50 lines
1.3 KiB
Go
50 lines
1.3 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
"strings"
|
|
"tailly_back_v2/pkg/auth"
|
|
)
|
|
|
|
// WSAuthMiddleware проверяет JWT токен для WebSocket соединений
|
|
func WSAuthMiddleware(tokenAuth *auth.TokenAuth) func(http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.Header.Get("Upgrade") == "websocket" {
|
|
token := extractTokenFromRequest(r)
|
|
if token != "" {
|
|
if userID, err := tokenAuth.ValidateAccessToken(token); err == nil {
|
|
// Создаем контекст без таймаута для WebSocket
|
|
ctx := context.WithValue(r.Context(), userIDKey, userID)
|
|
r = r.WithContext(ctx)
|
|
}
|
|
}
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|
|
|
|
func extractTokenFromRequest(r *http.Request) string {
|
|
// Проверяем куки
|
|
cookie, err := r.Cookie("accessToken")
|
|
if err == nil {
|
|
return cookie.Value
|
|
}
|
|
|
|
// Проверяем заголовок Authorization
|
|
authHeader := r.Header.Get("Authorization")
|
|
if authHeader != "" && strings.HasPrefix(authHeader, "Bearer ") {
|
|
return strings.TrimPrefix(authHeader, "Bearer ")
|
|
}
|
|
|
|
// Проверяем query параметры
|
|
token := r.URL.Query().Get("token")
|
|
if token != "" {
|
|
return token
|
|
}
|
|
|
|
return ""
|
|
}
|