43 lines
1010 B
Go
43 lines
1010 B
Go
package handler
|
|
|
|
import (
|
|
"authorization/internal"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
const (
|
|
authorizationHeader = "Authorization"
|
|
roleKey = "user_role"
|
|
)
|
|
|
|
func (h *Handler) checkAdminIdentity(c *gin.Context) {
|
|
header := c.GetHeader(authorizationHeader)
|
|
if header == "" {
|
|
newErrorResponse(c, http.StatusUnauthorized, "Пустой header авторизации")
|
|
return
|
|
}
|
|
|
|
headerParts := strings.Split(header, " ")
|
|
if len(headerParts) != 2 {
|
|
newErrorResponse(c, http.StatusUnauthorized, "Невалидный токен JWT")
|
|
return
|
|
}
|
|
|
|
userRole, err := h.services.ParseToken(headerParts[1])
|
|
|
|
if userRole != string(internal.Admin) {
|
|
newErrorResponse(c, http.StatusUnauthorized, "Недостаточно прав для выполнения запроса")
|
|
return
|
|
}
|
|
if err != nil {
|
|
newErrorResponse(c, http.StatusUnauthorized, "Ошибка при извлечении claims")
|
|
return
|
|
}
|
|
|
|
c.Set(roleKey, userRole)
|
|
}
|