From 141f7bcc482797949513e3874de0e290fc3aa4fb Mon Sep 17 00:00:00 2001 From: Logan Date: Fri, 5 Jul 2024 21:05:27 +0100 Subject: [PATCH] feat: move auth split into seperate function (#14) * feat: move auth split into seperate function * feat: fmt and go mod tidy --- go.mod | 12 +++++++----- go.sum | 6 ++++-- handlers.go | 21 +++------------------ middleware.go | 39 ++++++++++++++++++++++++--------------- 4 files changed, 38 insertions(+), 40 deletions(-) diff --git a/go.mod b/go.mod index 82b6108..c3f1de7 100644 --- a/go.mod +++ b/go.mod @@ -2,12 +2,14 @@ module url-short go 1.22.4 +require ( + github.com/golang-jwt/jwt/v5 v5.2.1 + github.com/lib/pq v1.10.9 + github.com/redis/go-redis/v9 v9.5.3 + golang.org/x/crypto v0.24.0 +) + require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect - github.com/golang-jwt/jwt v3.2.2+incompatible // indirect - github.com/golang-jwt/jwt/v5 v5.2.1 // indirect - github.com/lib/pq v1.10.9 // indirect - github.com/redis/go-redis/v9 v9.5.3 // indirect - golang.org/x/crypto v0.24.0 // indirect ) diff --git a/go.sum b/go.sum index 4a54df3..f363703 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,11 @@ +github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs= +github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= +github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA= +github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= -github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= diff --git a/handlers.go b/handlers.go index 003fcb8..963278e 100644 --- a/handlers.go +++ b/handlers.go @@ -11,7 +11,6 @@ import ( "net/mail" "net/url" "strconv" - "strings" "time" "github.com/golang-jwt/jwt/v5" @@ -400,27 +399,13 @@ func (apiCfg *apiConfig) putAPIUsers(w http.ResponseWriter, r *http.Request, use } func (apiCfg *apiConfig) postAPIRefresh(w http.ResponseWriter, r *http.Request) { - // We handle the Auth header in two places if we do this a third time pull this out into a general Auth header - // processing function - authHeader := r.Header.Get("Authorization") + requestToken, err := extractAuthTokenFromRequest(r) - if authHeader == "" { - respondWithError(w, http.StatusBadRequest, "no auth header supplied") + if err != nil { + respondWithError(w, http.StatusBadRequest, err.Error()) return } - splitAuth := strings.Split(authHeader, " ") - - if len(splitAuth) == 0 { - respondWithError(w, http.StatusBadRequest, "empty auth header") - } - - if len(splitAuth) != 2 && splitAuth[0] != "Bearer" { - respondWithError(w, http.StatusBadRequest, "invalid paremeters") - } - - requestToken := splitAuth[1] - user, err := apiCfg.DB.SelectUserByRefreshToken(r.Context(), sql.NullString{String: requestToken, Valid: true}) if err != nil { diff --git a/middleware.go b/middleware.go index 798ae7d..4db3a79 100644 --- a/middleware.go +++ b/middleware.go @@ -1,6 +1,7 @@ package main import ( + "errors" "log" "net/http" "strconv" @@ -10,29 +11,37 @@ import ( "github.com/golang-jwt/jwt/v5" ) +func extractAuthTokenFromRequest(r *http.Request) (string, error) { + authHeader := r.Header.Get("Authorization") + + if authHeader == "" { + return "", errors.New("no authorization header supplied") + } + + splitAuth := strings.Split(authHeader, " ") + + if len(splitAuth) == 0 { + return "", errors.New("empty authorization header") + } + + if len(splitAuth) != 2 && splitAuth[0] != "Bearer" { + return "", errors.New("invalid data in authorization header") + } + + return splitAuth[1], nil +} + type authedHandeler func(http.ResponseWriter, *http.Request, database.User) func (apiCfg *apiConfig) authenticationMiddleware(handler authedHandeler) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - authHeader := r.Header.Get("Authorization") + requestToken, err := extractAuthTokenFromRequest(r) - if authHeader == "" { - respondWithError(w, http.StatusBadRequest, "no auth header supplied") + if err != nil { + respondWithError(w, http.StatusUnauthorized, err.Error()) return } - splitAuth := strings.Split(authHeader, " ") - - if len(splitAuth) == 0 { - respondWithError(w, http.StatusBadRequest, "empty auth header") - } - - if len(splitAuth) != 2 && splitAuth[0] != "Bearer" { - respondWithError(w, http.StatusBadRequest, "invalid paremeters") - } - - requestToken := splitAuth[1] - claims := jwt.RegisteredClaims{} token, err := jwt.ParseWithClaims(