kleinTodo/common/jwt/verify.go

package jwt

import (
	_ "context"
	"errors"
	"fmt"
	"net/http"
	"os"
	"strings"

	"gitea.kleinsense.nl/DariusKlein/kleinTodo/common"
	"github.com/golang-jwt/jwt/v5"
)

func GetVerifiedUser(r *http.Request) (string, error) {
	authHeader := r.Header.Get(common.AuthHeader)
	if authHeader == "" {
		return "", errors.New("authorization header is required")
	}

	parts := strings.Split(authHeader, " ")
	if len(parts) != 2 || strings.ToLower(parts[0]) != "bearer" {
		return "", errors.New("authorization header format must be Bearer {token}")
	}

	verifiedUser, err := VerifyJWT(parts[1])
	if err != nil {
		return "", fmt.Errorf("invalid token: %w", err)
	}

	return verifiedUser, nil
}

// VerifyJWT verify JWT token and returns user object
func VerifyJWT(authToken string) (string, error) {
	//get jwt secret from environment
	secret := os.Getenv("JWT_SECRET")
	//parse jwt token
	token, err := jwt.ParseWithClaims(authToken, &jwt.RegisteredClaims{}, func(token *jwt.Token) (interface{}, error) {
		return []byte(secret), nil
	})
	if err != nil {
		return "", err
	}
	subject := token.Claims.(*jwt.RegisteredClaims).Subject
	return subject, err
}
first commit 2025-07-26 23:31:00 +02:00			`package jwt`

			`import (`
			`_ "context"`
WIP client implementation 2025-08-23 19:14:16 +02:00			`"errors"`
			`"fmt"`
first commit 2025-07-26 23:31:00 +02:00			`"net/http"`
			`"os"`
			`"strings"`
refactor + added client 2025-08-23 13:28:48 +02:00
			`"gitea.kleinsense.nl/DariusKlein/kleinTodo/common"`
			`"github.com/golang-jwt/jwt/v5"`
first commit 2025-07-26 23:31:00 +02:00			`)`

			`func GetVerifiedUser(r *http.Request) (string, error) {`
WIP client implementation 2025-08-23 19:14:16 +02:00			`authHeader := r.Header.Get(common.AuthHeader)`
			`if authHeader == "" {`
			`return "", errors.New("authorization header is required")`
			`}`

			`parts := strings.Split(authHeader, " ")`
			`if len(parts) != 2 \|\| strings.ToLower(parts[0]) != "bearer" {`
			`return "", errors.New("authorization header format must be Bearer {token}")`
			`}`

			`verifiedUser, err := VerifyJWT(parts[1])`
first commit 2025-07-26 23:31:00 +02:00			`if err != nil {`
WIP client implementation 2025-08-23 19:14:16 +02:00			`return "", fmt.Errorf("invalid token: %w", err)`
first commit 2025-07-26 23:31:00 +02:00			`}`
WIP client implementation 2025-08-23 19:14:16 +02:00
			`return verifiedUser, nil`
first commit 2025-07-26 23:31:00 +02:00			`}`

			`// VerifyJWT verify JWT token and returns user object`
			`func VerifyJWT(authToken string) (string, error) {`
			`//get jwt secret from environment`
			`secret := os.Getenv("JWT_SECRET")`
			`//parse jwt token`
			`token, err := jwt.ParseWithClaims(authToken, &jwt.RegisteredClaims{}, func(token *jwt.Token) (interface{}, error) {`
			`return []byte(secret), nil`
			`})`
			`if err != nil {`
			`return "", err`
			`}`
			`subject := token.Claims.(*jwt.RegisteredClaims).Subject`
			`return subject, err`
			`}`