2024-07-04 11:22:03 +02:00
|
|
|
/*
|
|
|
|
ScheduleTogether Backend
|
|
|
|
Copyright (C) 2024, Zervó Zadachin
|
|
|
|
|
|
|
|
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU Affero General Public License version 3
|
|
|
|
as published by the Free Software Foundation.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU Affero General Public License version 3 for more details.
|
|
|
|
|
|
|
|
This program incorporates external libraries for certain functionalities.
|
|
|
|
These libraries are covered by their respective licenses, and their usage
|
|
|
|
agreements are as outlined in their respective documentation or source
|
|
|
|
code.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
package middlewares
|
|
|
|
|
|
|
|
import (
|
|
|
|
"sync"
|
|
|
|
|
|
|
|
"github.com/kataras/iris/v12"
|
|
|
|
"github.com/kataras/iris/v12/middleware/jwt"
|
|
|
|
|
2024-07-04 11:24:16 +02:00
|
|
|
"git.zervo.org/scheduletogether/backend/pkg/helpers/cryptography"
|
|
|
|
"git.zervo.org/scheduletogether/backend/pkg/types"
|
2024-07-04 11:22:03 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
once sync.Once
|
|
|
|
Blocklist jwt.Blocklist
|
|
|
|
Verifier *jwt.Verifier
|
|
|
|
)
|
|
|
|
|
|
|
|
// Authenticate allows only authenticated (logged in) users
|
|
|
|
func Authenticate() iris.Handler {
|
|
|
|
// Use sync.Once to ensure that the blocklist and verifier is initialized once
|
|
|
|
once.Do(func() {
|
|
|
|
// Get JWT secret
|
|
|
|
secret := cryptography.GetJwtSecret()
|
|
|
|
|
|
|
|
// Create verifier
|
|
|
|
Verifier = jwt.NewVerifier(jwt.HS256, []byte(secret), jwt.Expected{Issuer: "scheduletogether"})
|
|
|
|
|
|
|
|
// Enable server-side token block feature (even before its expiration time)
|
|
|
|
Verifier.WithDefaultBlocklist()
|
|
|
|
Blocklist = Verifier.Blocklist
|
|
|
|
|
|
|
|
// Extract token from headers
|
|
|
|
Verifier.Extractors = []jwt.TokenExtractor{jwt.FromHeader}
|
|
|
|
})
|
|
|
|
|
|
|
|
// Handle token verification and add claims to request
|
|
|
|
return Verifier.Verify(func() interface{} {
|
|
|
|
return new(types.Claims)
|
|
|
|
})
|
|
|
|
}
|