Allow custom auth middleware on the route level (#62)

* Allow custom auth middleware on the route level * Rename args to options for auth middleware * Refactor enableSessionAuth flag check
warrant-dev · Apr 6, 2023 · 1f17a3b · 1f17a3b
1 parent 54b308c
commit 1f17a3b
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/pkg/service/auth.go b/pkg/service/auth.go
@@ -24,14 +24,18 @@ const (
 	authInfoKey key = iota
 )
 
+const (
+	EnableSessionAuthKey = "EnableSessionAuth"
+)
+
 type AuthInfo struct {
 	UserId   string
 	TenantId string
 }
 
-type AuthMiddlewareFunc func(next http.Handler, config *config.Config, enableSessionAuth bool) http.Handler
+type AuthMiddlewareFunc func(next http.Handler, config *config.Config, options map[string]interface{}) http.Handler
 
-func DefaultAuthMiddleware(next http.Handler, config *config.Config, enableSessionAuth bool) http.Handler {
+func DefaultAuthMiddleware(next http.Handler, config *config.Config, options map[string]interface{}) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		logger := hlog.FromRequest(r)
 
@@ -60,6 +64,13 @@ func DefaultAuthMiddleware(next http.Handler, config *config.Config, enableSessi
 			}
 			authInfo = &AuthInfo{}
 		case "Bearer":
+			enableSessionAuth, ok := options["enableSessionAuth"].(bool)
+			if !ok {
+				SendErrorResponse(w, NewUnauthorizedError("Error validating token"))
+				logger.Err(fmt.Errorf("enableSessionAuth must be of type bool"))
+				return
+			}
+
 			if !enableSessionAuth {
 				SendErrorResponse(w, NewUnauthorizedError("Error validating token"))
 				logger.Err(fmt.Errorf("invalid authentication for the endpoint")).Msg("Session authentication not supported for this endpoint")

diff --git a/pkg/service/router.go b/pkg/service/router.go
@@ -18,6 +18,7 @@ type Route struct {
 	Pattern           string
 	Method            string
 	Handler           http.Handler
+	AuthMiddleware    AuthMiddlewareFunc
 	DisableAuth       bool
 	EnableSessionAuth bool
 }
@@ -85,11 +86,16 @@ func NewRouter(config *config.Config, pathPrefix string, routes []Route, authMid
 
 	// Setup routes
 	for _, route := range routes {
+		defaultOptions := map[string]interface{}{
+			EnableSessionAuthKey: route.EnableSessionAuth,
+		}
 		routePattern := fmt.Sprintf("%s%s", pathPrefix, route.Pattern)
 		if route.DisableAuth || config.ApiKey == "" {
 			router.Handle(routePattern, route.Handler).Methods(route.Method)
+		} else if route.AuthMiddleware != nil {
+			router.Handle(routePattern, route.AuthMiddleware(route.Handler, config, defaultOptions)).Methods(route.Method)
 		} else {
-			router.Handle(routePattern, authMiddleware(route.Handler, config, route.EnableSessionAuth)).Methods(route.Method)
+			router.Handle(routePattern, authMiddleware(route.Handler, config, defaultOptions)).Methods(route.Method)
 		}
 	}