feat: add workaround for unauthorized chatting

2023-03-23 23:08:01 +03:00 · 2023-03-23 23:08:01 +03:00 · 7f61fdcb7a
commit 7f61fdcb7a
parent c81f067fec
3 changed files with 46 additions and 19 deletions
--- a/jwt_adapter/jwt_adapter.go
+++ b/jwt_adapter/jwt_adapter.go
@ -20,6 +20,7 @@ var (
 )

 type JwtAdapter struct {
+	Id string `json:"jti,omitempty"`
 	jwt.StandardClaims
 	Id string `json:"id"`
 }
--- a/middleware/http_middleware.go
+++ b/middleware/http_middleware.go
@ -6,8 +6,10 @@ import (
 	"heruvym/jwt_adapter"
 	"net/http"
 	"strings"
+	"time"

 	errors2 "github.com/pkg/errors"
+	"github.com/rs/xid"
 	"github.com/themakers/hlog"
 )

@ -20,6 +22,8 @@ type Middleware struct {
 	allowedRoles   map[string]string // key - path, value - roles
 }

+const sessionKey = "sess"
+
 func NewMiddleware(
 	logger hlog.Logger,
 	//mongo dal.LayerMongoDb,
@ -93,8 +97,11 @@ func (mw *Middleware) MiddlewareRecovery(next http.Handler) http.Handler {
 func (mw *Middleware) MiddlewareJwt(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

-		var token, role string
-fmt.Println("HOOOOOST", r.Header)
+		var (
+			token, role string
+			adapter     *jwt_adapter.JwtAdapter
+		)
+
 		switch r.Header["Referer"][0] {
 		case "admin.pena.digital":
 			role = "admin"
@ -111,22 +118,33 @@ fmt.Println("HOOOOOST", r.Header)
 				return
 			}
 			if len(r.Header[jwt_adapter.DefaultHeaderKey]) <= 0 {
-				mw.logger.Emit(ErrorJwtAccess{Err: errors2.New(jwt_adapter.DefaultHeaderKey + "header missing")})
-				w.WriteHeader(http.StatusUnauthorized)
-				return
+				if sessCookie, err := r.Cookie(sessionKey); err != nil {
+					id := xid.New().String()
+					adapter = &jwt_adapter.JwtAdapter{Id: id}
+					http.SetCookie(w, &http.Cookie{
+						Name:    sessionKey,
+						Value:   id,
+						Expires: time.Now().Add(time.Hour * 24 * 30),
+					})
+				} else {
+					adapter = &jwt_adapter.JwtAdapter{Id: sessCookie.Value}
+				}
+			} else {
+				token = r.Header[jwt_adapter.DefaultHeaderKey][0]
+				token = strings.Replace(token, "Bearer ", "", -1)
 			}
-			token = r.Header[jwt_adapter.DefaultHeaderKey][0]
-			token = strings.Replace(token, "Bearer ", "", -1)
 		} else {
 			token = tokenCookie.Value
 		}

-		adapter, err := jwt_adapter.Decode(token)
+		if adapter == nil {
+			adapter, err = jwt_adapter.Decode(token)

-		if err != nil {
-			mw.logger.Emit(ErrorJwtAccess{Err: err})
-			w.WriteHeader(http.StatusUnauthorized)
-			return
+			if err != nil {
+				mw.logger.Emit(ErrorJwtAccess{Err: err})
+				w.WriteHeader(http.StatusUnauthorized)
+				return
+			}
 		}

 		err = setJwtHeader(adapter, w, mw.logger)
--- a/middleware/sse_middleware.go
+++ b/middleware/sse_middleware.go
@ -16,14 +16,22 @@ func (mw *Middleware) MiddlewareGetJwt(next http.Handler) http.Handler {
 		ctx := r.Context()

 		bearer := r.URL.Query().Get(jwt_adapter.DefaultHeaderKey)
+		if bearer != "" {

-		adapter, err := jwt_adapter.Decode(bearer)
-		if err == nil {
-			//mw.logger.Emit(ErrorJwtAccess{Err: err})
-			//w.WriteHeader(http.StatusUnauthorized)
-			//return
-			ctx = context.WithValue(r.Context(), jwt_adapter.DefaultHeaderKey, adapter)
-			//
+			adapter, err := jwt_adapter.Decode(bearer)
+			if err == nil {
+				//mw.logger.Emit(ErrorJwtAccess{Err: err})
+				//w.WriteHeader(http.StatusUnauthorized)
+				//return
+				ctx = context.WithValue(r.Context(), jwt_adapter.DefaultHeaderKey, adapter)
+				//
+			}
+		} else {
+			sess := r.URL.Query().Get("s")
+			if sess == "" {
+				return
+			}
+			ctx = context.WithValue(r.Context(), jwt_adapter.DefaultHeaderKey, &jwt_adapter.JwtAdapter{Id: sess})
 		}

 		next.ServeHTTP(w, r.WithContext(ctx))