requireAuthentication checks incoming requests for tokens presented using the Authorization header
(w http.ResponseWriter, r *http.Request)
| 18 | |
| 19 | // requireAuthentication checks incoming requests for tokens presented using the Authorization header |
| 20 | func (a *API) requireAuthentication(w http.ResponseWriter, r *http.Request) (context.Context, error) { |
| 21 | token, err := a.extractBearerToken(r) |
| 22 | if err != nil { |
| 23 | return nil, err |
| 24 | } |
| 25 | |
| 26 | ctx, err := a.parseJWTClaims(token, r) |
| 27 | if err != nil { |
| 28 | return ctx, err |
| 29 | } |
| 30 | |
| 31 | ctx, err = a.maybeLoadUserOrSession(ctx) |
| 32 | if err != nil { |
| 33 | return ctx, err |
| 34 | } |
| 35 | return ctx, err |
| 36 | } |
| 37 | |
| 38 | func (a *API) requireNotAnonymous(w http.ResponseWriter, r *http.Request) (context.Context, error) { |
| 39 | ctx := r.Context() |
no test coverage detected