From 8255fbdd7d9d595e71545b7c6909114024527a34 Mon Sep 17 00:00:00 2001
From: Santo Cariotti <santo@dcariotti.me>
Date: Thu, 17 Apr 2025 22:08:43 +0200
Subject: Logger with also stdout and move logic to network.Me() instead of
 network.Peer()

---
 internal/api/middleware/middleware.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'internal/api/middleware')

diff --git a/internal/api/middleware/middleware.go b/internal/api/middleware/middleware.go
index 0334e78..d7c5a30 100644
--- a/internal/api/middleware/middleware.go
+++ b/internal/api/middleware/middleware.go
@@ -1,12 +1,16 @@
 package middleware
 
 import (
+	"context"
 	"encoding/json"
 	"net/http"
 
 	"github.com/boozec/rahanna/internal/api/auth"
 )
 
+// AuthMiddleware ensures that the requester has passed the Authorization
+// header with a valid JWY token.
+// It passes the claims item via context
 func AuthMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		tokenString := r.Header.Get("Authorization")
@@ -22,7 +26,7 @@ func AuthMiddleware(next http.Handler) http.Handler {
 			return
 		}
 
-		_, err := auth.ValidateJWT(tokenString)
+		claims, err := auth.ValidateJWT(tokenString)
 		if err != nil {
 			w.WriteHeader(http.StatusUnauthorized)
 
@@ -31,6 +35,9 @@ func AuthMiddleware(next http.Handler) http.Handler {
 			w.Write([]byte(payload))
 			return
 		}
-		next.ServeHTTP(w, r)
+
+		ctx := context.WithValue(r.Context(), "claims", claims)
+
+		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }
-- 
cgit v1.2.3-18-g5258