package middleware import ( "crypto/tls" "encoding/json" "log" "net/http" "strings" "time" "users_management/m/model/dto/res" "users_management/m/model/entity" "users_management/m/usecase" "users_management/m/utils/common" "github.com/gin-gonic/gin" ) func AuthMiddleware(userUC usecase.UsersUsecase) gin.HandlerFunc { return func(c *gin.Context) { token := c.GetHeader("Authorization") if token == "" { common.ErrorResponses(c, http.StatusUnauthorized, "authorization token required") c.Abort() return } token = strings.TrimPrefix(token, "Bearer ") c.Set("token", token) req, err := http.NewRequest("POST", "https://demo.api-hrm.winteraccess.id/api/v2/auth/me", nil) if err != nil { common.ErrorResponses(c, http.StatusInternalServerError, err.Error()) c.Abort() return } req.Header.Set("Authorization", "Bearer "+token) req.Header.Set("Accept", "application/json") var client *http.Client tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, } client = &http.Client{ Transport: tr, Timeout: 30 * time.Second, } resp, err := client.Do(req) if err != nil { common.ErrorResponses(c, http.StatusInternalServerError, err.Error()) c.Abort() return } defer resp.Body.Close() if resp.StatusCode != http.StatusOK { common.ErrorResponses(c, http.StatusUnauthorized, "Unauthorized") c.Abort() return } var authResponse res.AuthMeResponse if err := json.NewDecoder(resp.Body).Decode(&authResponse); err != nil { common.ErrorResponses(c, http.StatusInternalServerError, err.Error()) c.Abort() return } // Set basic user info from external API var user entity.User // Check if user exists in local database user, err = userUC.GetUserByUsername(strings.ToLower(authResponse.Data.Username)) c.Set("userID", user.ID) c.Set("userName", user.Username) log.Println("User data from local DB:", user.ID) if err != nil { defaultRole := "Teknisi" c.Set("userRole", defaultRole) } else { // User exists in local DB, use their assigned role c.Set("userRole", user.Role.Name) } c.Next() } }