stereo.cat/backend
2
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

fix jwt middleware

Browse source
This commit is contained in:
grngxd 2025-06-08 20:45:39 +01:00
parent 37e0d7940e
commit b05135420c
2 changed files with 13 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.env.example
View file

@ -1,5 +1,7 @@
IMAGE_PATH=/tmp
REDIRECT_URI=http://localhost:8081/api/auth/callback
FRONTEND_URI=
DOMAIN=
CLIENT_ID=
CLIENT_SECRET=
FRONTEND_URI=

16
internal/auth/jwt.go
View file

@ -27,14 +27,20 @@ func invalidAuth(c *gin.Context) {
func JwtMiddleware(secret string) gin.HandlerFunc {
return func(c *gin.Context) {
jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
jwt, err := c.Cookie("jwt")
if err != nil {
// js as a fallback incase hex does a stupid again
jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
invalidAuth(c)
return
if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
invalidAuth(c)
return
}
jwt = jwtSplit[1]
}
claims, err := ValidateJWT(jwtSplit[1], secret)
claims, err := ValidateJWT(jwt, secret)
if err != nil {
invalidAuth(c)
return