-
Notifications
You must be signed in to change notification settings - Fork 8
/
config.go
168 lines (135 loc) · 4.29 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
// 1.2.1-alpha
package gofiberfirebaseauth
import (
"context"
"errors"
"fmt"
firebase "firebase.google.com/go"
"firebase.google.com/go/auth"
"github.com/gofiber/fiber/v2"
)
type User struct {
EmailVerified bool
UserID, Email string
}
// Config defines the config for middleware
type Config struct {
// New firebase authntication object
// Mandatory. Default: nil
FirebaseApp *firebase.App
// Ignore urls array
// Optional. Default: nil
IgnoreUrls []string
// Skip Email Check.
// Optional. Default: nil
CheckEmailVerified bool
// Ignore email verification for these routes
// Optional. Default: nil
CheckEmailVerifiedIgnoredUrls []string
// Filter defines a function to skip middleware.
// Optional. Default: nil
Next func(c *fiber.Ctx) bool
// Authorizer defines a function which authenticate the Authorization token and return the authenticated token
// Optional. Default: nil
Authorizer func(string, string) (*auth.Token, error)
// SuccessHandler defines a function which is executed for a valid token.
// Optional. Default: nil
SuccessHandler fiber.Handler
// ErrorHandler defines a function which is executed for an invalid token.
// It may be used to define a custom JWT error.
// Optional. Default: nil
ErrorHandler fiber.ErrorHandler
// Context key to store user information from the token into context.
// Optional. Default: "user".
ContextKey string
}
// ConfigDefault is the default config
var ConfigDefault = Config{
Next: nil,
IgnoreUrls: nil,
Authorizer: nil,
ErrorHandler: nil,
SuccessHandler: nil,
CheckEmailVerified: false,
CheckEmailVerifiedIgnoredUrls: nil,
ContextKey: "",
}
// Initializer
func configDefault(config ...Config) Config {
// Return default config if nothing provided
if len(config) < 1 {
return ConfigDefault
}
// Override default config
cfg := config[0]
if cfg.ContextKey == "" {
cfg.ContextKey = "user"
}
// Check Mandatory FirebaseApp is provided
if cfg.FirebaseApp == nil {
fmt.Println("****************************************************************")
fmt.Println("gofiberfirebaseauth :: Error PLEASE PASS Firebase App in Config")
fmt.Println("*****************************************************************")
}
// Set default values
if cfg.Next == nil {
cfg.Next = ConfigDefault.Next
}
if cfg.SuccessHandler == nil {
cfg.SuccessHandler = func(c *fiber.Ctx) error {
return c.Next()
}
}
// Default Authorizer function
if cfg.Authorizer == nil {
cfg.Authorizer = func(IDToken string, CurrentURL string) (*auth.Token, error) {
if cfg.FirebaseApp == nil {
return nil, errors.New("Missing Firebase App Object")
}
client, err := cfg.FirebaseApp.Auth(context.Background())
// Verify IDToken
token, err := client.VerifyIDToken(context.Background(), IDToken)
// Throw error for bad token
if err != nil {
return nil, errors.New("Malformed Token")
}
// IF CheckEmailVerified enable in config check email is verified
if cfg.CheckEmailVerified {
checkEmail := false
if cfg.CheckEmailVerifiedIgnoredUrls != nil && len(cfg.CheckEmailVerifiedIgnoredUrls) > 0 {
for i := range cfg.IgnoreUrls {
if cfg.CheckEmailVerifiedIgnoredUrls[i] == CurrentURL {
checkEmail = true
}
}
}
if checkEmail {
// Claim email_verified from token
if !token.Claims["email_verified"].(bool) {
return nil, errors.New("Email not verified")
}
}
}
return token, nil
}
}
// Default Error Handler
if cfg.ErrorHandler == nil {
cfg.ErrorHandler = func(c *fiber.Ctx, err error) error {
if err.Error() == "Missing Token" {
return c.Status(fiber.StatusBadRequest).SendString("Missing or malformed Token")
}
if err.Error() == "Malformed Token" {
return c.Status(fiber.StatusBadRequest).SendString("Missing or malformed Token")
}
if err.Error() == "Email not verified" {
return c.Status(fiber.StatusBadRequest).SendString("Missing or malformed Token")
}
if err.Error() == "Missing Firebase App Object" {
return c.Status(fiber.StatusBadRequest).SendString("Missing or Invalid Firebase App Object")
}
return c.Status(fiber.StatusUnauthorized).SendString("Invalid or expired Token")
}
}
return cfg
}