package main import ( "strings" "github.com/labstack/echo" ) var skipPaths []string = []string{"/metrics"} // TokenMiddleware handles authentication func TokenMiddleware(next echo.HandlerFunc) echo.HandlerFunc { return func(c echo.Context) error { // Skip selected paths var skip bool for _, path := range skipPaths { if path == c.Request().URL.Path { skip = true } } tokenHeader := c.Request().Header.Get("Authorization") token := strings.Replace(tokenHeader, "Token ", "", -1) if token == "" && !skip { token = c.QueryParam("token") } if (token != config.Token || config.Token == "") && !skip { return c.JSONPretty(403, map[string]string{"message": "access denied"}, " ") } if err := next(c); err != nil { c.Error(err) } return nil } }