62 lines
1.3 KiB
Go
62 lines
1.3 KiB
Go
package middlewares
|
|
|
|
import (
|
|
"net/http"
|
|
"path"
|
|
"strings"
|
|
|
|
"git.secnex.io/secnex/api-gateway/config"
|
|
"git.secnex.io/secnex/api-gateway/res"
|
|
"git.secnex.io/secnex/masterlog"
|
|
)
|
|
|
|
func authPathMatches(pattern, requestPath string) bool {
|
|
if pattern == "*" {
|
|
return true
|
|
}
|
|
if pattern == requestPath {
|
|
return true
|
|
}
|
|
if strings.Contains(pattern, "*") {
|
|
matched, _ := path.Match(pattern, requestPath)
|
|
return matched
|
|
}
|
|
return false
|
|
}
|
|
|
|
func Auth(next http.Handler, authType string, authHeader string, authPath config.AuthPathConfiguration) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
masterlog.Debug("Auth middleware", map[string]interface{}{
|
|
"path": r.URL.Path,
|
|
"include": authPath.Include,
|
|
"exclude": authPath.Exclude,
|
|
})
|
|
if len(authPath.Include) > 0 {
|
|
matched := false
|
|
for _, include := range authPath.Include {
|
|
if authPathMatches(include, r.URL.Path) {
|
|
matched = true
|
|
break
|
|
}
|
|
}
|
|
if !matched {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
} else {
|
|
for _, exclude := range authPath.Exclude {
|
|
if authPathMatches(exclude, r.URL.Path) {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
}
|
|
}
|
|
if r.Header.Get(authHeader) == "" {
|
|
res.Unauthorized(w)
|
|
return
|
|
}
|
|
r.Header.Del(authHeader)
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|