(auth authenticate)
| 141 | } |
| 142 | |
| 143 | func (a *Auth) requireToken(auth authenticate) gin.HandlerFunc { |
| 144 | return func(ctx *gin.Context) { |
| 145 | token := a.tokenFromQueryOrHeader(ctx) |
| 146 | user, err := a.userFromBasicAuth(ctx) |
| 147 | if err != nil { |
| 148 | ctx.AbortWithError(500, errors.New("an error occurred while authenticating user")) |
| 149 | return |
| 150 | } |
| 151 | |
| 152 | if user != nil || token != "" { |
| 153 | authenticated, ok, userID, err := auth(token, user) |
| 154 | if err != nil { |
| 155 | ctx.AbortWithError(500, errors.New("an error occurred while authenticating user")) |
| 156 | return |
| 157 | } else if ok { |
| 158 | RegisterAuthentication(ctx, user, userID, token) |
| 159 | ctx.Next() |
| 160 | return |
| 161 | } else if authenticated { |
| 162 | ctx.AbortWithError(403, errors.New("you are not allowed to access this api")) |
| 163 | return |
| 164 | } |
| 165 | } |
| 166 | ctx.AbortWithError(401, errors.New("you need to provide a valid access token or user credentials to access this api")) |
| 167 | } |
| 168 | } |
| 169 | |
| 170 | func (a *Auth) Optional() gin.HandlerFunc { |
| 171 | return func(ctx *gin.Context) { |
no test coverage detected