{"GET", []gin.HandlerFunc{UserAccount}, "/account"},
},
},
+ {
+ "/admin",
+ []Middleware{JwtAuth, UserConfirmed, UserIsAdmin, OtpAuth},
+ []Route{},
+ },
}
func Signup(c *gin.Context) {
return nil
}
+func UserIsAdmin(c *gin.Context) *Error {
+ user, exists := c.Get("user")
+
+ if !exists {
+ return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
+ }
+
+ if user.(db.User).Role != db.RoleAdmin {
+ return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
+ }
+
+ return nil
+}
+
func GetUser(c *gin.Context) db.User {
user, _ := c.Get("user")
"DROP TYPE market_config_status",
},
},
+ {
+ Version: 201805131000,
+ Up: []string{
+ "CREATE TYPE user_role AS ENUM ('admin', 'user')",
+ "ALTER TABLE users ADD role user_role NOT NULL DEFAULT 'user'",
+ },
+ Down: []string{
+ "ALTER TABLE users DROP COLUMN role",
+ "DROP TYPE user_role",
+ },
+ },
}
AwaitingConfirmation
)
+type UserRole string
+
+const RoleUser UserRole = "user"
+const RoleAdmin UserRole = "admin"
+
type User struct {
Id int64
- Email string `sql:",unique,notnull"`
- PasswordHash string `sql:",notnull"`
+ Role UserRole
+ Email string
+ PasswordHash string
OtpSecret string
IsOtpSetup bool
Status UserStatus