From 3d80072e7bf8e6882a8adc5159ce2acc25be4072 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20B=C3=B6sche?= Date: Sun, 11 Jan 2026 17:31:17 +0100 Subject: [PATCH] Add AUTH-TOKEN logging to middleware for debugging token extraction --- go_cloud/internal/middleware/middleware.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/go_cloud/internal/middleware/middleware.go b/go_cloud/internal/middleware/middleware.go index 46eec90..4b3c469 100644 --- a/go_cloud/internal/middleware/middleware.go +++ b/go_cloud/internal/middleware/middleware.go @@ -2,6 +2,7 @@ package middleware import ( "context" + "fmt" "net/http" "regexp" "strings" @@ -160,24 +161,33 @@ func Auth(jwtManager *jwt.Manager, db *database.DB) func(http.Handler) http.Hand return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { authHeader := r.Header.Get("Authorization") var tokenString string + var tokenSource string if strings.HasPrefix(authHeader, "Bearer ") { tokenString = strings.TrimPrefix(authHeader, "Bearer ") + tokenSource = "header" } else { // Fallback to query parameter token (for viewers that cannot set headers) qToken := r.URL.Query().Get("token") if qToken == "" { + fmt.Printf("[AUTH-TOKEN] source=none, path=%s, statusCode=401\n", r.RequestURI) http.Error(w, "Unauthorized", http.StatusUnauthorized) return } tokenString = qToken + tokenSource = "query" } + fmt.Printf("[AUTH-TOKEN] source=%s, path=%s\n", tokenSource, r.RequestURI) + claims, session, err := jwtManager.ValidateWithSession(r.Context(), tokenString, db) if err != nil { + fmt.Printf("[AUTH-TOKEN] validation_failed, source=%s, path=%s, error=%v\n", tokenSource, r.RequestURI, err) http.Error(w, "Unauthorized", http.StatusUnauthorized) return } + fmt.Printf("[AUTH-TOKEN] valid, source=%s, userId=%s\n", tokenSource, claims.UserID) + ctx := context.WithValue(r.Context(), UserKey, claims.UserID) ctx = context.WithValue(ctx, SessionKey, session) ctx = context.WithValue(ctx, TokenKey, tokenString)