jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openreplay/backend/pkg/server/auth/auth.go
Alexander 6830c8879f
web module refactoring (#2725) 
* feat(server): moved an http server object into a pkg subdir to be reusable for http, spots, and integrations

* feat(web): isolated web module (server, router, middleware, utils) used in spots and new integrations

* feat(web): removed possible panic

* feat(web): split all handlers from http service into different packages for better management.

* feat(web): changed router's method signature

* feat(web): added missing handlers interface

* feat(web): added health middleware to remove unnecessary checks

* feat(web): customizable middleware set for web servers

* feat(web): simplified the handler's structure

* feat(web): created an unified server.Run method for all web services (http, spot, integrations)

* feat(web): fixed a json size limit issue

* feat(web): removed Keys and PG connection from router

* feat(web): simplified integration's main file

* feat(web): simplified spot's main file

* feat(web): simplified http's main file (builder)

* feat(web): refactored audit trail functionality

* feat(web): added ee version of audit trail

* feat(web): added ee version of conditions module

* feat(web): moved ee version of some web session structs

* feat(web): new format of web metrics

* feat(web): added new web metrics to all handlers

* feat(web): added justExpired feature to web ingest handler

* feat(web): added small integrations improvements
2024-11-21 17:48:04 +01:00

59 lines
1.4 KiB
Go
Raw Blame History

package auth
import (
"fmt"
"net/http"
"strings"
"github.com/golang-jwt/jwt/v5"
"openreplay/backend/pkg/db/postgres/pool"
"openreplay/backend/pkg/logger"
"openreplay/backend/pkg/server/keys"
"openreplay/backend/pkg/server/user"
)
type Auth interface {
IsAuthorized(authHeader string, permissions []string, isExtension bool) (*user.User, error)
Middleware(next http.Handler) http.Handler
}
type authImpl struct {
log logger.Logger
secret string
spotSecret string
pgconn pool.Pool
keys keys.Keys
}
func NewAuth(log logger.Logger, jwtSecret, jwtSpotSecret string, conn pool.Pool, keys keys.Keys) Auth {
return &authImpl{
log: log,
secret: jwtSecret,
spotSecret: jwtSpotSecret,
pgconn: conn,
keys: keys,
}
}
func parseJWT(authHeader, secret string) (*user.JWTClaims, error) {
if authHeader == "" {
return nil, fmt.Errorf("authorization header missing")
}
tokenParts := strings.Split(authHeader, "Bearer ")
if len(tokenParts) != 2 {
return nil, fmt.Errorf("invalid authorization header")
}
tokenString := tokenParts[1]
claims := &user.JWTClaims{}
token, err := jwt.ParseWithClaims(tokenString, claims,
func(token *jwt.Token) (interface{}, error) {
return []byte(secret), nil
})
if err != nil || !token.Valid {
fmt.Printf("token err: %v\n", err)
return nil, fmt.Errorf("invalid token")
}
return claims, nil
}
Reference in a new issue View git blame Copy permalink