62 lines
1.1 KiB
Go
62 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gorilla/context"
|
|
)
|
|
|
|
type key int
|
|
|
|
const ukey key = 0
|
|
|
|
// AuthMiddleware get User from session and put it in context
|
|
type Middleware struct {
|
|
authorizer *Authorizer
|
|
}
|
|
|
|
func NewMiddleware(authorizer *Authorizer) *Middleware {
|
|
return &Middleware{authorizer}
|
|
}
|
|
|
|
func (m *Middleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
|
|
user, err := m.authorizer.CurrentUser(w, r)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
context.Set(r, ukey, user)
|
|
next(w, r)
|
|
}
|
|
|
|
type MiddlewareRole struct {
|
|
authorizer *Authorizer
|
|
role string
|
|
}
|
|
|
|
func NewMiddlewareRole(authorizer *Authorizer, role string) *MiddlewareRole {
|
|
return &MiddlewareRole{authorizer, role}
|
|
}
|
|
|
|
func (m *MiddlewareRole) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
|
|
user := GetCurrentUser(r)
|
|
|
|
if user == nil || !user.HasRole(m.role) {
|
|
//TODO: redirect to login page and save wanted page
|
|
return
|
|
}
|
|
|
|
next(w, r)
|
|
}
|
|
|
|
func GetCurrentUser(r *http.Request) User {
|
|
u := context.Get(r, ukey)
|
|
if u == nil {
|
|
return nil
|
|
}
|
|
user, ok := u.(User)
|
|
if !ok {
|
|
panic("Invalid user type")
|
|
}
|
|
return user
|
|
}
|