munawwirul_jamal/simrsx-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

validate auth from old app and fill auth info

Browse Source
This commit is contained in:
vanilia
2025-11-28 16:43:01 +07:00
parent 219d30b9c3
commit 708bceccdd
15 changed files with 138 additions and 833 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/interface/main-handler/authentication/handler.go
+22 -14
View File
@@ -9,12 +9,13 @@ import (
sp "github.com/karincake/semprit"
sr "github.com/karincake/serabi"
is "simrs-vx/internal/infra/sync-consumer-cfg"
pa "simrs-vx/internal/lib/auth"
m "simrs-vx/internal/domain/main-entities/user"
mf "simrs-vx/internal/domain/main-entities/user-fes"
pa "simrs-vx/internal/lib/auth"
s "simrs-vx/internal/use-case/main-use-case/authentication"
esga "simrs-vx/internal/domain/sync-entities/authentication"
s "simrs-vx/internal/use-case/main-use-case/authentication"
)
func Login(w http.ResponseWriter, r *http.Request) {
@@ -68,6 +69,10 @@ func Logout(w http.ResponseWriter, r *http.Request) {
}
func GuardMW(next http.Handler) http.Handler {
var (
accessDetail *pa.AuthInfo
err error
)
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Check if it's from sync
credential := esga.CredentialDto{}
@@ -75,23 +80,26 @@ func GuardMW(next http.Handler) http.Handler {
credential.SecretKey = r.Header.Get("X-Sync-SecretKey")
credential.UserName = r.Header.Get("X-Sync-UserName")
if credential.Source != "" || credential.SecretKey != "" || credential.UserName != "" {
// TODO: ngecall fungsi untuk dapat dari DB menlengkapi authinfo
accessDetail, err := s.GetAuthInfoByUserName(credential.UserName)
// validate secretKey and source
if credential.SecretKey != is.O.SecretKey || credential.Source != is.O.OldSource {
rw.WriteJSON(w, http.StatusUnauthorized, d.IS{"message": "invalid consumer credential"}, nil)
return
}
accessDetail, err = s.GetAuthInfoByUserName(credential.UserName)
if err != nil {
rw.WriteJSON(w, http.StatusUnauthorized, err.(d.FieldError), nil)
return
}
} else {
// Normal flow goes here
accessDetail, err = s.ExtractToken(r, s.AccessToken)
if err != nil {
rw.WriteJSON(w, http.StatusUnauthorized, err.(d.FieldError), nil)
return
}
ctx := context.WithValue(r.Context(), pa.AuthKey{}, accessDetail)
next.ServeHTTP(w, r.WithContext(ctx))
return
}
// Normal flow goes here
accessDetail, err := s.ExtractToken(r, s.AccessToken)
if err != nil {
rw.WriteJSON(w, http.StatusUnauthorized, err.(d.FieldError), nil)
return
}
ctx := context.WithValue(r.Context(), pa.AuthKey{}, accessDetail)
next.ServeHTTP(w, r.WithContext(ctx))
})