This can verify a JWT using the JWKS fetched from an OAuth's endpoint.

2025-12-14 05:57:00 -05:00 · 2024-02-09 19:30:50 -05:00 · 2024-02-09 19:30:50 -05:00 · ac18b94a86
commit ac18b94a86
parent d4b2d5fefb
6 changed files with 173 additions and 10 deletions
--- a/Routes/PowerItemRoutes.go
+++ b/Routes/PowerItemRoutes.go
@ -1,19 +1,42 @@
-package routes
+package Routes

 import (
+	"fmt"
+	"net/http"
+
 	"forgejo.merr.is/annika/isl-api/Controllers"
 	"github.com/go-chi/chi/v5"
+	"github.com/moosetheory/jwtauth/v5"
 )

-func SetupPowerItemRoutes(c Controllers.PowerItemController) *chi.Mux {
+func SetupPowerItemRoutes(c Controllers.PowerItemController, tokenAuth *jwtauth.JWTAuth) *chi.Mux {
 	r := chi.NewRouter()

 	r.Get("/", c.GetAll)
 	r.Get("/asMap", c.GetAllAsMap)
 	r.Get("/byType/{type:[1-3]}", c.GetAllByType)
 	r.Get("/byType/{type:[1-3]}/asMap", c.GetAllByTypeAsMap)
-	r.Post("/", c.Add)
-	r.Post("/multiple", c.AddMultiple)
+
+	ar := chi.NewRouter()
+	ar.Group(func(r chi.Router) {
+		r.Use(jwtauth.Verifier(tokenAuth))
+		r.Use(jwtauth.Authenticator(tokenAuth))
+
+		r.Get("/test", authTest)
+		r.Post("/", c.Add)
+		r.Post("/multiple", c.AddMultiple)
+	})
+	r.Mount("/", ar)

 	return r
 }
+
+func authTest(w http.ResponseWriter, r *http.Request) {
+	token, claims, err := jwtauth.FromContext(r.Context())
+	if err != nil {
+		panic(err)
+	}
+	fmt.Printf("%+v\n", token)
+	fmt.Printf("%+v\n", claims)
+	fmt.Fprint(w, "hi")
+}