123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 |
- package fire
- import (
- "context"
- "net/http"
- "strings"
- firebase "firebase.google.com/go"
- "git.mokkon.com/sainw/server_helper.git/util"
- )
- // ContextKey to be used as context key type
- type ContextKey string
- // UserClaimIDContextKey context key for auth id
- const UserClaimIDContextKey = ContextKey("User Claim ID")
- // UserClaim holds user information
- type UserClaim struct {
- UserID string
- AuthID string
- PhoneNumber string
- Status string
- Privileges []string
- }
- // User holds user information
- type User struct {
- ID string `json:"id"`
- UserName string `json:"user_name"`
- PhoneNumber string `json:"phone_number"`
- Status string `json:"status"`
- SysAdmin bool `json:"sys_admin"`
- Privileges []string `json:"privileges"`
- }
- // GetUserClaim returns UserClaim from context
- func GetUserClaim(ctx context.Context) (UserClaim, bool) {
- userClaim, ok := ctx.Value(UserClaimIDContextKey).(UserClaim)
- return userClaim, ok
- }
- func (c UserClaim) HasPrivileges(ps ...string) bool {
- for _, p := range ps {
- if util.Contains(c.Privileges, p) {
- return true
- }
- }
- return false
- }
- func Auth(app *firebase.App, h http.Handler) http.Handler {
- fn := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- // read token
- token := r.Header.Get("Token")
- ctx := r.Context()
- if token == "" {
- util.WriteResponse(w, http.StatusUnauthorized, "Error", "invalid token")
- return
- }
- client, err := app.Auth(ctx)
- if err != nil {
- util.WriteResponse(w, http.StatusInternalServerError, "Error", err.Error())
- return
- }
- authToken, err := client.VerifyIDToken(ctx, token)
- if err != nil {
- util.WriteResponse(w, http.StatusUnauthorized, "Error", "unverifiable idToken")
- return
- }
- var privileges []string
- if str, ok := authToken.Claims["pr"].(string); ok {
- privileges = strings.Split(str, ":")
- }
- userID := ""
- if str, ok := authToken.Claims["cid"].(string); ok {
- userID = str
- }
- phoneNumber := ""
- if str, ok := authToken.Claims["phone_number"].(string); ok {
- phoneNumber = str
- }
- status := ""
- if str, ok := authToken.Claims["st"].(string); ok {
- status = str
- }
- userClaim := UserClaim{AuthID: authToken.UID, UserID: userID,
- PhoneNumber: phoneNumber, Privileges: privileges, Status: status}
- ctx = context.WithValue(ctx, UserClaimIDContextKey, userClaim)
- r = r.WithContext(ctx)
- h.ServeHTTP(w, r)
- })
- return fn
- }
|