d3m0k1d/d3m0k1d.ru
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: add auth to swagerr add middleware for check admin

Browse Source
This commit is contained in:
d3m0k1d
2026-02-14 16:26:27 +03:00
parent 05a8f0cbc7
commit 7e4dbd7e56
6 changed files with 123 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/cmd/main.go
View File

@@ -10,6 +10,10 @@ import (
ginSwagger "github.com/swaggo/gin-swagger"
)
// @securityDefinitions.apikey Bearer
// @in header
// @name Authorization
// @description Type "Bearer" followed by a space and the JWT token.
func main() {
log := logger.New(false)

23
backend/docs/docs.go
View File

@@ -133,6 +133,11 @@ const docTemplate = `{
}
},
"post": {
"security": [
{
"Bearer": []
}
],
"description": "Create new post",
"consumes": [
"application/json"
@@ -245,6 +250,11 @@ const docTemplate = `{
}
},
"put": {
"security": [
{
"Bearer": []
}
],
"description": "Update post",
"consumes": [
"application/json"
@@ -308,6 +318,11 @@ const docTemplate = `{
}
},
"delete": {
"security": [
{
"Bearer": []
}
],
"description": "Delete post",
"consumes": [
"application/json"
@@ -440,6 +455,14 @@ const docTemplate = `{
}
}
}
},
"securityDefinitions": {
"Bearer": {
"description": "Type \"Bearer\" followed by a space and the JWT token.",
"type": "apiKey",
"name": "Authorization",
"in": "header"
}
}
}`

23
backend/docs/swagger.json
View File

@@ -122,6 +122,11 @@
}
},
"post": {
"security": [
{
"Bearer": []
}
],
"description": "Create new post",
"consumes": [
"application/json"
@@ -234,6 +239,11 @@
}
},
"put": {
"security": [
{
"Bearer": []
}
],
"description": "Update post",
"consumes": [
"application/json"
@@ -297,6 +307,11 @@
}
},
"delete": {
"security": [
{
"Bearer": []
}
],
"description": "Delete post",
"consumes": [
"application/json"
@@ -429,5 +444,13 @@
}
}
}
},
"securityDefinitions": {
"Bearer": {
"description": "Type \"Bearer\" followed by a space and the JWT token.",
"type": "apiKey",
"name": "Authorization",
"in": "header"
}
}
}

12
backend/docs/swagger.yaml
View File

@@ -149,6 +149,8 @@ paths:
description: Invalid request
schema:
$ref: '#/definitions/gitea_d3m0k1d_ru_d3m0k1d_d3m0k1d_ru_backend_internal_models.ErrorResponse'
security:
- Bearer: []
summary: Create post
tags:
- posts
@@ -187,6 +189,8 @@ paths:
description: Internal server error
schema:
$ref: '#/definitions/gitea_d3m0k1d_ru_d3m0k1d_d3m0k1d_ru_backend_internal_models.ErrorResponse'
security:
- Bearer: []
summary: Delete post
tags:
- posts
@@ -263,7 +267,15 @@ paths:
description: Internal server error
schema:
$ref: '#/definitions/gitea_d3m0k1d_ru_d3m0k1d_d3m0k1d_ru_backend_internal_models.ErrorResponse'
security:
- Bearer: []
summary: Update post
tags:
- posts
securityDefinitions:
Bearer:
description: Type "Bearer" followed by a space and the JWT token.
in: header
name: Authorization
type: apiKey
swagger: "2.0"

61
backend/internal/auth/jwt.go
View File

@@ -16,6 +16,7 @@ func GenerateJWT(user storage.User) (string, error) {
token := jwt.NewWithClaims(jwt.SigningMethodHS512, jwt.MapClaims{
"id": user.ID,
"email": user.Email,
"login": user.GithubLogin,
"github_id": user.GithubID,
})
tokenString, err := token.SignedString(jwtSecret)
@@ -35,7 +36,6 @@ func JWTMiddleware() gin.HandlerFunc {
tokenString := strings.TrimPrefix(auth, "Bearer ")
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
@@ -53,8 +53,63 @@ func JWTMiddleware() gin.HandlerFunc {
return
}
c.Set("user_id", int(claims["id"].(float64)))
c.Set("login", claims["login"].(string))
idValue, idExists := claims["id"]
if !idExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing id in token"})
return
}
idFloat, ok := idValue.(float64)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid id type in token"})
return
}
githubIDValue, githubExists := claims["github_id"]
if !githubExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing github_id in token"})
return
}
githubIDFloat, ok := githubIDValue.(float64)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid github_id type in token"})
return
}
loginValue, loginExists := claims["login"]
if !loginExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing login in token"})
return
}
login, ok := loginValue.(string)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid login type in token"})
return
}
c.Set("user_id", int(idFloat))
c.Set("github_id", int(githubIDFloat))
c.Set("login", login)
c.Next()
}
}
func RequireAdmin() gin.HandlerFunc {
return func(c *gin.Context) {
githubID, exists := c.Get("github_id")
if !exists {
c.AbortWithStatusJSON(401, gin.H{"error": "unauthorized"})
return
}
id := githubID.(int)
if id != 173489813 {
c.AbortWithStatusJSON(403, gin.H{"error": "access denied"})
return
}
c.Next()
}
}

3
backend/internal/handlers/post_handlers.go
View File

@@ -95,6 +95,7 @@ func (h *PostHandlers) GetPost(c *gin.Context) {
// @Accept json
// @Produce json
// @Param post body storage.PostCreate true "Post data"
// @Security Bearer
// @Success 200 {object} models.SuccessResponse{data=storage.Post}
// @Failure 400 {object} models.ErrorResponse "Invalid request"
// @Router /posts [post]
@@ -127,6 +128,7 @@ func (h *PostHandlers) CreatePost(c *gin.Context) {
// @Param id path int true "Post ID"
// @Param post body storage.PostCreate true "Post data"
// @Produce json
// @Security Bearer
// @Success 200 {object} models.SuccessResponse{data=storage.PostCreate}
// @Failure 400 {object} models.ErrorResponse "Invalid ID format"
// @Failure 500 {object} models.ErrorResponse "Internal server error"
@@ -162,6 +164,7 @@ func (h *PostHandlers) UpdatePost(c *gin.Context) {
// @Param id path int true "Post ID"
// @Accept json
// @Produce json
// @Security Bearer
// @Failure 404 {object} models.ErrorResponse "Post not found"
// @Failure 400 {object} models.ErrorResponse "Invalid ID format"
// @Failure 500 {object} models.ErrorResponse "Internal server error"