package middleware import ( "errors" "fmt" "speechAnalysis/conf" "strings" "time" jwt "github.com/dgrijalva/jwt-go" "github.com/gin-gonic/gin" "speechAnalysis/extend/util" ) func validateToken(tokenString string) (util.JSON, error) { secretKey := []byte(conf.WebConf.JWTSecret) token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) { // Don't forget to validate the alg is what you expect: if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) } return secretKey, nil }) if err != nil { return util.JSON{}, err } if !token.Valid { return util.JSON{}, errors.New("invalid token") } return token.Claims.(jwt.MapClaims), nil } // JWTMiddleware parses JWT token from cookie and stores data and expires date to the context // JWT Token can be passed as cookie, or Authorization header func JWTMiddleware() gin.HandlerFunc { return func(c *gin.Context) { tokenString, err := c.Cookie("token") // failed to read cookie if err != nil { // try reading HTTP Header authorization := c.Request.Header.Get("Authorization") if authorization == "" { c.Next() return } sp := strings.Split(authorization, "Bearer ") // invalid token if len(sp) < 1 { c.Next() return } tokenString = sp[1] } tokenData, err := validateToken(tokenString) if err != nil { fmt.Println(err.Error()) c.Next() return } userParentId := tokenData["parentId"].(string) if userParentId == conf.WebConf.NodeId { c.Set("parentId", userParentId) } else { c.Next() return } c.Set("token_expire", tokenData["exp"]) c.Next() } } func GenerateToken(data interface{}) (string, error) { // token is valid for 1 hour date := time.Now().Add(time.Hour * 12) token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ "user": data, "exp": date.Unix(), }) secretKey := []byte(conf.WebConf.JWTSecret) tokenString, err := token.SignedString(secretKey) return tokenString, err }