initial commit
This commit is contained in:
dhax
commit
93d8310491
46 changed files with 3379 additions and 0 deletions
31
auth/authorizer.go
Normal file
31
auth/authorizer.go
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/go-chi/render"
|
||||
)
|
||||
|
||||
// RequiresRole middleware restricts access to accounts having role parameter in their jwt claims.
|
||||
func RequiresRole(role string) func(next http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
hfn := func(w http.ResponseWriter, r *http.Request) {
|
||||
claims := ClaimsFromCtx(r.Context())
|
||||
if !hasRole(role, claims.Roles) {
|
||||
render.Render(w, r, ErrForbidden)
|
||||
return
|
||||
}
|
||||
next.ServeHTTP(w, r)
|
||||
}
|
||||
return http.HandlerFunc(hfn)
|
||||
}
|
||||
}
|
||||
|
||||
func hasRole(role string, roles []string) bool {
|
||||
for _, r := range roles {
|
||||
if r == role {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue