Hi, (thx for having merged so quickly my PR on Context injection ^^)

maybe you can use belown method <div class="highlight highlight-source-go notrans

Hi <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

different Authorizator depending on Router Groups about gin-jwt HOT 5 OPEN

appleboy commented on May 20, 2024 10

different Authorizator depending on Router Groups

from gin-jwt.

Comments (5)

gonboy commented on May 20, 2024 2

maybe you can use belown method

func xxAuthorizator func(userID string, c *gin.Context) bool {
    claims := jwt.ExtractClaims(c)
    //.... get token and do your things
}

from gin-jwt.

arrwhidev commented on May 20, 2024

Hi @philippecarle, or anyone else, did you find an elegant solution to this?

I also would like to pass a different Authorizator function for different groups, ideally without creating multiple middlewares.

Thanks!

from gin-jwt.

commented on May 20, 2024

@arrwhidev you can create a single middleware and switch between its parameter:

func GroupAuthorizator(group string) gin.HandlerFunc {
	return func(c *gin.Context) {
		switch group {
		case "product":
			usr, _ := c.Get("id")
			fmt.Println(usr.(*models.User).UserName)
			c.Next()
                        return
		default:
			jwt.Unauthorized(c, http.StatusForbidden, jwt.HTTPStatusMessageFunc(jwt.ErrForbidden, c))
		}
	}
}

And then, create your gin group router like this:

t := &ProductRouter{}
tR := r.Group("/product")
tR.Use(jwt.MiddlewareFunc(), GroupAuthorizator("product"))
tR.GET("/", t.GetProduct)

from gin-jwt.

tomriddle1234 commented on May 20, 2024

@alcmoraes, could you be more detailed ? how to distinguish normal user, admin user, guest user?

usr, _ := c.Get("id")
fmt.Println(usr.(*models.User).UserName)
c.Next()
return

Could you explain these lines ?

from gin-jwt.

tomriddle1234 commented on May 20, 2024

Currently I hacked in the gin-jwt source code, like this, to by pass the authenticator function for normal users, so I achieved 3 roles, normal user, admin, and guest without login

// NormalMiddlewareFunc makes GinJWTMiddleware implement the Middleware interface by pass the admin identity check
func (mw *GinJWTMiddleware) NormalMiddlewareFunc() gin.HandlerFunc {
	return func(c *gin.Context) {
		mw.normalMiddlewareImpl(c)
	}
}

func (mw *GinJWTMiddleware) normalMiddlewareImpl(c *gin.Context) {
	claims, err := mw.GetClaimsFromJWT(c)
	if err != nil {
		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(err, c))
		return
	}

	if claims["exp"] == nil {
		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(ErrMissingExpField, c))
		return
	}

	if _, ok := claims["exp"].(float64); !ok {
		mw.unauthorized(c, http.StatusBadRequest, mw.HTTPStatusMessageFunc(ErrWrongFormatOfExp, c))
		return
	}

	if int64(claims["exp"].(float64)) < mw.TimeFunc().Unix() {
		mw.unauthorized(c, http.StatusUnauthorized, mw.HTTPStatusMessageFunc(ErrExpiredToken, c))
		return
	}

	c.Set("JWT_PAYLOAD", claims)
	identity := mw.IdentityHandler(c)

	if identity != nil {
		c.Set(mw.IdentityKey, identity)
	}

	c.Next()
}

Then I used such middleware function like,

	knowledgeRoutes := router.Group("/data")
	{
		knowledgeRoutes.Use(jwtMiddleware.NormalMiddlewareFunc())
		{
			//these fetch functions record statistics
			knowledgeRoutes.GET("/getknowledgelist",  getKnowledgeListHandler)
			knowledgeRoutes.GET("/getallknowledge", getAllKnowledgeHandler)
			knowledgeRoutes.GET("/getknowledge/:name", getKnowledgeByNameHandler)
			knowledgeRoutes.GET("/getknowledgelogo/:name", getKnowledgeLogoHandler)
			knowledgeRoutes.POST("/searchknowledge/:keyword", searchKnowledgeKeywordHandler)
		}

	}

from gin-jwt.

different Authorizator depending on Router Groups about gin-jwt HOT 5 OPEN

Comments (5)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent