draft grpc
This commit is contained in:
38
internal/middleware/admin.go
Normal file
38
internal/middleware/admin.go
Normal file
@@ -0,0 +1,38 @@
|
||||
//go:build ignore
|
||||
// +build ignore
|
||||
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"stream.api/internal/database/model"
|
||||
"stream.api/pkg/response"
|
||||
)
|
||||
|
||||
// RequireAdmin returns a Gin middleware that blocks non-admin users.
|
||||
// Must be placed after the auth middleware so "user" is set in the context.
|
||||
func RequireAdmin() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
userValue, exists := c.Get("user")
|
||||
if !exists {
|
||||
response.Error(c, http.StatusUnauthorized, "Unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
user, ok := userValue.(*model.User)
|
||||
if !ok || user == nil {
|
||||
response.Error(c, http.StatusUnauthorized, "Unauthorized")
|
||||
return
|
||||
}
|
||||
|
||||
if user.Role == nil || strings.ToUpper(*user.Role) != "ADMIN" {
|
||||
response.Error(c, http.StatusForbidden, "Admin access required")
|
||||
return
|
||||
}
|
||||
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user