refactor: introduce DTOs for claims, session, and request handling

feat: add token validation service method refactor: update middleware to use structured DTOs feat: implement session info propagation through context refactor: replace ad-hoc structs with DTOs in middleware chore: organize auth-related data structures
2025-07-15 20:54:12 +03:00
parent ee6cff4104
commit b3a405016e
8 changed files with 249 additions and 52 deletions
--- a/backend/internal/middleware/request.go
+++ b/backend/internal/middleware/request.go
@@ -18,6 +18,7 @@
 package middleware

 import (
+	"easywish/internal/dto"
 	"easywish/internal/utils/enums"
 	"easywish/internal/validation"
 	"fmt"
@@ -27,58 +28,51 @@ import (
 	"github.com/go-playground/validator/v10"
 )

-type UserInfo struct {
-	Username string
-	Role enums.Role 
-}
-
-type Request[T any] struct {
-	User UserInfo
-	Body T
-}
-
 const requestKey = "request"

-func UserInfoFromContext(c *gin.Context) (*UserInfo, bool) {
+func ClientInfoFromContext(c *gin.Context) (*dto.ClientInfo, bool) {

-	var username any
-	var role any
 	var ok bool

-	username, ok = c.Get("username") ; if !ok {
-		return &UserInfo{Username: "", Role: enums.GuestRole}, true
-	}
+	ip := c.ClientIP()
+	userAgent := c.Request.UserAgent()

-	role, ok = c.Get("role"); if !ok {
+	sessionInfoFromCtx, ok := c.Get("session_info"); if !ok {
 		return nil, false
 	}

-	if username == nil {
-		return &UserInfo{Username: "", Role: enums.GuestRole}, true
+	sessionInfo := sessionInfoFromCtx.(dto.SessionInfo)
+
+	if sessionInfo.Username == "" {
+		return &dto.ClientInfo{
+			SessionInfo: sessionInfo,
+			IP: ip,
+			UserAgent: userAgent,
+		}, true
 	}

-	if role == nil {
-		return nil, false
-	}
-
-	return &UserInfo{Username: username.(string), Role: role.(enums.Role)}, true
+	return &dto.ClientInfo{
+		SessionInfo: sessionInfo,
+		IP: ip,
+		UserAgent: userAgent,
+	}, true
 }

-func RequestFromContext[T any](c *gin.Context) Request[T] {
-	return c.Value(requestKey).(Request[T])
+func RequestFromContext[T any](c *gin.Context) dto.Request[T] {
+	return c.Value(requestKey).(dto.Request[T])
 }

 func RequestMiddleware[T any](role enums.Role) gin.HandlerFunc {
 	return gin.HandlerFunc(func(c *gin.Context) {

-		userInfo, ok := UserInfoFromContext(c)
+		clientInfo, ok := ClientInfoFromContext(c)

 		if !ok {
 			c.Status(http.StatusUnauthorized)
 			return
 		}

-		if userInfo.Role < role {
+		if clientInfo.Role < role {
 			c.Status(http.StatusForbidden)
 			return
 		}
@@ -99,8 +93,8 @@ func RequestMiddleware[T any](role enums.Role) gin.HandlerFunc {
 			return
 		}

-		request := Request[T]{
-			User: *userInfo,
+		request := dto.Request[T]{
+			User: *clientInfo,
 			Body: body,
 		}