Files
atahango/api/middlewares/auth_middleware.go
Beyhan Oğur bbbf76b184 first commit
2026-04-26 21:35:24 +03:00

48 lines
1.3 KiB
Go

package middlewares
import (
"gauth-central/internal/services"
"net/http"
"strings"
"github.com/gin-gonic/gin"
)
func AuthMiddleware(jwtService *services.JWTService) gin.HandlerFunc {
return func(c *gin.Context) {
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Authorization header is required"})
return
}
tokenString := strings.Replace(authHeader, "Bearer ", "", 1)
claims, err := jwtService.ValidateToken(tokenString)
if err != nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid token: " + err.Error()})
return
}
c.Set("user_id", claims.UserID)
c.Set("email", claims.Email)
c.Next()
}
}
// OptionalAuthMiddleware checks for a token but doesn't abort if it's missing or invalid.
// It sets user_id if a valid token is present.
func OptionalAuthMiddleware(jwtService *services.JWTService) gin.HandlerFunc {
return func(c *gin.Context) {
authHeader := c.GetHeader("Authorization")
if authHeader != "" {
tokenString := strings.Replace(authHeader, "Bearer ", "", 1)
claims, err := jwtService.ValidateToken(tokenString)
if err == nil {
c.Set("user_id", claims.UserID)
c.Set("email", claims.Email)
}
}
c.Next()
}
}