refactor: add option to allow jwt to be bypassed if there is no token
This commit is contained in:
parent
ca12b99438
commit
bf8d909a3c
|
@ -97,6 +97,7 @@ type AuthMiddlewareOptions struct {
|
||||||
Purpose account.JWTPurpose
|
Purpose account.JWTPurpose
|
||||||
AuthContextKey string
|
AuthContextKey string
|
||||||
Config *config.Manager
|
Config *config.Manager
|
||||||
|
EmptyAllowed bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handler {
|
func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handler {
|
||||||
|
@ -114,7 +115,11 @@ func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handl
|
||||||
authToken := options.FindToken(r)
|
authToken := options.FindToken(r)
|
||||||
|
|
||||||
if authToken == "" {
|
if authToken == "" {
|
||||||
http.Error(w, "Invalid JWT", http.StatusUnauthorized)
|
if !options.EmptyAllowed {
|
||||||
|
http.Error(w, "Invalid JWT", http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
next.ServeHTTP(w, r)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue