X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=inline;f=api%2Fuser.go;h=b285a20d9a35b8d8d6d761efabeb4c75bd120688;hb=943b392b0d175a4e12b21eae984a0acd2719bd75;hp=a2737fd0a06c9f8e3cdacc81ef1990168982cea3;hpb=d1c0ccfcb84f1b8778e38b027a333d03e1f4ae9e;p=perso%2FImmae%2FProjets%2FCryptomonnaies%2FCryptoportfolio%2FFront.git diff --git a/api/user.go b/api/user.go index a2737fd..b285a20 100644 --- a/api/user.go +++ b/api/user.go @@ -9,7 +9,7 @@ import ( "github.com/dchest/passwordreset" "github.com/gin-gonic/gin" - "immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front/db" + "git.immae.eu/Cryptoportfolio/Front.git/db" ) const ( @@ -30,6 +30,20 @@ func UserConfirmed(c *gin.Context) *Error { return nil } +func UserIsAdmin(c *gin.Context) *Error { + user, exists := c.Get("user") + + if !exists { + return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")} + } + + if user.(db.User).Role != db.RoleAdmin { + return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)} + } + + return nil +} + func GetUser(c *gin.Context) db.User { user, _ := c.Get("user") @@ -48,7 +62,8 @@ type SignParams struct { } type SignResult struct { - Token string `json:"token"` + Token string `json:"token"` + IsAdmin bool `json:"isAdmin"` } func (s SignParams) Validate() *Error { @@ -121,14 +136,7 @@ func (q SignupQuery) Run() (interface{}, *Error) { } } - if CONFIG.FreeSMSUser != "" { - err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("'%v' request a password reset. Token '/change-password?token=%v'", q.In.Email, token)) - if err != nil { - return nil, NewInternalError(err) - } - } - - return SignResult{token}, nil + return SignResult{token, newUser.Role == db.RoleAdmin}, nil } type SigninQuery struct { @@ -159,7 +167,7 @@ func (q SigninQuery) Run() (interface{}, *Error) { return nil, NewInternalError(err) } - return SignResult{token}, nil + return SignResult{token, user.Role == db.RoleAdmin}, nil } type ConfirmEmailQuery struct {