From 6c27419dbcb0c145d3b4df075fbe73d90aa4cf76 Mon Sep 17 00:00:00 2001 From: Hein Date: Sun, 1 Mar 2026 12:06:43 +0200 Subject: [PATCH] refactor(auth): enhance request handling with middleware-enriched context --- pkg/resolvespec/resolvespec.go | 6 +++++- pkg/restheadspec/restheadspec.go | 18 +++++++++++------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/pkg/resolvespec/resolvespec.go b/pkg/resolvespec/resolvespec.go index a67b0c7..70c75ee 100644 --- a/pkg/resolvespec/resolvespec.go +++ b/pkg/resolvespec/resolvespec.go @@ -225,7 +225,11 @@ func wrapBunRouterHandler(handler bunrouter.HandlerFunc, authMiddleware Middlewa return func(w http.ResponseWriter, req bunrouter.Request) error { // Create an http.Handler that calls the bunrouter handler httpHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - _ = handler(w, req) + // Replace the embedded *http.Request with the middleware-enriched one + // so that auth context (user ID, etc.) is visible to the handler. + enrichedReq := req + enrichedReq.Request = r + _ = handler(w, enrichedReq) }) // Wrap with auth middleware and execute diff --git a/pkg/restheadspec/restheadspec.go b/pkg/restheadspec/restheadspec.go index 32c5ede..607efe0 100644 --- a/pkg/restheadspec/restheadspec.go +++ b/pkg/restheadspec/restheadspec.go @@ -125,17 +125,17 @@ func SetupMuxRoutes(muxRouter *mux.Router, handler *Handler, authMiddleware Midd metadataPath := buildRoutePath(schema, entity) + "/metadata" // Create handler functions for this specific entity - entityHandler := createMuxHandler(handler, schema, entity, "") - entityWithIDHandler := createMuxHandler(handler, schema, entity, "id") - metadataHandler := createMuxGetHandler(handler, schema, entity, "") + var entityHandler http.Handler = createMuxHandler(handler, schema, entity, "") + var entityWithIDHandler http.Handler = createMuxHandler(handler, schema, entity, "id") + var metadataHandler http.Handler = createMuxGetHandler(handler, schema, entity, "") optionsEntityHandler := createMuxOptionsHandler(handler, schema, entity, []string{"GET", "POST", "OPTIONS"}) optionsEntityWithIDHandler := createMuxOptionsHandler(handler, schema, entity, []string{"GET", "PUT", "PATCH", "DELETE", "POST", "OPTIONS"}) // Apply authentication middleware if provided if authMiddleware != nil { - entityHandler = authMiddleware(entityHandler).(http.HandlerFunc) - entityWithIDHandler = authMiddleware(entityWithIDHandler).(http.HandlerFunc) - metadataHandler = authMiddleware(metadataHandler).(http.HandlerFunc) + entityHandler = authMiddleware(entityHandler) + entityWithIDHandler = authMiddleware(entityWithIDHandler) + metadataHandler = authMiddleware(metadataHandler) // Don't apply auth middleware to OPTIONS - CORS preflight must not require auth } @@ -289,7 +289,11 @@ func wrapBunRouterHandler(handler bunrouter.HandlerFunc, authMiddleware Middlewa return func(w http.ResponseWriter, req bunrouter.Request) error { // Create an http.Handler that calls the bunrouter handler httpHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - _ = handler(w, req) + // Replace the embedded *http.Request with the middleware-enriched one + // so that auth context (user ID, etc.) is visible to the handler. + enrichedReq := req + enrichedReq.Request = r + _ = handler(w, enrichedReq) }) // Wrap with auth middleware and execute