Add admin authz middleware
This commit is contained in:
parent
144873d8e2
commit
52372bcf69
SSH key fingerprint:
SHA256:19MbXpLua4rUtk8tunMesD8KUKb91LXLHg8E/qTooww
2 changed files with 35 additions and 0 deletions
1
main.go
1
main.go
|
|
@ -91,6 +91,7 @@ func main() {
|
||||||
app.Use(middlewares.MfaEnrollMiddleware)
|
app.Use(middlewares.MfaEnrollMiddleware)
|
||||||
app.Use(middlewares.MfaVerifyMiddleware)
|
app.Use(middlewares.MfaVerifyMiddleware)
|
||||||
app.Use(middlewares.TemplatesMiddleware)
|
app.Use(middlewares.TemplatesMiddleware)
|
||||||
|
app.Use("/admin", middlewares.AuthzAdmin)
|
||||||
|
|
||||||
// Controllers
|
// Controllers
|
||||||
app.Get("/", controllers.Homepage)
|
app.Get("/", controllers.Homepage)
|
||||||
|
|
|
||||||
34
middlewares/authorization.go
Normal file
34
middlewares/authorization.go
Normal file
|
|
@ -0,0 +1,34 @@
|
||||||
|
package middlewares
|
||||||
|
|
||||||
|
import (
|
||||||
|
"git.readonly.ch/bouzoure/popvaud-people/helpers"
|
||||||
|
"git.readonly.ch/bouzoure/popvaud-people/models"
|
||||||
|
"github.com/gofiber/fiber/v2"
|
||||||
|
)
|
||||||
|
|
||||||
|
func AuthzAdmin(c *fiber.Ctx) error {
|
||||||
|
sess, err := helpers.GetSessionStore(c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
db, err := helpers.GetDatabase()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var allowAccess bool
|
||||||
|
userid := sess.Get("userid")
|
||||||
|
|
||||||
|
if userid != nil {
|
||||||
|
var user models.User
|
||||||
|
db.First(&user, "id = ?", userid.(uint))
|
||||||
|
allowAccess = user.IsAdmin
|
||||||
|
}
|
||||||
|
|
||||||
|
if !allowAccess {
|
||||||
|
return fiber.NewError(fiber.StatusForbidden, "Forbidden (authz_admin)")
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.Next()
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue