How to retrieve the authenticated user in Golang

Question

func Login(c echo.Context) error {
    user := &users.User{}
    if err := c.Bind(&user); err != nil {
        return err
    }

    return token.SigIn(c, user.Email, user.Password)
}

This is my Login function that retrieve the token when the user send the requests.

the Signin func that handle the token

func SigIn(c echo.Context, email, password string) error {
    user := users.User{}

    db := database.SetUp()

    if err := db.Where("email = ?", email).First(&user).Error; gorm.IsRecordNotFoundError(err) {

        restErr := errors.NewBadRequestError("Invalid credentials")

        return c.JSON(http.StatusBadRequest, restErr)
    }

    if user.VerifyPassword(password) != nil {
        restErr := errors.NewUnauthorizedError("Couldn't log you in with these credentials")

        return c.JSON(http.StatusUnauthorized, restErr)
    }

    //user is successfull

    return CreateToken(c)
}

the CreateToken func is as follow

type TokenJWT struct {
    Token string `json:"token"`
}

func CreateToken(c echo.Context) error {
    token := jwt.New(jwt.SigningMethodHS256)

    claims := token.Claims.(jwt.MapClaims)
    claims["authorized"] = true
    claims["name"] = "Pascal Gaetan"
    claims["exp"] = time.Now().Add(time.Hour * 1).Unix()

    // Generate encoded token and send it as response.
    t, err := token.SignedString([]byte("my_secret_key"))
    if err != nil {
        return err
    }

    return c.JSON(http.StatusOK, TokenJWT{
        Token: t,
    })
}

when everyhting is succesfull, i would like to get the authenticated user through an URL /api/me that calls a Me function

Oleg · Accepted Answer

Let me split your question into two parts: the first one is how to easily encode and decode user in or from JWT token and the second part is how to write a generic code which can retrieve user from everywhere.

From your example I mentioned that you created a MapClaims but to reduce parsing complexity it will be better to create a token using a custom claims type. If you are using dgrijalva/jwt-go, then according to documentation you can do something like that

type UserClaims struct {
    Name string `json:"name"`
    jwt.StandardClaims
}

// encode it as before, but with your created type 
t := jwt.New(signer)
userClaims := &UserClaims{Name: "Burmese"}
t.Claims = userClaims
tokenString, err = t.SignedString(]byte("my_secret_key"))

then you can parse your user in your router/framework middleware with

tokenString := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJleHAiOjE1MDAwLCJpc3MiOiJ0ZXN0In0.HE7fK0xOQwFEr4WDgRWj4teRPZ6i3GLwD5YCm6Pwu_c"

token, err := jwt.ParseWithClaims(tokenString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
    return []byte("my_secret_key"), nil
})

if claims, ok := token.Claims.(*UserClaims); ok && token.Valid {
    fmt.Printf("%v %v", claims.Name, claims.StandardClaims.ExpiresAt)
} else {
    fmt.Println(err)
}

This example was adopted from an official documentation here

Now you know how to parse authenticated user struct with ease and the next logic move is to wrap it into your middleware. Whether there are a lot of implementation details like you can retrieve JWT from cookie, header or query, also defining some ordering on them, the gist the following: you should have wrapped abovementioned code into your middleware and after parsing the struct you can pass it via your request context. I don't use echo and other frameworks, but for pure net/http you can pass your parsed struct from middleware with

context.WithValue(ctx, UserCtxKey, claims)

Hope it helps!

How to retrieve the authenticated user in Golang

Answers (2)

Related Questions