softplayer/softplayer-backend-leg
5
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Activity

Access token auth implemented

Browse Source 
Signed-off-by: Nikolai Rodionov <iam@allanger.xyz>
This commit is contained in:
Nikolai Rodionov
2026-04-28 13:46:52 +02:00
parent 69cdecb5b6
commit d2977ce4d9
1 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
internal/interceptors/authjwt.go
View File

@@ -2,11 +2,14 @@ package interceptors
import (
"context"
"fmt"
"strings"
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/tools/logger"
"github.com/golang-jwt/jwt/v5"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/status"
)
@@ -32,7 +35,25 @@ func (v *JWTVerifier) JWTAuthInterceptor(
log := logger.FromContext(v.serverCtx).WithValues("method", info.FullMethod)
if !strings.Contains(info.FullMethod, "NoAuth") {
log.Info("Checking the JWT token")
return nil, status.Error(codes.Unauthenticated, "Use is not authorized")
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
return nil, status.Error(codes.Unauthenticated, "User is not authorized")
}
tokenString := md.Get("token")[0]
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (any, error) {
// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
return v.secret, nil
}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Alg()}))
if err != nil {
return nil, status.Error(codes.Unauthenticated, "User is not authorized")
}
if claims, ok := token.Claims.(jwt.MapClaims); ok {
fmt.Println(claims["userID"])
} else {
fmt.Println(err)
}
// Get the token from the metadata
// Validate the token
// Get the user id from the token