Nikolai Papin
827928178e
feat: implement change password service method with validation; fix: correct ErrorIsOneOf function logic to return true on match; refactor: rename 'log_out_accounts' to 'log_out_sessions' for clarity; refactor: update session termination to return GUIDs and cache in Redis; fix: ensure RollbackOnError only rolls back uncommitted transactions; fix: handle transaction commit errors properly in dbHelper; refactor: add helper methods for session termination and registration; refactor: pass client info to login and registration complete methods; fix: improve token validation error handling in refresh endpoint; refactor: update auth middleware to set session info correctly; chore: remove unused ClientInfo DTO; fix: correct password reset complete to use session termination helper; refactor: adjust database queries for session management; chore: update SQL schema and queries for sessions; docs: update swagger docs with new endpoint and model changes
71 lines
2.3 KiB
Go
71 lines
2.3 KiB
Go
// Copyright (c) 2025 Nikolai Papin
|
|
//
|
|
// This file is part of Easywish
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
|
|
// the GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package middleware
|
|
|
|
import (
|
|
"easywish/internal/dto"
|
|
"easywish/internal/services"
|
|
"easywish/internal/utils/enums"
|
|
"errors"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"go.uber.org/zap"
|
|
errs "easywish/internal/errors"
|
|
)
|
|
|
|
func AuthMiddleware(log *zap.Logger, auth services.AuthService) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
authHeader := c.GetHeader("Authorization")
|
|
|
|
if authHeader == "" {
|
|
|
|
c.Set("session_info", dto.SessionInfo{
|
|
Username: "",
|
|
Session: "",
|
|
Role: enums.GuestRole},
|
|
)
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
tokenString := authHeader
|
|
if sessionInfo, err := auth.ValidateToken(tokenString, enums.JwtAccessTokenType); err != nil {
|
|
if errors.Is(err, errs.ErrTokenExpired) {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Token is expired"})
|
|
} else if errors.Is(err, errs.ErrTokenInvalid) {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Token is invalid"})
|
|
} else if errors.Is(err, errs.ErrWrongTokenType) {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid token type"})
|
|
} else if errors.Is(err, errs.ErrSessionNotFound) {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Could not find session in database"})
|
|
} else if errors.Is(err, errs.ErrSessionTerminated) {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Session is terminated"})
|
|
} else {
|
|
c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "Internal server error"})
|
|
}
|
|
return
|
|
} else {
|
|
c.Set("session_info", *sessionInfo)
|
|
c.Next()
|
|
}
|
|
|
|
return
|
|
}
|
|
}
|