From 720e6914fb9cf4d15d570ba9863bb7315cb04b98 Mon Sep 17 00:00:00 2001
From: behrooz <razzaghi.b@gmail.com>
Date: Fri, 15 Aug 2025 18:23:50 +0330
Subject: [PATCH] fix token issue

---
 handler/handler.go | 65 ++++++++++++++++++++++++++++++++++------------
 helpers/helpers.go |  5 ++--
 2 files changed, 52 insertions(+), 18 deletions(-)

diff --git a/handler/handler.go b/handler/handler.go
index 6e74d6b..144d5b7 100644
--- a/handler/handler.go
+++ b/handler/handler.go
@@ -32,8 +32,28 @@ import (
 	"k8s.io/client-go/tools/remotecommand"
 )
 
+func Authorization(w http.ResponseWriter, r *http.Request) {
+
+	var header models.Header
+	var user models.User
+	header.Authorization = r.Header.Get("Authorization")
+	err := helpers.DecodeJwt(&header.Authorization, &user)
+	if err != nil {
+		http.Error(w, "Anauthorized User", http.StatusUnauthorized)
+		return
+	}
+
+	err = helpers.ValidateUser(user.Username)
+	if err != nil {
+		http.Error(w, "Anauthorized User", http.StatusUnauthorized)
+		return
+	}
+
+}
+
 func CreateClusterHandler(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	var cluster models.Cluster
 	_ = json.NewDecoder(r.Body).Decode(&cluster)
 
@@ -71,6 +91,7 @@ func CreateClusterHandler(w http.ResponseWriter, r *http.Request) {
 
 func Deletecluster(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clusterName := r.URL.Query().Get("Name")
 	if clusterName == "" {
 		http.Error(w, "Invalid input", http.StatusBadRequest)
@@ -122,16 +143,7 @@ func getClientset(w http.ResponseWriter, clustername string) (*kubernetes.Client
 
 func ListUserClusters(w http.ResponseWriter, r *http.Request) {
 
-	var header models.Header
-	var user models.User
-	header.Authorization = r.Header.Get("Authorization")
-	helpers.DecodeJwt(&header.Authorization, &user)
-
-	err := helpers.ValidateUser(user.Username)
-	if err != nil {
-		http.Error(w, "Anauthorized User", http.StatusUnauthorized)
-		return
-	}
+	Authorization(w, r)
 	_, clusterList := argohandler.ListUserClusters("userid")
 
 	w.Header().Set("Content-Type", "application/json")
@@ -141,6 +153,7 @@ func ListUserClusters(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_namespaces(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 
 	if clustername == "" {
@@ -175,6 +188,7 @@ func Cluster_namespaces(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_services(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -225,6 +239,7 @@ func Cluster_services(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_statefulset(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -273,6 +288,7 @@ func Cluster_statefulset(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_daemonsets(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -324,6 +340,7 @@ func Cluster_daemonsets(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_deployments(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -384,6 +401,7 @@ func servicePortsToString(ports []corev1.ServicePort) string {
 }
 func Cluster_pods(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -443,12 +461,15 @@ func getClusterConfig(clustername string) (string, error) {
 	}
 
 	decoded, err := base64.StdEncoding.DecodeString(existsCluster.Cluster_config)
-
-	return string(decoded), nil
+	if err != nil {
+		return string(decoded), nil
+	}
+	return "", err
 }
 
 func Connect(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clusterName := r.URL.Query().Get("Name")
 	if clusterName == "" {
 		http.Error(w, "Missing 'Name' parameter", http.StatusBadRequest)
@@ -470,12 +491,9 @@ func Connect(w http.ResponseWriter, r *http.Request) {
 
 }
 
-// func Cluster_details(w http.ResponseWriter, r *http.Request) {
-
-// }
-
 func Cluster_jobs(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -538,6 +556,7 @@ func Cluster_jobs(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_replicasets(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -583,6 +602,7 @@ func Cluster_replicasets(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_replicationcontrollers(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -625,6 +645,7 @@ func Cluster_replicationcontrollers(w http.ResponseWriter, r *http.Request) {
 
 func Cluster_cronjobs(w http.ResponseWriter, r *http.Request) {
 
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 
@@ -671,6 +692,8 @@ func Cluster_cronjobs(w http.ResponseWriter, r *http.Request) {
 }
 
 func Pod_logs(w http.ResponseWriter, r *http.Request) {
+
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	podName := r.URL.Query().Get("Pod")
@@ -707,6 +730,7 @@ func Pod_logs(w http.ResponseWriter, r *http.Request) {
 }
 
 func Pod_exec(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	podName := r.URL.Query().Get("Pod")
@@ -775,6 +799,7 @@ func Pod_exec(w http.ResponseWriter, r *http.Request) {
 }
 
 func Pod_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	podName := r.URL.Query().Get("Pod")
@@ -801,6 +826,7 @@ func Pod_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Service_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	serviceName := r.URL.Query().Get("serviceName")
@@ -827,6 +853,7 @@ func Service_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Deployment_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	deploymenteName := r.URL.Query().Get("deploymenteName")
@@ -853,6 +880,7 @@ func Deployment_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func StatefulSet_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	statefulSetName := r.URL.Query().Get("statefulSetName")
@@ -879,6 +907,7 @@ func StatefulSet_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Daemonsets_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	daemonsetsName := r.URL.Query().Get("daemonsetsName")
@@ -905,6 +934,7 @@ func Daemonsets_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func JobsName_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	jobsName := r.URL.Query().Get("jobsName")
@@ -931,6 +961,7 @@ func JobsName_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Replicaset_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	replicasetName := r.URL.Query().Get("replicasetName")
@@ -957,6 +988,7 @@ func Replicaset_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Replicationcontroller_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	replicationcontrollerName := r.URL.Query().Get("replicationcontrollerName")
@@ -983,6 +1015,7 @@ func Replicationcontroller_delete(w http.ResponseWriter, r *http.Request) {
 }
 
 func Cronjob_delete(w http.ResponseWriter, r *http.Request) {
+	Authorization(w, r)
 	clustername := r.URL.Query().Get("Name")
 	namespace := r.URL.Query().Get("Namespace")
 	cronjobName := r.URL.Query().Get("cronjobName")
diff --git a/helpers/helpers.go b/helpers/helpers.go
index 0f0e087..760fab3 100644
--- a/helpers/helpers.go
+++ b/helpers/helpers.go
@@ -69,7 +69,7 @@ func Human(d time.Duration) string {
 
 var jwtKey = []byte("mysecret123")
 
-func DecodeJwt(tokenString *string, user *models.User) {
+func DecodeJwt(tokenString *string, user *models.User) error {
 	claims := jwt.MapClaims{}
 	_, err := jwt.ParseWithClaims(*tokenString, claims, func(token *jwt.Token) (interface{}, error) {
 		return []byte(jwtKey), nil
@@ -77,10 +77,11 @@ func DecodeJwt(tokenString *string, user *models.User) {
 
 	if err != nil {
 		log.Println(err)
-		return
+		return err
 	}
 
 	user.Username = claims["username"].(string)
+	return nil
 }
 
 func ValidateUser(user string) error {