dmit.b
33 lines
1021 B
Dart
33 lines
1021 B
Dart
import 'package:shelf/shelf.dart';
|
|
import 'package:dart_jsonwebtoken/dart_jsonwebtoken.dart';
|
|
import 'package:dotenv/dotenv.dart';
|
|
|
|
class AuthMiddleware {
|
|
final Future<Response> Function(Request, String) handler;
|
|
|
|
AuthMiddleware(this.handler);
|
|
|
|
Future<Response> call(Request request) async {
|
|
final authorization = request.headers['authorization'];
|
|
|
|
if (authorization == null || !authorization.startsWith('Bearer ')) {
|
|
return Response(401, body: 'Authorization header missing or invalid');
|
|
}
|
|
|
|
final token = authorization.substring(7);
|
|
|
|
try {
|
|
final dotenv = DotEnv();
|
|
final secret = dotenv['JWT_SECRET'] ?? '';
|
|
final jwt = JWT.verify(token, SecretKey(secret));
|
|
final payload = jwt.payload;
|
|
final login = payload['login'] as String;
|
|
|
|
return handler(request, login);
|
|
} on JWTExpiredException {
|
|
return Response(401, body: 'Token expired');
|
|
} on JWTException {
|
|
return Response(401, body: 'Invalid token');
|
|
}
|
|
}
|
|
} |