data layer

data-layer/api/internal/middleware/workspace.go

@@ -0,0 +1,51 @@
+package middleware
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/google/uuid"
+
+	"github.com/dbiz/cdp/data-layer/api/internal/apperr"
+)
+
+const ctxKeyWorkspace ctxKey = "workspace_id"
+
+// Workspace pulls the active workspace UUID from the X-Workspace-Id header
+// and stores it in context. Returns 400 for missing / malformed values.
+//
+// TODO(auth): wire this to the console session / JWT once the auth scheme
+// for the data-layer is finalized. For now the header drives everything.
+func Workspace(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		raw := r.Header.Get("X-Workspace-Id")
+		if raw == "" {
+			writeAppErr(w, apperr.BadRequest("missing X-Workspace-Id header", "workspace_id", nil))
+			return
+		}
+		id, err := uuid.Parse(raw)
+		if err != nil {
+			writeAppErr(w, apperr.BadRequest("invalid X-Workspace-Id", "workspace_id", err))
+			return
+		}
+		ctx := context.WithValue(r.Context(), ctxKeyWorkspace, id.String())
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
+// WorkspaceFromCtx returns the workspace id set by Workspace middleware.
+func WorkspaceFromCtx(ctx context.Context) string {
+	v, _ := ctx.Value(ctxKeyWorkspace).(string)
+	return v
+}
+
+func writeAppErr(w http.ResponseWriter, err *apperr.AppError) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(err.Code)
+	body := `{"error":"` + err.Message + `"`
+	if err.Field != "" {
+		body += `,"field":"` + err.Field + `"`
+	}
+	body += `}`
+	_, _ = w.Write([]byte(body))
+}