middleware/auth/token/token.go

package token

import (
	"context"
	"errors"
	"net/http"

	"go.pkg.cx/middleware"
)

// Errors
var (
	ErrTokenInvalid  = errors.New("token invalid")
	ErrTokenNotFound = errors.New("token not found")
)

// Context keys
var (
	DataCtxKey  = &middleware.CtxKey{Pkg: "go.pkg.cx/middleware/auth/token", Name: "Data"}
	TokenCtxKey = &middleware.CtxKey{Pkg: "go.pkg.cx/middleware/auth/token", Name: "Token"}
)

// DefaultOptions represents default token auth middleware options
var DefaultOptions = Options(
	WithFindTokenFn(middleware.TokenFromHeader("X-Token")),
	WithFindTokenFn(middleware.TokenFromQuery("token")),
	SetValidateTokenFn(rejectAll),
	SetResponseHandler(RespondWithUnauthorized),
)

// Options turns a list of option instances into an option
func Options(opts ...Option) Option {
	return func(a *auth) {
		for _, opt := range opts {
			opt(a)
		}
	}
}

// Option configures token auth middleware
type Option func(a *auth)

// WithFindTokenFn adds token find function to the list
func WithFindTokenFn(fn func(r *http.Request) string) Option {
	return func(a *auth) {
		a.findTokenFns = append(a.findTokenFns, fn)
	}
}

// SetFindTokenFns sets token find functions list
func SetFindTokenFns(fns ...func(r *http.Request) string) Option {
	return func(a *auth) {
		a.findTokenFns = fns
	}
}

// SetValidateTokenFn sets token validation function
func SetValidateTokenFn(fn func(token string) (bool, interface{})) Option {
	return func(a *auth) {
		a.validateTokenFn = fn
	}
}

// SetResponseHandler sets response handler
func SetResponseHandler(fn middleware.ResponseHandle) Option {
	return func(a *auth) {
		a.responseHandler = fn
	}
}

type auth struct {
	findTokenFns    []func(r *http.Request) string
	validateTokenFn func(token string) (bool, interface{})
	responseHandler middleware.ResponseHandle
}

// Middleware returns token auth middleware
func Middleware(opts ...Option) func(next http.Handler) http.Handler {
	a := &auth{}
	opts = append([]Option{DefaultOptions}, opts...)

	for _, opt := range opts {
		opt(a)
	}

	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			var token string
			for _, findTokenFn := range a.findTokenFns {
				token = findTokenFn(r)
				if token != "" {
					break
				}
			}

			if token == "" {
				a.responseHandler(w, r, ErrTokenNotFound)
				return
			}

			valid, data := a.validateTokenFn(token)
			if !valid {
				a.responseHandler(w, r, ErrTokenInvalid)
				return
			}

			ctx := r.Context()
			ctx = context.WithValue(ctx, DataCtxKey, data)
			ctx = context.WithValue(ctx, TokenCtxKey, token)

			next.ServeHTTP(w, r.WithContext(ctx))
		})
	}
}

// RespondWithUnauthorized is a default response handler
func RespondWithUnauthorized(w http.ResponseWriter, _ *http.Request, _ error) {
	http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
}

func rejectAll(_ string) (bool, interface{}) {
	return false, nil
}
Merge some middlewares 2020-11-07 11:59:33 +00:00			`package token`

			`import (`
			`"context"`
			`"errors"`
			`"net/http"`

			`"go.pkg.cx/middleware"`
			`)`

			`// Errors`
			`var (`
			`ErrTokenInvalid = errors.New("token invalid")`
			`ErrTokenNotFound = errors.New("token not found")`
			`)`

			`// Context keys`
			`var (`
			`DataCtxKey = &middleware.CtxKey{Pkg: "go.pkg.cx/middleware/auth/token", Name: "Data"}`
			`TokenCtxKey = &middleware.CtxKey{Pkg: "go.pkg.cx/middleware/auth/token", Name: "Token"}`
			`)`

			`// DefaultOptions represents default token auth middleware options`
			`var DefaultOptions = Options(`
			`WithFindTokenFn(middleware.TokenFromHeader("X-Token")),`
			`WithFindTokenFn(middleware.TokenFromQuery("token")),`
			`SetValidateTokenFn(rejectAll),`
			`SetResponseHandler(RespondWithUnauthorized),`
			`)`

Fix comment format 2023-06-25 21:40:26 +00:00			`// Options turns a list of option instances into an option`
Merge some middlewares 2020-11-07 11:59:33 +00:00			`func Options(opts ...Option) Option {`
			`return func(a *auth) {`
			`for _, opt := range opts {`
			`opt(a)`
			`}`
			`}`
			`}`

			`// Option configures token auth middleware`
			`type Option func(a *auth)`

			`// WithFindTokenFn adds token find function to the list`
			`func WithFindTokenFn(fn func(r *http.Request) string) Option {`
			`return func(a *auth) {`
			`a.findTokenFns = append(a.findTokenFns, fn)`
			`}`
			`}`

			`// SetFindTokenFns sets token find functions list`
			`func SetFindTokenFns(fns ...func(r *http.Request) string) Option {`
			`return func(a *auth) {`
			`a.findTokenFns = fns`
			`}`
			`}`

			`// SetValidateTokenFn sets token validation function`
			`func SetValidateTokenFn(fn func(token string) (bool, interface{})) Option {`
			`return func(a *auth) {`
			`a.validateTokenFn = fn`
			`}`
			`}`

			`// SetResponseHandler sets response handler`
			`func SetResponseHandler(fn middleware.ResponseHandle) Option {`
			`return func(a *auth) {`
			`a.responseHandler = fn`
			`}`
			`}`

			`type auth struct {`
			`findTokenFns []func(r *http.Request) string`
			`validateTokenFn func(token string) (bool, interface{})`
			`responseHandler middleware.ResponseHandle`
			`}`

			`// Middleware returns token auth middleware`
			`func Middleware(opts ...Option) func(next http.Handler) http.Handler {`
			`a := &auth{}`
			`opts = append([]Option{DefaultOptions}, opts...)`

			`for _, opt := range opts {`
			`opt(a)`
			`}`

			`return func(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`var token string`
			`for _, findTokenFn := range a.findTokenFns {`
			`token = findTokenFn(r)`
			`if token != "" {`
			`break`
			`}`
			`}`

			`if token == "" {`
			`a.responseHandler(w, r, ErrTokenNotFound)`
			`return`
			`}`

			`valid, data := a.validateTokenFn(token)`
			`if !valid {`
			`a.responseHandler(w, r, ErrTokenInvalid)`
			`return`
			`}`

			`ctx := r.Context()`
			`ctx = context.WithValue(ctx, DataCtxKey, data)`
			`ctx = context.WithValue(ctx, TokenCtxKey, token)`

			`next.ServeHTTP(w, r.WithContext(ctx))`
			`})`
			`}`
			`}`

			`// RespondWithUnauthorized is a default response handler`
Fix lint errors 2023-06-25 20:10:30 +00:00			`func RespondWithUnauthorized(w http.ResponseWriter, _ *http.Request, _ error) {`
Merge some middlewares 2020-11-07 11:59:33 +00:00			`http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)`
			`}`

Fix lint errors 2023-06-25 20:10:30 +00:00			`func rejectAll(_ string) (bool, interface{}) {`
Merge some middlewares 2020-11-07 11:59:33 +00:00			`return false, nil`
			`}`