d3m0k1d/d3m0k1d.ru
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: add auth to swagerr add middleware for check admin

Browse Source
This commit is contained in:
d3m0k1d
2026-02-14 16:26:27 +03:00
parent 05a8f0cbc7
commit 7e4dbd7e56
6 changed files with 123 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
backend/internal/auth/jwt.go
View File

@@ -16,6 +16,7 @@ func GenerateJWT(user storage.User) (string, error) {
token := jwt.NewWithClaims(jwt.SigningMethodHS512, jwt.MapClaims{
"id": user.ID,
"email": user.Email,
"login": user.GithubLogin,
"github_id": user.GithubID,
})
tokenString, err := token.SignedString(jwtSecret)
@@ -35,7 +36,6 @@ func JWTMiddleware() gin.HandlerFunc {
tokenString := strings.TrimPrefix(auth, "Bearer ")
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
}
@@ -53,8 +53,63 @@ func JWTMiddleware() gin.HandlerFunc {
return
}
c.Set("user_id", int(claims["id"].(float64)))
c.Set("login", claims["login"].(string))
idValue, idExists := claims["id"]
if !idExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing id in token"})
return
}
idFloat, ok := idValue.(float64)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid id type in token"})
return
}
githubIDValue, githubExists := claims["github_id"]
if !githubExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing github_id in token"})
return
}
githubIDFloat, ok := githubIDValue.(float64)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid github_id type in token"})
return
}
loginValue, loginExists := claims["login"]
if !loginExists {
c.AbortWithStatusJSON(401, gin.H{"error": "missing login in token"})
return
}
login, ok := loginValue.(string)
if !ok {
c.AbortWithStatusJSON(401, gin.H{"error": "invalid login type in token"})
return
}
c.Set("user_id", int(idFloat))
c.Set("github_id", int(githubIDFloat))
c.Set("login", login)
c.Next()
}
}
func RequireAdmin() gin.HandlerFunc {
return func(c *gin.Context) {
githubID, exists := c.Get("github_id")
if !exists {
c.AbortWithStatusJSON(401, gin.H{"error": "unauthorized"})
return
}
id := githubID.(int)
if id != 173489813 {
c.AbortWithStatusJSON(403, gin.H{"error": "access denied"})
return
}
c.Next()
}
}