BearerAuth authenticates a user based on the bearer token
(logger telemetry.Logger, tracer telemetry.Tracer, authClient *auth.Client)
| 14 | |
| 15 | // BearerAuth authenticates a user based on the bearer token |
| 16 | func BearerAuth(logger telemetry.Logger, tracer telemetry.Tracer, authClient *auth.Client) fiber.Handler { |
| 17 | logger = logger.WithService("middlewares.BearerAuth") |
| 18 | return func(c fiber.Ctx) error { |
| 19 | _, span := tracer.StartFromFiberCtx(c, "middlewares.BearerAuth") |
| 20 | defer span.End() |
| 21 | |
| 22 | authToken := c.Get(authHeaderBearer) |
| 23 | if !strings.HasPrefix(authToken, bearerScheme) { |
| 24 | span.AddEvent(fmt.Sprintf("The request header has no [%s] token", bearerScheme)) |
| 25 | return c.Next() |
| 26 | } |
| 27 | |
| 28 | if len(authToken) > len(bearerScheme)+1 { |
| 29 | authToken = authToken[len(bearerScheme)+1:] |
| 30 | } |
| 31 | |
| 32 | ctxLogger := tracer.CtxLogger(logger, span) |
| 33 | |
| 34 | token, err := authClient.VerifyIDToken(context.Background(), authToken) |
| 35 | if err != nil { |
| 36 | msg := fmt.Sprintf("invalid firebase id token [%s]", authToken) |
| 37 | ctxLogger.Warn(tracer.WrapErrorSpan(span, stacktrace.Propagate(err, msg))) |
| 38 | return c.Next() |
| 39 | } |
| 40 | |
| 41 | span.AddEvent(fmt.Sprintf("[%s] token is valid", bearerScheme)) |
| 42 | |
| 43 | authUser := entities.AuthContext{ |
| 44 | Email: token.Claims["email"].(string), |
| 45 | ID: entities.UserID(token.Claims["user_id"].(string)), |
| 46 | } |
| 47 | |
| 48 | c.Locals(ContextKeyAuthUserID, authUser) |
| 49 | return c.Next() |
| 50 | } |
| 51 | } |
nothing calls this directly
no test coverage detected