souzace · July 7, 2020 03:44
diff --git a/main.go b/main.go
 //original code by @Elliot_f of Tutorial Edge youtube channel: https://www.youtube.com/watch?v=-Scg9INymBs
 //some adaptations to use with gorilla/mux 

 package main

 import (
 	"encoding/json"
 	"fmt"
 	jwt "github.com/dgrijalva/jwt-go"
 	"github.com/gorilla/mux"
 	"log"
 	"net/http"
 	"time"
 )

 var mySigningKey = []byte("mysupersecretphrase")

 func GenerateJWT() (string, error) {
 	token := jwt.New(jwt.SigningMethodHS256)
 	claims := token.Claims.(jwt.MapClaims)
 	claims["authorized"] = true
 	claims["user"] = "Fabio Souza"
 	claims["exp"] = time.Now().Add(time.Minute * 30).Unix()

 	tokenString, err := token.SignedString(mySigningKey)

 	if err != nil {
 		log.Fatal(err)
 		return "", err
 	}

 	return tokenString, nil
 }

 func isAuthorized(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.Header["Token"] != nil {
 			token, err := jwt.Parse(r.Header["Token"][0], func(token *jwt.Token) (interface{}, error) {
 				if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
 					return nil, fmt.Errorf("There was an error")
 				}
 				return mySigningKey, nil
 			})

 			if err != nil {
 				fmt.Fprintf(w, err.Error())
 			}

 			if token.Valid {
 				next.ServeHTTP(w, r)
 			}

 		} else {
 			fmt.Fprintf(w, "Not Authorized")
 		}

 	})
 }

 func getAllUsers(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")

 	fmt.Fprintf("Get Users endpoint")
 }

 func main() {
  
  router := mux.NewRouter()

 	tokenString, err := GenerateJWT()

 	if err != nil {
 		log.Fatal(err)
 	}

 	fmt.Println(tokenString)

 	//Router without middleware
 	router.Path("/api/user").Methods("POST").Handler(http.HandlerFunc(createUser))

 	api := router.PathPrefix("/api").Subrouter()

 	api.Use(isAuthorized)

 	// Router Handlers / Endpoints
 	api.Path("/users").Methods("GET").Handler(http.HandlerFunc(getUsers))
 	log.Fatal(http.ListenAndServe(":8000", router))

 }
	//original code by @Elliot_f of Tutorial Edge youtube channel: https://www.youtube.com/watch?v=-Scg9INymBs
	//some adaptations to use with gorilla/mux

	package main

	import (
	"encoding/json"
	"fmt"
	jwt "github.com/dgrijalva/jwt-go"
	"github.com/gorilla/mux"
	"log"
	"net/http"
	"time"
	)

	var mySigningKey = []byte("mysupersecretphrase")

	func GenerateJWT() (string, error) {
	token := jwt.New(jwt.SigningMethodHS256)
	claims := token.Claims.(jwt.MapClaims)
	claims["authorized"] = true
	claims["user"] = "Fabio Souza"
	claims["exp"] = time.Now().Add(time.Minute * 30).Unix()

	tokenString, err := token.SignedString(mySigningKey)

	if err != nil {
	log.Fatal(err)
	return "", err
	}

	return tokenString, nil
	}

	func isAuthorized(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
	if r.Header["Token"] != nil {
	token, err := jwt.Parse(r.Header["Token"][0], func(token *jwt.Token) (interface{}, error) {
	if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
	return nil, fmt.Errorf("There was an error")
	}
	return mySigningKey, nil
	})

	if err != nil {
	fmt.Fprintf(w, err.Error())
	}

	if token.Valid {
	next.ServeHTTP(w, r)
	}

	} else {
	fmt.Fprintf(w, "Not Authorized")
	}

	})
	}

	func getAllUsers(w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Content-Type", "application/json")

	fmt.Fprintf("Get Users endpoint")
	}

	func main() {

	router := mux.NewRouter()

	tokenString, err := GenerateJWT()

	if err != nil {
	log.Fatal(err)
	}

	fmt.Println(tokenString)

	//Router without middleware
	router.Path("/api/user").Methods("POST").Handler(http.HandlerFunc(createUser))

	api := router.PathPrefix("/api").Subrouter()

	api.Use(isAuthorized)

	// Router Handlers / Endpoints
	api.Path("/users").Methods("GET").Handler(http.HandlerFunc(getUsers))
	log.Fatal(http.ListenAndServe(":8000", router))

	}