|
|
|
@ -81,6 +81,16 @@ func (s *AuthServer) parseToken(token string) (*jwt.Token, error) { |
|
|
|
}) |
|
|
|
}) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Проверка наличия токена
|
|
|
|
|
|
|
|
func (s *AuthServer) verifyValueToken(tokenHeader string) (string, error) { |
|
|
|
|
|
|
|
authorizationHeaderAttributes := strings.Split(tokenHeader, " ") |
|
|
|
|
|
|
|
if tokenHeader == "" || len(authorizationHeaderAttributes) < 2 { |
|
|
|
|
|
|
|
return "", errors.New("token is empty") |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return authorizationHeaderAttributes[1], nil |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Проверка срока жизни токена
|
|
|
|
// Проверка срока жизни токена
|
|
|
|
func (s *AuthServer) verifyExpirationToken(token *jwt.Token) error { |
|
|
|
func (s *AuthServer) verifyExpirationToken(token *jwt.Token) error { |
|
|
|
now := float64(time.Now().Unix()) |
|
|
|
now := float64(time.Now().Unix()) |
|
|
|
@ -96,13 +106,9 @@ func (s *AuthServer) requireAuth(next http.Handler) http.HandlerFunc { |
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
|
|
|
// ctx := r.Context()
|
|
|
|
// ctx := r.Context()
|
|
|
|
|
|
|
|
|
|
|
|
// Получим и проверим идентификатор сессии
|
|
|
|
//
|
|
|
|
authorizationHeader := r.Header.Get(HeaderAuthToken) |
|
|
|
token, err := s.verifyValueToken(r.Header.Get(HeaderAuthToken)) |
|
|
|
authorizationHeaderAttributes := strings.Split(authorizationHeader, " ") |
|
|
|
if err != nil { |
|
|
|
if authorizationHeader == "" || len(authorizationHeaderAttributes) < 2 { |
|
|
|
|
|
|
|
err := errors.New("token is empty") |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
s.logger.Error(err.Error()) |
|
|
|
s.logger.Error(err.Error()) |
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
//
|
|
|
|
@ -110,34 +116,35 @@ func (s *AuthServer) requireAuth(next http.Handler) http.HandlerFunc { |
|
|
|
w.Write([]byte(err.Error())) |
|
|
|
w.Write([]byte(err.Error())) |
|
|
|
|
|
|
|
|
|
|
|
return |
|
|
|
return |
|
|
|
} else { |
|
|
|
} |
|
|
|
tokenParsed, err := s.parseToken(authorizationHeaderAttributes[1]) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
|
|
|
|
s.logger.Error(err.Error()) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
w.WriteHeader(http.StatusUnauthorized) |
|
|
|
|
|
|
|
w.Write([]byte(err.Error())) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return |
|
|
|
//
|
|
|
|
} |
|
|
|
tokenParsed, err := s.parseToken(token) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
|
|
|
|
s.logger.Error(err.Error()) |
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
//
|
|
|
|
erf := s.verifyExpirationToken(tokenParsed) |
|
|
|
w.WriteHeader(http.StatusUnauthorized) |
|
|
|
if erf != nil { |
|
|
|
w.Write([]byte(err.Error())) |
|
|
|
s.logger.Error(erf.Error()) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
return |
|
|
|
w.WriteHeader(http.StatusUnauthorized) |
|
|
|
} |
|
|
|
w.Write([]byte(erf.Error())) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return |
|
|
|
//
|
|
|
|
} |
|
|
|
erf := s.verifyExpirationToken(tokenParsed) |
|
|
|
|
|
|
|
if erf != nil { |
|
|
|
|
|
|
|
s.logger.Error(erf.Error()) |
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
//
|
|
|
|
// next.ServeHTTP(w, r.WithContext(ctx))
|
|
|
|
w.WriteHeader(http.StatusUnauthorized) |
|
|
|
next.ServeHTTP(w, r) |
|
|
|
w.Write([]byte(erf.Error())) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
// next.ServeHTTP(w, r.WithContext(ctx))
|
|
|
|
|
|
|
|
next.ServeHTTP(w, r) |
|
|
|
}) |
|
|
|
}) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
