442a1e2f9f
Backend: - Set JWT as HttpOnly cookie on login, add cookie fallback in auth middleware - Add /auth/logout endpoint to clear cookie - Fix CORS to echo origin with Allow-Credentials for withCredentials requests - Make SPA static serving optional via SERVE_SPA config flag Frontend: - Remove manual token management; rely on HttpOnly cookie + withCredentials - Simplify auth-slice to authenticated boolean flag - Fix Artefact interface to match backend fields (sha256Hash, fileName, fileSize) - Fix artefact upload endpoint and send version in FormData - Use KiB/MiB for file size display - Move Redux hooks from store/hooks to hooks/store
47 lines
989 B
Go
47 lines
989 B
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"onixbyte.com/pipely/internal/auth"
|
|
)
|
|
|
|
func AuthMiddleware(authSvc *auth.Service) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
token := extractToken(c)
|
|
if token == "" {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Authorisation token is missing"})
|
|
return
|
|
}
|
|
|
|
user, err := authSvc.ValidateToken(token)
|
|
if err != nil {
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorised: " + err.Error()})
|
|
return
|
|
}
|
|
|
|
c.Set("user", user)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func extractToken(c *gin.Context) string {
|
|
// First try the Authorization header
|
|
authHeader := c.GetHeader("Authorization")
|
|
if authHeader != "" {
|
|
parts := strings.SplitN(authHeader, " ", 2)
|
|
if len(parts) == 2 && parts[0] == "Bearer" {
|
|
return parts[1]
|
|
}
|
|
}
|
|
|
|
// Fall back to the cookie set at login
|
|
if cookie, err := c.Cookie("pipely_token"); err == nil {
|
|
return cookie
|
|
}
|
|
|
|
return ""
|
|
}
|