nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

fix middleware logic error
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-09 11:42:44 +11:00
parent 17fc1f2e66
commit 89bd1acc32
1 changed files with 36 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
middlewares/middlewares.go
View File

@@ -38,45 +38,47 @@ func JwtAuthMiddleware() gin.HandlerFunc {
func JwtAuthAdminMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
/*
err := token.TokenValid(c)
if err != nil {
log.Printf("JwtAuthAdminMiddleware token is not valid : '%s'\n", err)
c.String(http.StatusUnauthorized, "Unauthorized")
c.Abort()
return
}
// Once we know the token is valid, figure out if this user is an admin
user_id, err := token.ExtractTokenID(c)
if err != nil {
log.Printf("JwtAuthAdminMiddleware could not extract user ID from context : '%s'\n", err)
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
c.Abort()
return
}
log.Printf("JwtAuthAdminMiddleware determined user id as '%v'\n", user_id)
*/
//user_id := c.GetInt("user-id")
var user_id int
if val, ok := c.Get("user-id"); !ok {
log.Printf("JwtAuthAdminMiddleware : user-id not in context. Keys : '%+v'\n", c.Keys)
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user id"})
return
} else {
user_id = val.(int)
}
if user_id == 0 {
errString := "could not extract user ID from context"
log.Printf("JwtAuthAdminMiddleware '%s'\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
err := token.TokenValid(c)
if err != nil {
log.Printf("JwtAuthAdminMiddleware token is not valid : '%s'\n", err)
c.String(http.StatusUnauthorized, "Unauthorized")
c.Abort()
return
}
// Once we know the token is valid, figure out if this user is an admin
user_id, err := token.ExtractTokenID(c)
if err != nil {
log.Printf("JwtAuthAdminMiddleware could not extract user ID from context : '%s'\n", err)
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
c.Abort()
return
}
log.Printf("JwtAuthAdminMiddleware determined user id as '%v'\n", user_id)
c.Set("user-id", user_id)
/*
//user_id := c.GetInt("user-id")
var user_id int
if val, ok := c.Get("user-id"); !ok {
log.Printf("JwtAuthAdminMiddleware : user-id not in context. Keys : '%+v'\n", c.Keys)
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user id"})
return
} else {
user_id = val.(int)
}
if user_id == 0 {
errString := "could not extract user ID from context"
log.Printf("JwtAuthAdminMiddleware '%s'\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
c.Abort()
return
}
*/
// TODO determine user role
//ur, err := models.GetUserRoleByID(user_id)