Files
kontor/go/pkg/auth/middleware.go
T
2026-06-01 20:11:49 +02:00

88 lines
2.8 KiB
Go

package auth
import (
"gitlab.thpeetz.de/kontor/kontor-go/pkg/dao"
"gitlab.thpeetz.de/kontor/kontor-go/pkg/properties"
"log"
"net/http"
"github.com/gin-gonic/gin"
"gopkg.in/mgo.v2/bson"
)
var sessionDao = SessionDAO{Db: dao.KontorDb}
// EnsureLoggedIn ensures that a request will be aborted with an error
// if the user is not logged in
func EnsureLoggedIn() gin.HandlerFunc {
return func(c *gin.Context) {
// If there's an error or if the token is empty
// the user is not logged in
sessionInterface, _ := c.Get("session")
sessionID := sessionInterface.(string)
if session, err := sessionDao.GetSession(sessionID); err != nil || session.Username == "" {
c.Redirect(http.StatusTemporaryRedirect, "/")
//c.AbortWithStatus(http.StatusUnauthorized)
}
}
}
// EnsureAdminStatus ensures that a request will be aborted with an error
// if the user is not logged in
func EnsureAdminStatus() gin.HandlerFunc {
return func(c *gin.Context) {
// If there's an error or if the token is empty
// the user is not logged in
sessionInterface, _ := c.Get("session")
sessionID := sessionInterface.(string)
if session, err := sessionDao.GetSession(sessionID); err != nil || !session.IsAdmin {
c.Redirect(http.StatusTemporaryRedirect, "/")
//c.AbortWithStatus(http.StatusUnauthorized)
}
}
}
// EnsureNotLoggedIn ensures that a request will be aborted with an error
// if the user is already logged in
func EnsureNotLoggedIn() gin.HandlerFunc {
return func(c *gin.Context) {
// If there's no error or if the token is not empty
// the user is already logged in
sessionInterface, _ := c.Get("session")
sessionID := sessionInterface.(string)
if session, err := sessionDao.GetSession(sessionID); err != nil || session.Username != "" {
c.Redirect(http.StatusTemporaryRedirect, "/")
//c.AbortWithStatus(http.StatusUnauthorized)
}
}
}
// SetSessionStatus reads sessionId from cookie if available or create new session object
// and sets cookie accordingly.
func SetSessionStatus() gin.HandlerFunc {
return func(c *gin.Context) {
if sessionID, err := c.Cookie("session"); err == nil || sessionID != "" {
c.Set("session", sessionID)
} else {
session, _ := sessionDao.GetSession(bson.NewObjectId().Hex())
sessionID := session.ID.Hex()
c.Set("session", sessionID)
c.SetCookie("session", sessionID, 3600, "", "", false, true)
}
}
}
// SetSessionData populates session information with username, admin status of user and
// application version.
func SetSessionData(c *gin.Context, data gin.H) {
sessionInterface, _ := c.Get("session")
sessionID := sessionInterface.(string)
session, _ := sessionDao.GetSession(sessionID)
if gin.IsDebugging() {
log.Printf("setSessionData(%v): %v", sessionID, session)
}
data["is_logged_in"] = (session.Username != "")
data["is_admin"] = session.IsAdmin
data["version"] = properties.Version
}