Add JWT token handling to document viewer and related components
This commit is contained in:
Leon Bösche
@@ -371,6 +371,9 @@ func viewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB, audi
|
||||
// Determine if it's a PDF based on file extension
|
||||
isPdf := strings.HasSuffix(strings.ToLower(file.Name), ".pdf")
|
||||
|
||||
// Get JWT token from context
|
||||
token, _ := middleware.GetToken(r.Context())
|
||||
|
||||
session := struct {
|
||||
ViewUrl string `json:"viewUrl"`
|
||||
Token string `json:"token"`
|
||||
@@ -382,7 +385,7 @@ func viewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB, audi
|
||||
ExpiresAt string `json:"expiresAt"`
|
||||
}{
|
||||
ViewUrl: downloadPath,
|
||||
Token: userIDStr, // Session token - user is already authenticated via middleware
|
||||
Token: token, // JWT token for authenticating file download
|
||||
Capabilities: struct {
|
||||
CanEdit bool `json:"canEdit"`
|
||||
CanAnnotate bool `json:"canAnnotate"`
|
||||
@@ -424,6 +427,9 @@ func userViewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB,
|
||||
// Determine if it's a PDF based on file extension
|
||||
isPdf := strings.HasSuffix(strings.ToLower(file.Name), ".pdf")
|
||||
|
||||
// Get JWT token from context
|
||||
token, _ := middleware.GetToken(r.Context())
|
||||
|
||||
session := struct {
|
||||
ViewUrl string `json:"viewUrl"`
|
||||
Token string `json:"token"`
|
||||
@@ -435,7 +441,7 @@ func userViewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB,
|
||||
ExpiresAt string `json:"expiresAt"`
|
||||
}{
|
||||
ViewUrl: downloadPath,
|
||||
Token: userIDStr, // Session token - user is already authenticated via middleware
|
||||
Token: token, // JWT token for authenticating file download
|
||||
Capabilities: struct {
|
||||
CanEdit bool `json:"canEdit"`
|
||||
CanAnnotate bool `json:"canAnnotate"`
|
||||
@@ -482,12 +488,17 @@ func editorHandler(w http.ResponseWriter, r *http.Request, db *database.DB, audi
|
||||
// Check if user can edit (for now, all org members can edit)
|
||||
readOnly := false
|
||||
|
||||
// Get JWT token from context
|
||||
token, _ := middleware.GetToken(r.Context())
|
||||
|
||||
session := struct {
|
||||
EditUrl string `json:"editUrl"`
|
||||
Token string `json:"token"`
|
||||
ReadOnly bool `json:"readOnly"`
|
||||
ExpiresAt string `json:"expiresAt"`
|
||||
}{
|
||||
EditUrl: collaboraUrl,
|
||||
Token: token, // JWT token for authenticating file access
|
||||
ReadOnly: readOnly,
|
||||
ExpiresAt: time.Now().Add(15 * time.Minute).UTC().Format(time.RFC3339),
|
||||
}
|
||||
|
||||
@@ -68,6 +68,7 @@ type contextKey string
|
||||
const (
|
||||
userKey contextKey = "user"
|
||||
sessionKey contextKey = "session"
|
||||
tokenKey contextKey = "token"
|
||||
orgKey contextKey = "org"
|
||||
)
|
||||
|
||||
@@ -83,6 +84,12 @@ func GetSession(ctx context.Context) (*database.Session, bool) {
|
||||
return session, ok
|
||||
}
|
||||
|
||||
// GetToken retrieves the JWT token from the request context
|
||||
func GetToken(ctx context.Context) (string, bool) {
|
||||
token, ok := ctx.Value(tokenKey).(string)
|
||||
return token, ok
|
||||
}
|
||||
|
||||
// Auth middleware
|
||||
func Auth(jwtManager *jwt.Manager, db *database.DB) func(http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
@@ -102,6 +109,7 @@ func Auth(jwtManager *jwt.Manager, db *database.DB) func(http.Handler) http.Hand
|
||||
|
||||
ctx := context.WithValue(r.Context(), userKey, claims.UserID)
|
||||
ctx = context.WithValue(ctx, sessionKey, session)
|
||||
ctx = context.WithValue(ctx, tokenKey, tokenString)
|
||||
next.ServeHTTP(w, r.WithContext(ctx))
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user