refactor: use bearer token in auth middleware

Author: FarhanSaleh

app/middlewares/auth_middleware.go

@@ -17,38 +17,17 @@ func (m *Middleware) AuthMiddleware(allowedRole string) domain.MiddlewareFunc {
 			ctx, span := tracer.Start(request.Context(), "auth middleware")
 			defer span.End()
 
-			// token := utils.ExtractBearerToken(request)
-			// if len(*token) < 5 {
-			// 	ngelog.Error(ctx, "failed to extract bearer token", nil)
-			// 	utils.Response(domain.HttpResponse{
-			// 		Code:    401,
-			// 		Message: "Unauthorized",
-			// 		Data:    nil,
-			// 	}, writer)
-			// 	return
-			// }
-
-			tokenRaw, err := request.Cookie("token")
-			if err != nil {
-				if err == http.ErrNoCookie {
-					ngelog.Error(ctx, "failed to get token from cookie", nil)
-					utils.Response(domain.HttpResponse{
-						Code:    401,
-						Message: "Unauthorized",
-						Data:    nil,
-					}, writer)
-					return
-				} else {
-					utils.Response(domain.HttpResponse{
-						Code:    401,
-						Message: "Unauthorized",
-						Data:    nil,
-					}, writer)
-					return
-				}
+			token := utils.ExtractBearerToken(request)
+			if len(*token) < 5 {
+				ngelog.Error(ctx, "failed to extract bearer token", nil)
+				utils.Response(domain.HttpResponse{
+					Code:    401,
+					Message: "Unauthorized",
+					Data:    nil,
+				}, writer)
+				return
 			}
-			token := &tokenRaw.Value
-			
+
 			verifyToken, err := m.Jwt.VerifyToken(*token)
 			if err != nil {
 				ngelog.Error(ctx, "failed to verify token", err)

app/users/delivery/http/login_users.go

@@ -4,9 +4,7 @@ import (
 	"encoding/json"
 	"io"
 	"net/http"
-	"time"
 
-	"github.com/hammer-code/lms-be/config"
 	"github.com/hammer-code/lms-be/domain"
 	"github.com/hammer-code/lms-be/utils"
 )
@@ -44,20 +42,6 @@ func (h Handler) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	expiredTime := time.Now().Local().Add(time.Duration(60) * time.Minute)
-
-	cookie := http.Cookie{
-		Name:    "token",
-		Value:   token,
-		Expires: expiredTime,
-		Path:    "/",
-		HttpOnly: true,
-		Secure:   config.GetConfig().APP_ENV != "development",
-	}
-
-	// Atur cookie pada response writer.
-	http.SetCookie(w, &cookie)
-
 	utils.Response(domain.HttpResponse{
 		Code:    200,
 		Message: "Login successfully",

app/users/delivery/http/logout_users.go

@@ -2,11 +2,8 @@ package http
 
 import (
 	"net/http"
-	"time"
 
-	"github.com/hammer-code/lms-be/config"
 	"github.com/hammer-code/lms-be/domain"
-	"github.com/hammer-code/lms-be/pkg/ngelog"
 	"github.com/hammer-code/lms-be/utils"
 )
 
@@ -22,47 +19,14 @@ import (
 // @Failure 200 {object} domain.HttpResponse
 // @Router /api/v1/auth/logout [post]
 func (h Handler) Logout(w http.ResponseWriter, r *http.Request) {
-	// token := utils.ExtractBearerToken(r)
-
-	tokenRaw, err := r.Cookie("token")
-	if err != nil {
-		if err == http.ErrNoCookie {
-			ngelog.Error(r.Context(), "failed to get token from cookie", nil)
-			utils.Response(domain.HttpResponse{
-				Code:    401,
-				Message: "Unauthorized",
-				Data:    nil,
-			}, w)
-			return
-		} else {
-			utils.Response(domain.HttpResponse{
-				Code:    401,
-				Message: "Unauthorized",
-				Data:    nil,
-			}, w)
-			return
-		}
-	}
-	token := &tokenRaw.Value
+	token := utils.ExtractBearerToken(r)
 
-	err = h.usecase.Logout(r.Context(), *token)
+	err := h.usecase.Logout(r.Context(), *token)
 	if err != nil {
 		resp := utils.CustomErrorResponse(err)
 		utils.Response(resp, w)
 		return
 	}
-	
-	expiredTime := time.Now().Local().Add(time.Duration(0) * time.Minute)
-	cookie := http.Cookie{
-		Name:    "token",
-		Value:   "",
-		Expires: expiredTime,
-		Path:    "/",
-		HttpOnly: true,
-		Secure:   config.GetConfig().APP_ENV != "development",
-	}
-
-	http.SetCookie(w, &cookie)
 
 	utils.Response(domain.HttpResponse{
 		Code:    200,