aboutsummaryrefslogtreecommitdiff
path: root/api
diff options
context:
space:
mode:
Diffstat (limited to 'api')
-rw-r--r--api/routes.go5
-rw-r--r--api/user.go14
2 files changed, 19 insertions, 0 deletions
diff --git a/api/routes.go b/api/routes.go
index 404f821..3adbfe9 100644
--- a/api/routes.go
+++ b/api/routes.go
@@ -55,6 +55,11 @@ var Groups = []Group{
55 {"GET", []gin.HandlerFunc{UserAccount}, "/account"}, 55 {"GET", []gin.HandlerFunc{UserAccount}, "/account"},
56 }, 56 },
57 }, 57 },
58 {
59 "/admin",
60 []Middleware{JwtAuth, UserConfirmed, UserIsAdmin, OtpAuth},
61 []Route{},
62 },
58} 63}
59 64
60func Signup(c *gin.Context) { 65func Signup(c *gin.Context) {
diff --git a/api/user.go b/api/user.go
index a2737fd..bc24bbb 100644
--- a/api/user.go
+++ b/api/user.go
@@ -30,6 +30,20 @@ func UserConfirmed(c *gin.Context) *Error {
30 return nil 30 return nil
31} 31}
32 32
33func UserIsAdmin(c *gin.Context) *Error {
34 user, exists := c.Get("user")
35
36 if !exists {
37 return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
38 }
39
40 if user.(db.User).Role != db.RoleAdmin {
41 return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
42 }
43
44 return nil
45}
46
33func GetUser(c *gin.Context) db.User { 47func GetUser(c *gin.Context) db.User {
34 user, _ := c.Get("user") 48 user, _ := c.Get("user")
35 49