ScheduleTogether/Backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Backend/internal/api/middlewares/authenticate.go
zervo f911506891 Update package URI
2024-12-06 21:53:09 +01:00

65 lines
2 KiB
Go
Executable file
Raw Permalink Blame History

/*
ScheduleTogether Backend
Copyright (C) 2024, Zervó Zadachin
DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License version 3
as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License version 3 for more details.
This program incorporates external libraries for certain functionalities.
These libraries are covered by their respective licenses, and their usage
agreements are as outlined in their respective documentation or source
code.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package middlewares
import (
"sync"
"github.com/kataras/iris/v12"
"github.com/kataras/iris/v12/middleware/jwt"
"git.zervo.org/scheduletogether/backend/pkg/helpers/cryptography"
"git.zervo.org/scheduletogether/backend/pkg/types"
)
var (
once sync.Once
Blocklist jwt.Blocklist
Verifier *jwt.Verifier
)
// Authenticate allows only authenticated (logged in) users
func Authenticate() iris.Handler {
// Use sync.Once to ensure that the blocklist and verifier is initialized once
once.Do(func() {
// Get JWT secret
secret := cryptography.GetJwtSecret()
// Create verifier
Verifier = jwt.NewVerifier(jwt.HS256, []byte(secret), jwt.Expected{Issuer: "scheduletogether"})
// Enable server-side token block feature (even before its expiration time)
Verifier.WithDefaultBlocklist()
Blocklist = Verifier.Blocklist
// Extract token from headers
Verifier.Extractors = []jwt.TokenExtractor{jwt.FromHeader}
})
// Handle token verification and add claims to request
return Verifier.Verify(func() interface{} {
return new(types.Claims)
})
}
Reference in a new issue View git blame Copy permalink