74 lines
1.6 KiB
Go
74 lines
1.6 KiB
Go
package auth
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// AuthMiddleware vérifie le token JWT dans les headers
|
|
func AuthMiddleware(jwtManager *JWTManager) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
// Extraire le token du header Authorization
|
|
authHeader := c.GetHeader("Authorization")
|
|
if authHeader == "" {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "token manquant"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
// Format: "Bearer <token>"
|
|
parts := strings.SplitN(authHeader, " ", 2)
|
|
if len(parts) != 2 || parts[0] != "Bearer" {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "format token invalide"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
tokenString := parts[1]
|
|
|
|
// Valider le token
|
|
claims, err := jwtManager.ValidateToken(tokenString)
|
|
if err != nil {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
// Stocker les claims dans le contexte
|
|
c.Set("user_id", claims.UserID)
|
|
c.Set("role", claims.Role)
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// OptionalAuthMiddleware vérifie le token s'il est présent, mais ne bloque pas sans
|
|
func OptionalAuthMiddleware(jwtManager *JWTManager) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
authHeader := c.GetHeader("Authorization")
|
|
if authHeader == "" {
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
parts := strings.SplitN(authHeader, " ", 2)
|
|
if len(parts) != 2 || parts[0] != "Bearer" {
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
tokenString := parts[1]
|
|
claims, err := jwtManager.ValidateToken(tokenString)
|
|
if err != nil {
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
c.Set("user_id", claims.UserID)
|
|
c.Set("role", claims.Role)
|
|
c.Next()
|
|
}
|
|
}
|