gabehf/Koito
1
0
Fork 0
mirror of https://github.com/gabehf/Koito.git synced 2026-04-22 20:11:50 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

add admin-only routes and authorization middleware tests

Browse source
This commit is contained in:
Ian Stewart 2026-02-26 16:46:24 -08:00
parent 64236c99c9
commit 4cbdf6a261
No known key found for this signature in database
3 changed files with 106 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

28
engine/middleware/authorize.go Normal file
View file

@ -0,0 +1,28 @@
package middleware
import (
"net/http"
"github.com/gabehf/koito/internal/logger"
"github.com/gabehf/koito/internal/models"
"github.com/gabehf/koito/internal/utils"
)
// ensures the authenticated user has admin role
func RequireAdmin(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
l := logger.FromContext(r.Context())
user := GetUserFromContext(r.Context())
if user == nil {
l.Debug().Msg("RequireAdmin: Unauthorized access (no user)")
utils.WriteError(w, "unauthorized", http.StatusUnauthorized)
return
}
if user.Role != models.UserRoleAdmin {
l.Debug().Msgf("RequireAdmin: Forbidden - user %d is not admin", user.ID)
utils.WriteError(w, "forbidden", http.StatusForbidden)
return
}
next.ServeHTTP(w, r)
})
}