[#149] Move middlewares to separate package

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-07-05 17:04:52 +03:00 · 2023-07-05 17:04:52 +03:00 · 83cdfbee78
commit 83cdfbee78
parent 37f2f468fe
7 changed files with 615 additions and 221 deletions
--- a/api/middleware/auth.go
+++ b/api/middleware/auth.go
@ -0,0 +1,51 @@
+package middleware
+
+import (
+	"context"
+	"net/http"
+
+	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"go.uber.org/zap"
+)
+
+// KeyWrapper is wrapper for context keys.
+type KeyWrapper string
+
+// AuthHeaders is a wrapper for authentication headers of a request.
+var AuthHeaders = KeyWrapper("__context_auth_headers_key")
+
+// BoxData is an ID used to store accessbox.Box in a context.
+var BoxData = KeyWrapper("__context_box_key")
+
+// ClientTime is an ID used to store client time.Time in a context.
+var ClientTime = KeyWrapper("__context_client_time")
+
+func Auth(center auth.Center, log *zap.Logger) Func {
+	return func(h http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			ctx := r.Context()
+			box, err := center.Authenticate(r)
+			if err != nil {
+				if err == auth.ErrNoAuthorizationHeader {
+					reqLogOrDefault(ctx, log).Debug("couldn't receive access box for gate key, random key will be used")
+				} else {
+					reqLogOrDefault(ctx, log).Error("failed to pass authentication", zap.Error(err))
+					if _, ok := err.(errors.Error); !ok {
+						err = errors.GetAPIError(errors.ErrAccessDenied)
+					}
+					WriteErrorResponse(w, GetReqInfo(r.Context()), err)
+					return
+				}
+			} else {
+				ctx = context.WithValue(ctx, BoxData, box.AccessBox)
+				if !box.ClientTime.IsZero() {
+					ctx = context.WithValue(ctx, ClientTime, box.ClientTime)
+				}
+				ctx = context.WithValue(ctx, AuthHeaders, box.AuthHeaders)
+			}
+
+			h.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}