Добавлен основные классы для сервиса авторизаци
This commit is contained in:
Ганеев Артем
42
internal/handler/middleware.go
Normal file
42
internal/handler/middleware.go
Normal file
@@ -0,0 +1,42 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"authorization/internal"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
const (
|
||||
authorizationHeader = "Authorization"
|
||||
roleKey = "user_role"
|
||||
)
|
||||
|
||||
func (h *Handler) checkAdminIdentity(c *gin.Context) {
|
||||
header := c.GetHeader(authorizationHeader)
|
||||
if header == "" {
|
||||
newErrorResponse(c, http.StatusUnauthorized, "Пустой header авторизации")
|
||||
return
|
||||
}
|
||||
|
||||
headerParts := strings.Split(header, " ")
|
||||
if len(headerParts) != 2 {
|
||||
newErrorResponse(c, http.StatusUnauthorized, "Невалидный токен JWT")
|
||||
return
|
||||
}
|
||||
|
||||
userRole, err := h.services.ParseToken(headerParts[1])
|
||||
|
||||
if userRole != string(internal.Admin) {
|
||||
newErrorResponse(c, http.StatusUnauthorized, "Недостаточно прав для выполнения запроса")
|
||||
return
|
||||
}
|
||||
if err != nil {
|
||||
newErrorResponse(c, http.StatusUnauthorized, "Ошибка при извлечении claims")
|
||||
return
|
||||
}
|
||||
|
||||
c.Set(roleKey, userRole)
|
||||
}
|
||||
Reference in New Issue
Block a user