Social Visual Page

Building a Social Network #3: Auth Middlewares #golang #sql

Part 3 of building a social network for anime and manga fans. CockroachDB as the SQL database and Go as the back-end language. In this part we build two middlewares: maybeAuthUserID detects if the request comes with an “Authorization” header or a “jwt” cookie to extract the JWT from it, if none, it will just pass to the next middleware. In case of, it will parse and extract the claims from the JWT to put the “sub” (subject == userID) in the request context. mustAuthUser uses the “pipe” function the utilice the previous middleware first, and then make sure that authUserID is in the request context, in that case, it fetches more user fields from the database (username and avatar_url) to fill the User model and put it on the request context. The first middleware comes handy for GET requests when you can be authenticated or not. The second one is for POST, PATCH or DELETE requests when the user must be strictly authenticated. Could be a great idea to refresh the JWT here too, but just in case of cookie usage. #golang #sql #cockroachdb

Leave a Reply

Your email address will not be published. Required fields are marked *