super-graph/serv/auth.go

72 lines
1.3 KiB
Go

package serv
import (
"context"
"errors"
"net/http"
"strings"
)
const (
salt = "encrypted cookie"
signSalt = "signed encrypted cookie"
emptySecret = ""
authHeader = "Authorization"
)
var (
userIDKey = struct{}{}
errSessionData = errors.New("error decoding session data")
)
func headerHandler(next http.HandlerFunc) http.HandlerFunc {
fn := conf.GetString("auth.field_name")
if len(fn) == 0 {
panic(errors.New("no auth.field_name defined"))
}
return func(w http.ResponseWriter, r *http.Request) {
userID := r.Header.Get(fn)
if len(userID) == 0 {
next.ServeHTTP(w, r)
return
}
ctx := context.WithValue(r.Context(), userIDKey, userID)
next.ServeHTTP(w, r.WithContext(ctx))
}
}
func withAuth(next http.HandlerFunc) http.HandlerFunc {
atype := strings.ToLower(conf.GetString("auth.type"))
if len(atype) == 0 {
return next
}
store := strings.ToLower(conf.GetString("auth.store"))
switch atype {
case "header":
return headerHandler(next)
case "rails":
switch store {
case "memcache":
return railsMemcacheHandler(next)
case "redis":
return railsRedisHandler(next)
default:
return railsCookieHandler(next)
}
case "jwt":
return jwtHandler(next)
default:
panic(errors.New("unknown auth.type"))
}
return next
}