summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cmd/api/main.go14
1 files changed, 5 insertions, 9 deletions
diff --git a/cmd/api/main.go b/cmd/api/main.go
index f6eed9a..0301e4f 100644
--- a/cmd/api/main.go
+++ b/cmd/api/main.go
@@ -17,7 +17,6 @@ import (
"github.com/go-chi/chi/v5"
"github.com/go-chi/chi/v5/middleware"
"github.com/go-chi/cors"
- "github.com/go-chi/jwtauth/v5"
"github.com/joho/godotenv"
"github.com/xlgmokha/api-auth0/pkg/x"
)
@@ -28,9 +27,6 @@ func BuildJwtMiddleware(issuerURL *url.URL) *jwtmiddleware.JWTMiddleware {
validator.WithCustomClaims(func() validator.CustomClaims { return &x.CustomClaims{} }),
validator.WithAllowedClockSkew(time.Minute),
))
- extractor := jwtmiddleware.TokenExtractor(func(r *http.Request) (string, error) {
- return jwtauth.TokenFromHeader(r), nil
- })
errHandler := func(w http.ResponseWriter, r *http.Request, err error) {
w.Header().Set("Content-Type", "application/json")
@@ -41,7 +37,6 @@ func BuildJwtMiddleware(issuerURL *url.URL) *jwtmiddleware.JWTMiddleware {
jwtValidator.ValidateToken,
jwtmiddleware.WithCredentialsOptional(true),
jwtmiddleware.WithErrorHandler(errHandler),
- jwtmiddleware.WithTokenExtractor(extractor),
jwtmiddleware.WithValidateOnOptions(false),
)
}
@@ -79,8 +74,7 @@ func main() {
}))
issuer := x.Must(url.Parse("https://" + os.Getenv("AUTH0_DOMAIN") + "/"))
-
- jwtMiddleware := BuildJwtMiddleware(issuer)
+ token := BuildJwtMiddleware(issuer)
r.Route("/api", func(r chi.Router) {
r.Get("/public", func(w http.ResponseWriter, r *http.Request) {
@@ -89,7 +83,8 @@ func main() {
w.Write([]byte(`{"message":"public"}`))
})
r.Route("/users", func(r chi.Router) {
- r.Use(Authorize(jwtMiddleware, []x.Permission{"read:users"}))
+ r.Use(Authorize(token, []x.Permission{"read:users"}))
+
r.Get("/", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
@@ -97,7 +92,8 @@ func main() {
})
})
r.Route("/incidents", func(r chi.Router) {
- r.Use(Authorize(jwtMiddleware, []x.Permission{"read:incidents"}))
+ r.Use(Authorize(token, []x.Permission{"read:incidents"}))
+
r.Get("/", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 03:00:32 +0000