Implementing middleware to protect specific routes

2024-08-20 13:21:40 +02:00 · 2024-08-20 13:21:40 +02:00 · 8ef4282393
commit 8ef4282393
parent 1fce6f6a48
2 changed files with 21 additions and 0 deletions
--- a/cmd/api/middleware.go
+++ b/cmd/api/middleware.go
@ -0,0 +1,14 @@
+package main
+
+import "net/http"
+
+func (app *application) Auth(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		_, err := app.authenticateToken(r)
+		if err != nil {
+			app.invalidCredentials(w)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
--- a/cmd/api/routes-api.go
+++ b/cmd/api/routes-api.go
@ -24,6 +24,13 @@ func (app *application) routes() http.Handler {

 	mux.Post("/api/authenticate", app.CreateAuthToken)
 	mux.Post("/api/is-authenticated", app.CheckAuthentication)
+	mux.Route("/api/admin", func(mux chi.Router) {
+		mux.Use(app.Auth)
+
+		mux.Get("/test", func(w http.ResponseWriter, r *http.Request) {
+			w.Write([]byte("got in"))
+		})
+	})

 	return mux
 }