update

middlewares/middlewares.go

@@ -14,6 +14,7 @@ func JwtAuthMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		err := token.TokenValid(c)
 		if err != nil {
+			log.Printf("JwtAuthMiddleware token is not valid : '%s'\n", err)
 			c.String(http.StatusUnauthorized, "Unauthorized")
 			c.Abort()
 			return
@@ -25,10 +26,9 @@ func JwtAuthMiddleware() gin.HandlerFunc {
 func JwtAuthAdminMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 
-		// TODO - also verify user role of admin
-
 		err := token.TokenValid(c)
 		if err != nil {
+			log.Printf("JwtAuthAdminMiddleware token is not valid : '%s'\n", err)
 			c.String(http.StatusUnauthorized, "Unauthorized")
 			c.Abort()
 			return
@@ -38,6 +38,7 @@ func JwtAuthAdminMiddleware() gin.HandlerFunc {
 		user_id, err := token.ExtractTokenID(c)
 
 		if err != nil {
+			log.Printf("JwtAuthAdminMiddleware could not extract user ID from context : '%s'\n", err)
 			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 			c.Abort()
 			return
@@ -52,6 +53,7 @@ func JwtAuthAdminMiddleware() gin.HandlerFunc {
 		}
 		log.Printf("JwtAuthAdminMiddleware retrieved UserRole object '%v'\n", ur)
 
+		// Verify that the user has a role with the admin flag set
 		if !ur.Admin {
 			c.String(http.StatusUnauthorized, "User role is Non-Admin")
 			c.Abort()