Files
wehub-resource-sync 75f3dd141c
CodeQL / Analyze (go) (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript-typescript) (push) Has been cancelled
CI and Release / lint-frontend (push) Has been cancelled
CI and Release / dockerfile-scan (push) Has been cancelled
CI and Release / test-frontend (push) Has been cancelled
CI and Release / lint-verification-agent (push) Has been cancelled
CI and Release / test-verification-agent (push) Has been cancelled
CI and Release / e2e-verification-agent (push) Has been cancelled
CI and Release / test-backend (push) Has been cancelled
CI and Release / build-dev-image (push) Has been cancelled
CI and Release / push-dev-image (push) Has been cancelled
CI and Release / build-image (push) Has been cancelled
CI and Release / build-verification-image (push) Has been cancelled
CI and Release / determine-version (push) Has been cancelled
CI and Release / push-image (push) Has been cancelled
CI and Release / push-verification-image (12) (push) Has been cancelled
CI and Release / lint-backend (push) Has been cancelled
CI and Release / push-verification-image (17) (push) Has been cancelled
CI and Release / push-verification-image (18) (push) Has been cancelled
CI and Release / release (push) Has been cancelled
CI and Release / publish-helm-chart (push) Has been cancelled
CI and Release / push-verification-image (13) (push) Has been cancelled
CI and Release / push-verification-image (14) (push) Has been cancelled
CI and Release / push-verification-image (15) (push) Has been cancelled
CI and Release / push-verification-image (16) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:11:07 +08:00

77 lines
1.8 KiB
Go

package users_middleware
import (
"net/http"
"github.com/gin-gonic/gin"
users_enums "databasus-backend/internal/features/users/enums"
users_models "databasus-backend/internal/features/users/models"
users_services "databasus-backend/internal/features/users/services"
)
// AuthMiddleware validates JWT token and adds user to context
func AuthMiddleware(userService *users_services.UserService) gin.HandlerFunc {
return func(ctx *gin.Context) {
token := ctx.GetHeader("Authorization")
if token == "" {
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Authorization token required"})
ctx.Abort()
return
}
// Remove "Bearer " prefix if present
if len(token) > 7 && token[:7] == "Bearer " {
token = token[7:]
}
user, err := userService.GetUserFromToken(token)
if err != nil {
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"})
ctx.Abort()
return
}
ctx.Set("user", user)
ctx.Next()
}
}
func RequireRole(requiredRole users_enums.UserRole) gin.HandlerFunc {
return func(ctx *gin.Context) {
userInterface, exists := ctx.Get("user")
if !exists {
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
ctx.Abort()
return
}
user, ok := userInterface.(*users_models.User)
if !ok {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid user context"})
ctx.Abort()
return
}
if user.Role != requiredRole {
ctx.JSON(http.StatusForbidden, gin.H{"error": "Insufficient permissions"})
ctx.Abort()
return
}
ctx.Next()
}
}
// GetUserFromContext helper function to extract user from gin context
func GetUserFromContext(ctx *gin.Context) (*users_models.User, bool) {
userInterface, exists := ctx.Get("user")
if !exists {
return nil, false
}
user, ok := userInterface.(*users_models.User)
return user, ok
}