| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 |
- package sec
- import (
- "errors"
- "git.clearsky.net.au/cody/gex.git/sess"
- "git.clearsky.net.au/cody/gex.git/srv"
- "git.clearsky.net.au/cody/gex.git/utils"
- )
- func Middleware(req *srv.Req, res *srv.Res) error {
- sess, err := sess.GetCtxSess(req)
- if err != nil {
- utils.Err(err)
- return err
- }
- // default auth
- auth := Auth{0, "Guest", []string{"Guest", "Everyone"}}
- // if auth context exists, convert it to an Auth type
- if sess.Data["Auth"] != nil {
- sessAuth, ok := sess.Data["Auth"].(map[string]any)
- if !ok {
- err := errors.New("auth context in session data is not of the expected type, request cancelled")
- utils.Err(err)
- return err
- }
- auth.User_id, ok = sessAuth["User_id"].(float64)
- if !ok {
- err := errors.New("auth context in session data is not of the expected type, request cancelled")
- utils.Err(err)
- return err
- }
- auth.User_name, ok = sessAuth["User_name"].(string)
- if !ok {
- err := errors.New("auth context in session data is not of the expected type, request cancelled")
- utils.Err(err)
- return err
- }
- sessAuthRoles, ok := sessAuth["Roles"].([]any)
- if !ok {
- err := errors.New("auth context in session data is not of the expected type, request cancelled")
- utils.Err(err)
- return err
- }
- auth.Roles = []string{}
- for _, v := range sessAuthRoles {
- val, ok := v.(string)
- if !ok {
- err := errors.New("auth context in session data is not of the expected type, request cancelled")
- utils.Err(err)
- return err
- }
- auth.Roles = append(auth.Roles, val)
- }
- }
- sess.Data["Auth"] = auth
- sess.Save()
- // Route Access Check
- pattern := req.Pattern
- if permissions[pattern] == nil {
- return nil
- }
- for _, val := range permissions[pattern] {
- if auth.HasRole(val) {
- return nil
- }
- }
- res.Send("No Access")
- return errors.New("no access, request cancelled")
- }
|
