init: Initial commit

app/middlewares/auth.go

@@ -0,0 +1,38 @@
+package middlewares
+
+import (
+	"slices"
+	"strings"
+
+	"git.secnex.io/secnex/masterlog"
+	"git.secnex.io/secnex/oauth2-api/config"
+	"github.com/gofiber/fiber/v2"
+)
+
+func AuthMiddleware() fiber.Handler {
+	return func(c *fiber.Ctx) error {
+		if slices.Contains(config.CONFIG.UnprotectedEndpoints, c.Path()) {
+			masterlog.Debug("Unprotected endpoint", map[string]interface{}{"path": c.Path()})
+			return c.Next()
+		}
+		token := c.Get("Authorization")
+		if token == "" {
+			masterlog.Debug("No token provided", map[string]interface{}{"path": c.Path(), "authorization": c.Get("Authorization")})
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
+		}
+
+		tokenParts := strings.Split(token, " ")
+		if len(tokenParts) != 2 {
+			masterlog.Debug("Invalid token parts", map[string]interface{}{"token_parts": tokenParts})
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
+		}
+
+		tokenPartType, _ := tokenParts[0], tokenParts[1]
+		if tokenPartType != "Bearer" {
+			masterlog.Debug("Invalid token type", map[string]interface{}{"token_type": tokenPartType})
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
+		}
+
+		return c.Next()
+	}
+}