mirror of
https://github.com/TracksApp/tracks.git
synced 2025-12-16 15:20:13 +01:00
Fix authentication: redirect to login page instead of showing JSON errors
The auth middleware was returning JSON error messages ("No authentication token
provided") for web UI requests, which displayed as plain text in the browser.
Changes:
- Added isAPIRequest check to detect if request is for /api/* or web UI
- For web UI requests without auth: redirect to /login (HTTP 302)
- For API requests without auth: return JSON error (HTTP 401)
- Applied same logic for all auth failure scenarios (no token, invalid token,
invalid claims, user not found)
This fixes the issue where users see JSON errors in the browser instead of
being properly redirected to the login page when authentication fails.
This commit is contained in:
Claude
parent
d2a9c79633
commit
db538f6dee
1 changed files with 23 additions and 4 deletions
|
|
@ -21,6 +21,9 @@ type Claims struct {
|
|||
// AuthMiddleware validates JWT tokens and sets the current user
|
||||
func AuthMiddleware(jwtSecret string) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
// Determine if this is an API request or web UI request
|
||||
isAPIRequest := strings.HasPrefix(c.Request.URL.Path, "/api/")
|
||||
|
||||
// Try to get token from Authorization header
|
||||
authHeader := c.GetHeader("Authorization")
|
||||
var tokenString string
|
||||
|
|
@ -47,7 +50,11 @@ func AuthMiddleware(jwtSecret string) gin.HandlerFunc {
|
|||
}
|
||||
|
||||
if tokenString == "" {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "No authentication token provided"})
|
||||
if isAPIRequest {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "No authentication token provided"})
|
||||
} else {
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
|
@ -61,14 +68,22 @@ func AuthMiddleware(jwtSecret string) gin.HandlerFunc {
|
|||
})
|
||||
|
||||
if err != nil || !token.Valid {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or expired token"})
|
||||
if isAPIRequest {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or expired token"})
|
||||
} else {
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
||||
claims, ok := token.Claims.(*Claims)
|
||||
if !ok {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token claims"})
|
||||
if isAPIRequest {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token claims"})
|
||||
} else {
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
|
@ -76,7 +91,11 @@ func AuthMiddleware(jwtSecret string) gin.HandlerFunc {
|
|||
// Load user from database
|
||||
var user models.User
|
||||
if err := database.DB.First(&user, claims.UserID).Error; err != nil {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
|
||||
if isAPIRequest {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
|
||||
} else {
|
||||
c.Redirect(http.StatusFound, "/login")
|
||||
}
|
||||
c.Abort()
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue