53 lines
1.4 KiB
Go
53 lines
1.4 KiB
Go
package middleware
|
|
|
|
import (
|
|
"cybertron/constants"
|
|
"cybertron/service"
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type UserInfo struct {
|
|
SessionToken string `json:"sessionToken"`
|
|
ClientID string `json:"clientId"`
|
|
Name string `json:"name"`
|
|
Exp int `json:"exp"`
|
|
EmailID string `json:"emailId"`
|
|
AccountID string `json:"accountId"`
|
|
PhoneNumber string `json:"phoneNumber"`
|
|
Roles []string `json:"roles"`
|
|
Groups []string `json:"groups"`
|
|
Permissions []string `json:"permissions"`
|
|
FirebaseJwtToken string `json:"firebaseJwtToken"`
|
|
FirebaseNode string `json:"firebaseNode"`
|
|
ProfilePictureURL string `json:"profilePictureUrl"`
|
|
PreferredUsername string `json:"preferred_username"`
|
|
}
|
|
|
|
func PermissionMiddleware(authService *service.AuthService) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
sessionToken := c.GetHeader(constants.SESSION_HEADER_NAME)
|
|
userEmail := c.GetHeader(constants.EMAIL_HEADER_NAME)
|
|
|
|
validUser, err := authService.CheckValidUser(c, sessionToken, userEmail)
|
|
if err != nil || !validUser {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func isAdmin(roles []string) bool {
|
|
for _, role := range roles {
|
|
if role == "Admin" {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|