pgx/v5 v5.7.1 // indirect
+	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/jpillora/backoff v1.0.0 // indirect
diff --git a/go.sum b/go.sum
index 85eae68..6f766fa 100644
--- a/go.sum
+++ b/go.sum
@@ -140,10 +140,16 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 h1:L0QtFUgDarD7Fpv9jeVMgy/+Ec0mtnmYuImjTz6dtDA=
 github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
 github.com/jackc/pgx/v5 v5.5.5 h1:amBjrZVmksIdNjxGW/IiIMzxMKZFelXbUoPNb+8sjQw=
 github.com/jackc/pgx/v5 v5.5.5/go.mod h1:ez9gk+OAat140fv9ErkZDYFWmXLfV+++K0uAOiwgm1A=
+github.com/jackc/pgx/v5 v5.7.1 h1:x7SYsPBYDkHDksogeSmZZ5xzThcTgRz++I5E+ePFUcs=
+github.com/jackc/pgx/v5 v5.7.1/go.mod h1:e7O26IywZZ+naJtWWos6i6fvWK+29etgITqrqHLfoZA=
 github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk=
 github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
+github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
+github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
@@ -422,6 +428,8 @@ gorm.io/driver/mysql v1.5.7 h1:MndhOPYOfEp2rHKgkZIhJ16eVUIRf2HmzgoPmh7FCWo=
 gorm.io/driver/mysql v1.5.7/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM=
 gorm.io/driver/postgres v1.5.4 h1:Iyrp9Meh3GmbSuyIAGyjkN+n9K+GHX9b9MqsTL4EJCo=
 gorm.io/driver/postgres v1.5.4/go.mod h1:Bgo89+h0CRcdA33Y6frlaHHVuTdOf87pmyzwW9C/BH0=
+gorm.io/driver/postgres v1.5.9 h1:DkegyItji119OlcaLjqN11kHoUgZ/j13E0jkJZgD6A8=
+gorm.io/driver/postgres v1.5.9/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
 gorm.io/driver/sqlite v1.4.3 h1:HBBcZSDnWi5BW3B3rwvVTc510KGkBkexlOg0QrmLUuU=
 gorm.io/driver/sqlite v1.4.3/go.mod h1:0Aq3iPO+v9ZKbcdiz8gLWRw5VOPcBOPUQJFLq5e2ecI=
 gorm.io/driver/sqlserver v1.4.1 h1:t4r4r6Jam5E6ejqP7N82qAJIJAht27EGT41HyPfXRw0=
diff --git a/pkg/internal/auth/http.go b/pkg/internal/auth/http.go
index 24d4334..d1a2659 100644
--- a/pkg/internal/auth/http.go
+++ b/pkg/internal/auth/http.go
@@ -26,8 +26,11 @@ func ContextMiddleware(c *fiber.Ctx) error {
 
 func ValidatorMiddleware(c *fiber.Ctx) error {
 	if c.Locals("nex_principal") == nil {
-		err := c.Locals("nex_auth_error").(error)
-		return fiber.NewError(fiber.StatusUnauthorized, err.Error())
+		if err, ok := c.Locals("nex_auth_error").(error); ok {
+			return fiber.NewError(fiber.StatusUnauthorized, err.Error())
+		} else {
+			return fiber.NewError(fiber.StatusUnauthorized, "unauthorized")
+		}
 	}
 
 	return c.Next()
diff --git a/pkg/nex/sec/adaptor.go b/pkg/nex/sec/adaptor.go
index c09e184..b0923c4 100644
--- a/pkg/nex/sec/adaptor.go
+++ b/pkg/nex/sec/adaptor.go
@@ -15,7 +15,7 @@ func ContextMiddleware(tkReader *InternalTokenReader) fiber.Handler {
 		token := c.Get(fiber.HeaderAuthorization)
 		token = strings.TrimSpace(strings.Replace(token, "Bearer ", "", 1))
 		if len(token) == 0 {
-			return fiber.NewError(fiber.StatusUnauthorized, "no authorization token is provided")
+			return c.Next()
 		}
 
 		data, err := tkReader.ReadUserInfoJwt(token)
@@ -28,7 +28,7 @@ func ContextMiddleware(tkReader *InternalTokenReader) fiber.Handler {
 	}
 }
 
-// ValidatorMiddleware will ensure request is authenticated
+// ValidatorMiddleware will ensure the request is authenticated
 // Make sure call this middleware after ContextMiddleware
 func ValidatorMiddleware(c *fiber.Ctx) error {
 	if c.Locals("nex_user") == nil {