acrius/food-ai
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a225f6c47ab13685849a1ce6bdc075d788c09574
food-ai/backend/internal/middleware/auth.go
dbastrikin 24219b611e feat: implement Iteration 0 foundation (backend + Flutter client) 
Backend (Go):
- Project structure with chi router, pgxpool, goose migrations
- JWT auth (access/refresh tokens) with Firebase token verification
- NoopTokenVerifier for local dev without Firebase credentials
- PostgreSQL user repository with atomic profile updates (transactions)
- Mifflin-St Jeor calorie calculation based on profile data
- REST API: POST /auth/login, /auth/refresh, /auth/logout, GET/PUT /profile, GET /health
- Middleware: auth, CORS (localhost wildcard), logging, recovery, request_id
- Unit tests (51 passing) and integration tests (testcontainers)
- Docker Compose setup with postgres healthcheck and graceful shutdown

Flutter client:
- Riverpod state management with GoRouter navigation
- Firebase Auth (email/password + Google sign-in with web popup support)
- Platform-aware API URLs (web/Android/iOS)
- Dio HTTP client with JWT auth interceptor and concurrent refresh handling
- Secure token storage
- Screens: Login, Register, Home (tabs: Menu, Recipes, Products, Profile)
- Unit tests (17 passing)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-20 13:14:58 +02:00

57 lines
1.4 KiB
Go
Raw Blame History

package middleware
import (
"context"
"net/http"
"strings"
)
const (
userIDKey contextKey = "user_id"
userPlanKey contextKey = "user_plan"
)
// TokenClaims represents the result of validating an access token.
type TokenClaims struct {
UserID string
Plan string
}
// AccessTokenValidator validates JWT access tokens.
type AccessTokenValidator interface {
ValidateAccessToken(tokenStr string) (*TokenClaims, error)
}
func Auth(validator AccessTokenValidator) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
header := r.Header.Get("Authorization")
if !strings.HasPrefix(header, "Bearer ") {
http.Error(w, `{"error":"unauthorized"}`, http.StatusUnauthorized)
return
}
tokenStr := strings.TrimPrefix(header, "Bearer ")
claims, err := validator.ValidateAccessToken(tokenStr)
if err != nil {
http.Error(w, `{"error":"invalid token"}`, http.StatusUnauthorized)
return
}
ctx := context.WithValue(r.Context(), userIDKey, claims.UserID)
ctx = context.WithValue(ctx, userPlanKey, claims.Plan)
next.ServeHTTP(w, r.WithContext(ctx))
})
}
}
func UserIDFromCtx(ctx context.Context) string {
id, _ := ctx.Value(userIDKey).(string)
return id
}
func UserPlanFromCtx(ctx context.Context) string {
plan, _ := ctx.Value(userPlanKey).(string)
return plan
}
Reference in New Issue View Git Blame Copy Permalink