75f3dd141c
CodeQL / Analyze (go) (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript-typescript) (push) Has been cancelled
CI and Release / lint-frontend (push) Has been cancelled
CI and Release / dockerfile-scan (push) Has been cancelled
CI and Release / test-frontend (push) Has been cancelled
CI and Release / lint-verification-agent (push) Has been cancelled
CI and Release / test-verification-agent (push) Has been cancelled
CI and Release / e2e-verification-agent (push) Has been cancelled
CI and Release / test-backend (push) Has been cancelled
CI and Release / build-dev-image (push) Has been cancelled
CI and Release / push-dev-image (push) Has been cancelled
CI and Release / build-image (push) Has been cancelled
CI and Release / build-verification-image (push) Has been cancelled
CI and Release / determine-version (push) Has been cancelled
CI and Release / push-image (push) Has been cancelled
CI and Release / push-verification-image (12) (push) Has been cancelled
CI and Release / lint-backend (push) Has been cancelled
CI and Release / push-verification-image (17) (push) Has been cancelled
CI and Release / push-verification-image (18) (push) Has been cancelled
CI and Release / release (push) Has been cancelled
CI and Release / publish-helm-chart (push) Has been cancelled
CI and Release / push-verification-image (13) (push) Has been cancelled
CI and Release / push-verification-image (14) (push) Has been cancelled
CI and Release / push-verification-image (15) (push) Has been cancelled
CI and Release / push-verification-image (16) (push) Has been cancelled
77 lines
1.8 KiB
Go
77 lines
1.8 KiB
Go
package users_middleware
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
users_enums "databasus-backend/internal/features/users/enums"
|
|
users_models "databasus-backend/internal/features/users/models"
|
|
users_services "databasus-backend/internal/features/users/services"
|
|
)
|
|
|
|
// AuthMiddleware validates JWT token and adds user to context
|
|
func AuthMiddleware(userService *users_services.UserService) gin.HandlerFunc {
|
|
return func(ctx *gin.Context) {
|
|
token := ctx.GetHeader("Authorization")
|
|
if token == "" {
|
|
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization token required"})
|
|
ctx.Abort()
|
|
return
|
|
}
|
|
|
|
// Remove "Bearer " prefix if present
|
|
if len(token) > 7 && token[:7] == "Bearer " {
|
|
token = token[7:]
|
|
}
|
|
|
|
user, err := userService.GetUserFromToken(token)
|
|
if err != nil {
|
|
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"})
|
|
ctx.Abort()
|
|
return
|
|
}
|
|
|
|
ctx.Set("user", user)
|
|
ctx.Next()
|
|
}
|
|
}
|
|
|
|
func RequireRole(requiredRole users_enums.UserRole) gin.HandlerFunc {
|
|
return func(ctx *gin.Context) {
|
|
userInterface, exists := ctx.Get("user")
|
|
if !exists {
|
|
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
|
|
ctx.Abort()
|
|
return
|
|
}
|
|
|
|
user, ok := userInterface.(*users_models.User)
|
|
if !ok {
|
|
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid user context"})
|
|
ctx.Abort()
|
|
return
|
|
}
|
|
|
|
if user.Role != requiredRole {
|
|
ctx.JSON(http.StatusForbidden, gin.H{"error": "Insufficient permissions"})
|
|
ctx.Abort()
|
|
return
|
|
}
|
|
|
|
ctx.Next()
|
|
}
|
|
}
|
|
|
|
// GetUserFromContext helper function to extract user from gin context
|
|
func GetUserFromContext(ctx *gin.Context) (*users_models.User, bool) {
|
|
userInterface, exists := ctx.Get("user")
|
|
if !exists {
|
|
return nil, false
|
|
}
|
|
|
|
user, ok := userInterface.(*users_models.User)
|
|
|
|
return user, ok
|
|
}
|