Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
486c972bba |
@@ -34,7 +34,7 @@ func NewMembershipController(service *service.MembershipService, auth *middlewar
|
||||
}
|
||||
|
||||
routeGroups.Auth.Post("/login", mc.Login)
|
||||
routeGroups.Auth.Post("/open-token", mc.GenerateOpenToken)
|
||||
routeGroups.Auth.Post("/open-token", mc.auth.Authenticate, mc.GenerateOpenToken)
|
||||
|
||||
usersGroup := routeGroups.Membership
|
||||
usersGroup.Use(mc.auth.Authenticate)
|
||||
|
||||
@@ -52,20 +52,28 @@ func NewAuthMiddleware(ms *service.MembershipService, cache *cache.InMemoryCache
|
||||
|
||||
// Authenticate is a middleware for JWT authentication with enhanced security.
|
||||
func (m *AuthMiddleware) AuthenticateOpen(ctx *fiber.Ctx) error {
|
||||
return m.AuthenticateWithHandler(m.openJWTHandler.JWTHandler, ctx)
|
||||
return m.AuthenticateWithHandler(m.openJWTHandler.JWTHandler, true, ctx)
|
||||
}
|
||||
|
||||
// Authenticate is a middleware for JWT authentication with enhanced security.
|
||||
func (m *AuthMiddleware) Authenticate(ctx *fiber.Ctx) error {
|
||||
return m.AuthenticateWithHandler(m.jwtHandler, ctx)
|
||||
return m.AuthenticateWithHandler(m.jwtHandler, false, ctx)
|
||||
}
|
||||
|
||||
func (m *AuthMiddleware) AuthenticateWithHandler(jwtHandler *jwt.JWTHandler, ctx *fiber.Ctx) error {
|
||||
func (m *AuthMiddleware) AuthenticateWithHandler(jwtHandler *jwt.JWTHandler, isOpenToken bool, ctx *fiber.Ctx) error {
|
||||
// Log authentication attempt
|
||||
ip := ctx.IP()
|
||||
userAgent := ctx.Get("User-Agent")
|
||||
|
||||
authHeader := ctx.Get("Authorization")
|
||||
|
||||
if jwtHandler.IsOpenToken && !isOpenToken {
|
||||
logging.Error("Authentication failed: attempting to authenticate with open token")
|
||||
return ctx.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "Wrong token type used",
|
||||
})
|
||||
}
|
||||
|
||||
if authHeader == "" {
|
||||
logging.Error("Authentication failed: missing Authorization header from IP %s", ip)
|
||||
return ctx.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
|
||||
@@ -18,7 +18,8 @@ type Claims struct {
|
||||
}
|
||||
|
||||
type JWTHandler struct {
|
||||
SecretKey []byte
|
||||
SecretKey []byte
|
||||
IsOpenToken bool
|
||||
}
|
||||
|
||||
type OpenJWTHandler struct {
|
||||
@@ -28,6 +29,7 @@ type OpenJWTHandler struct {
|
||||
// NewJWTHandler creates a new JWTHandler instance with the provided secret key.
|
||||
func NewOpenJWTHandler(jwtSecret string) *OpenJWTHandler {
|
||||
jwtHandler := NewJWTHandler(jwtSecret)
|
||||
jwtHandler.IsOpenToken = true
|
||||
return &OpenJWTHandler{
|
||||
JWTHandler: jwtHandler,
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user