-
This commit is contained in:
37
user/internal/middleware/auth.go
Normal file
37
user/internal/middleware/auth.go
Normal file
@ -0,0 +1,37 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"github.com/RyanCopley/skybridge/user/internal/config"
|
||||
)
|
||||
|
||||
// Authentication middleware
|
||||
func Authentication(cfg config.ConfigProvider, logger *zap.Logger) gin.HandlerFunc {
|
||||
return gin.HandlerFunc(func(c *gin.Context) {
|
||||
// For development, we'll use header-based authentication
|
||||
if cfg.GetString("AUTH_PROVIDER") == "header" {
|
||||
userEmail := c.GetHeader(cfg.GetString("AUTH_HEADER_USER_EMAIL"))
|
||||
if userEmail == "" {
|
||||
logger.Warn("Missing authentication header",
|
||||
zap.String("header", cfg.GetString("AUTH_HEADER_USER_EMAIL")),
|
||||
zap.String("path", c.Request.URL.Path))
|
||||
|
||||
c.JSON(http.StatusUnauthorized, gin.H{
|
||||
"error": "Authentication required",
|
||||
})
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
// Set actor in context for handlers
|
||||
c.Set("actor_id", userEmail)
|
||||
c.Set("user_email", userEmail)
|
||||
}
|
||||
|
||||
c.Next()
|
||||
})
|
||||
}
|
||||
22
user/internal/middleware/cors.go
Normal file
22
user/internal/middleware/cors.go
Normal file
@ -0,0 +1,22 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// CORS middleware for handling cross-origin requests
|
||||
func CORS() gin.HandlerFunc {
|
||||
return gin.HandlerFunc(func(c *gin.Context) {
|
||||
c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-User-Email")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE, PATCH")
|
||||
|
||||
if c.Request.Method == "OPTIONS" {
|
||||
c.AbortWithStatus(204)
|
||||
return
|
||||
}
|
||||
|
||||
c.Next()
|
||||
})
|
||||
}
|
||||
34
user/internal/middleware/logging.go
Normal file
34
user/internal/middleware/logging.go
Normal file
@ -0,0 +1,34 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
// Logger middleware for structured logging
|
||||
func Logger(logger *zap.Logger) gin.HandlerFunc {
|
||||
return gin.LoggerWithFormatter(func(param gin.LogFormatterParams) string {
|
||||
logger.Info("HTTP request",
|
||||
zap.String("method", param.Method),
|
||||
zap.String("path", param.Path),
|
||||
zap.Int("status", param.StatusCode),
|
||||
zap.Duration("latency", param.Latency),
|
||||
zap.String("client_ip", param.ClientIP),
|
||||
zap.String("user_agent", param.Request.UserAgent()),
|
||||
)
|
||||
return ""
|
||||
})
|
||||
}
|
||||
|
||||
// Recovery middleware with structured logging
|
||||
func Recovery(logger *zap.Logger) gin.HandlerFunc {
|
||||
return gin.RecoveryWithWriter(gin.DefaultWriter, func(c *gin.Context, recovered interface{}) {
|
||||
logger.Error("Panic recovered",
|
||||
zap.Any("error", recovered),
|
||||
zap.String("method", c.Request.Method),
|
||||
zap.String("path", c.Request.URL.Path),
|
||||
zap.String("client_ip", c.ClientIP()),
|
||||
)
|
||||
c.AbortWithStatus(500)
|
||||
})
|
||||
}
|
||||
Reference in New Issue
Block a user