Skip to content

Commit

Permalink
Merge pull request #8 from capstone-kelompok-7/feature/middleware
Browse files Browse the repository at this point in the history
Feature/middleware
  • Loading branch information
masnann authored Nov 7, 2023
2 parents 9648e81 + 0734544 commit 11e4342
Show file tree
Hide file tree
Showing 6 changed files with 86 additions and 3 deletions.
2 changes: 1 addition & 1 deletion main.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func main() {
e.GET("/", func(c echo.Context) error {
return c.String(http.StatusOK, "Hello, Disappear!")
})
routes.RouteUser(e, userHandler)
routes.RouteUser(e, userHandler, jwtService, userService)
routes.RouteAuth(e, authHandler)
routes.RouteVoucher(e, voucherHandler)
routes.RouteProduct(e, productHandler)
Expand Down
51 changes: 51 additions & 0 deletions middlewares/auth.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package middlewares

import (
"github.com/capstone-kelompok-7/backend-disappear/module/users"
"github.com/capstone-kelompok-7/backend-disappear/utils"
"github.com/capstone-kelompok-7/backend-disappear/utils/response"
"github.com/golang-jwt/jwt"
"github.com/labstack/echo/v4"
"net/http"
"strings"
)

func AuthMiddleware(jwtService utils.JWTInterface, userService users.ServiceUserInterface) echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
authHeader := c.Request().Header.Get("Authorization")

if !strings.HasPrefix(authHeader, "Bearer ") {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Tidak diizinkan: Token Bearer hilang atau tidak valid")
}

tokenString := strings.TrimPrefix(authHeader, "Bearer ")

token, err := jwtService.ValidateToken(tokenString)
if err != nil {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Tidak diizinkan: Token tidak valid "+err.Error())
}

claims, ok := token.Claims.(jwt.MapClaims)
if !ok || !token.Valid {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Tidak diizinkan: Token tidak valid atau telah kadaluarsa "+err.Error())
}

userIDFloat, ok := claims["user_id"].(float64)
if !ok {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Tidak diizinkan: ID Pengguna tidak valid "+err.Error())
}

userID := uint64(userIDFloat)

user, err := userService.GetUsersById(userID)
if err != nil {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Tidak diizinkan: Pengguna tidak ditemukan "+err.Error())
}

c.Set("CurrentUser", user)

return next(c)
}
}
}
1 change: 1 addition & 0 deletions module/review/interface.go
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
package review
27 changes: 27 additions & 0 deletions module/users/handler/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@ package handler

import (
"github.com/capstone-kelompok-7/backend-disappear/module/users"
user "github.com/capstone-kelompok-7/backend-disappear/module/users/domain"
"github.com/capstone-kelompok-7/backend-disappear/utils/response"
"github.com/labstack/echo/v4"
"net/http"
"strconv"
)

type UserHandler struct {
Expand Down Expand Up @@ -47,3 +49,28 @@ func (h *UserHandler) GetUsersByEmail() echo.HandlerFunc {
return response.SendSuccessResponse(c, "Success", user)
}
}

func (h *UserHandler) GetUsersById() echo.HandlerFunc {
return func(c echo.Context) error {
currentUser := c.Get("CurrentUser").(*user.UserModels)
if currentUser.Role != "admin" {
return response.SendErrorResponse(c, http.StatusUnauthorized, "Unauthorized: You don't have permission")
}
id := c.Param("id")
if id == "" {
return response.SendErrorResponse(c, http.StatusBadRequest, "ID parameter is missing")
}

userID, err := strconv.ParseUint(id, 10, 64)
if err != nil {
return response.SendErrorResponse(c, http.StatusBadRequest, "Invalid ID format")
}

user, err := h.service.GetUsersById(userID)
if err != nil {
return response.SendErrorResponse(c, http.StatusNotFound, "User not found")
}

return response.SendSuccessResponse(c, "Success", user)
}
}
1 change: 1 addition & 0 deletions module/users/interface.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,5 @@ type ServiceUserInterface interface {
type HandlerUserInterface interface {
GetAllUsers() echo.HandlerFunc
GetUsersByEmail() echo.HandlerFunc
GetUsersById() echo.HandlerFunc
}
7 changes: 5 additions & 2 deletions routes/routes.go
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
package routes

import (
"github.com/capstone-kelompok-7/backend-disappear/middlewares"
"github.com/capstone-kelompok-7/backend-disappear/module/auth"
"github.com/capstone-kelompok-7/backend-disappear/module/product"
"github.com/capstone-kelompok-7/backend-disappear/module/users"
"github.com/capstone-kelompok-7/backend-disappear/module/voucher"
"github.com/capstone-kelompok-7/backend-disappear/utils"
"github.com/labstack/echo/v4"
)

Expand All @@ -13,10 +15,11 @@ func RouteAuth(e *echo.Echo, h auth.HandlerAuthInterface) {
e.POST("api/v1/auth/login", h.Login())
}

func RouteUser(e *echo.Echo, h users.HandlerUserInterface) {
func RouteUser(e *echo.Echo, h users.HandlerUserInterface, jwtService utils.JWTInterface, userService users.ServiceUserInterface) {
users := e.Group("api/v1/users")
users.GET("/list", h.GetAllUsers())
users.GET("/by-email", h.GetUsersByEmail())
users.GET("/by-email", h.GetUsersByEmail(), middlewares.AuthMiddleware(jwtService, userService))
users.GET("/:id", h.GetUsersById(), middlewares.AuthMiddleware(jwtService, userService))
}

func RouteVoucher(e *echo.Echo, h voucher.HandlerVoucherInterface) {
Expand Down

0 comments on commit 11e4342

Please sign in to comment.