feat: user CRUD
This commit is contained in:
39
api/auth/middleware/authorization_middleware.go
Normal file
39
api/auth/middleware/authorization_middleware.go
Normal file
@@ -0,0 +1,39 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"context"
|
||||
"log"
|
||||
"net/http"
|
||||
"ordr-api/dto"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/jackc/pgx/v5/pgxpool"
|
||||
)
|
||||
|
||||
func IsAdmin(pool *pgxpool.Pool) gin.HandlerFunc {
|
||||
return func(ctx *gin.Context) {
|
||||
conn, conn_err := pool.Acquire(ctx)
|
||||
|
||||
if conn_err != nil {
|
||||
log.Println(conn_err)
|
||||
ctx.AbortWithStatus(http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
user_profile, _ := ctx.Get("user_profile")
|
||||
|
||||
var is_admin bool
|
||||
|
||||
query_err := conn.QueryRow(context.Background(), "SELECT is_admin FROM ordr_user WHERE sub_id = $1", user_profile.(dto.UserProfileResponse).Sub).Scan(&is_admin)
|
||||
|
||||
if query_err != nil {
|
||||
log.Println(query_err)
|
||||
ctx.AbortWithStatus(http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
if is_admin != true {
|
||||
ctx.AbortWithStatus(http.StatusUnauthorized)
|
||||
}
|
||||
|
||||
ctx.Next()
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user