paulmataruso/libredesk
1
0
Fork 0
mirror of https://github.com/abhinavxd/libredesk.git synced 2025-11-03 21:43:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2bbb161593ece63cb5ea1632335f447269fd9362
libredesk/cmd/middlewares.go
Abhinav Raut 2bbb161593 chore: seperate frontend into differenet directories.
2024-06-23 23:24:43 +05:30

65 lines
2.4 KiB
Go
Raw Blame History

package main
import (
"net/http"
"github.com/vividvilla/simplesessions"
"github.com/zerodha/fastglue"
)
func auth(handler fastglue.FastRequestHandler, perms ...string) fastglue.FastRequestHandler {
return func(r *fastglue.Request) error {
var (
app = r.Context.(*App)
sess, err = app.sessMgr.Acquire(r, r, nil)
)
if err != nil {
app.lo.Error("error acquiring session", "error", err)
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
// User email in session?
email, err := sess.String(sess.Get("user_email"))
if err != nil && (err != simplesessions.ErrInvalidSession && err != simplesessions.ErrFieldNotFound) {
app.lo.Error("error fetching session session", "error", err)
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
// User ID in session?
userID, err := sess.Int(sess.Get("user_id"))
if err != nil && (err != simplesessions.ErrInvalidSession && err != simplesessions.ErrFieldNotFound) {
app.lo.Error("error fetching session session", "error", err)
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
userUUID, err := sess.String(sess.Get("user_uuid"))
if err != nil && (err != simplesessions.ErrInvalidSession && err != simplesessions.ErrFieldNotFound) {
app.lo.Error("error fetching session session", "error", err)
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
if email != "" && userID > 0 {
// Set both in request context so they can be accessed in the handlers.
r.RequestCtx.SetUserValue("user_email", email)
r.RequestCtx.SetUserValue("user_id", userID)
r.RequestCtx.SetUserValue("user_uuid", userUUID)
// Check permission.
for _, perm := range perms {
hasPerm, err := app.rbac.HasPermission(userID, perm)
if err != nil || !hasPerm {
return r.SendErrorEnvelope(http.StatusUnauthorized, "You don't have permissions to access this page.", nil, "PermissionException")
}
}
return handler(r)
}
if err := sess.Clear(); err != nil {
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
return r.SendErrorEnvelope(http.StatusUnauthorized, "invalid or expired session", nil, "PermissionException")
}
}
Reference in New Issue View Git Blame Copy Permalink