stereo.cat/backend
2
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

fix jwt middleware

Browse source
This commit is contained in:
grngxd 2025-06-08 20:45:39 +01:00
parent 37e0d7940e
commit b05135420c
2 changed files with 13 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.env.example
View file

@ -1,5 +1,7 @@
IMAGE_PATH=/tmp IMAGE_PATH=/tmp
REDIRECT_URI=http://localhost:8081/api/auth/callback REDIRECT_URI=http://localhost:8081/api/auth/callback
FRONTEND_URI=
DOMAIN=
CLIENT_ID= CLIENT_ID=
CLIENT_SECRET= CLIENT_SECRET=
FRONTEND_URI= FRONTEND_URI=

8
internal/auth/jwt.go
View file

@ -27,6 +27,9 @@ func invalidAuth(c *gin.Context) {
func JwtMiddleware(secret string) gin.HandlerFunc { func JwtMiddleware(secret string) gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
jwt, err := c.Cookie("jwt")
if err != nil {
// js as a fallback incase hex does a stupid again
jwtSplit := strings.Split(c.GetHeader("Authorization"), " ") jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" { if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
@ -34,7 +37,10 @@ func JwtMiddleware(secret string) gin.HandlerFunc {
return return
} }
claims, err := ValidateJWT(jwtSplit[1], secret) jwt = jwtSplit[1]
}
claims, err := ValidateJWT(jwt, secret)
if err != nil { if err != nil {
invalidAuth(c) invalidAuth(c)
return return