mahdium/CatsOfMastodonGo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement admin media approval endpoints and add JWT role-based auth - NOT TESTED

Browse Source
This commit is contained in:
Mohammad Mahdi
2025-05-16 14:56:13 +03:30
parent 1abc05ecd9
commit 2e4b97e4bc
7 changed files with 60 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/auth/jwt.go
View File

@@ -43,7 +43,7 @@ func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
_, err = jwt.Parse(token.Value, func(t *jwt.Token) (interface{}, error) {
t, err := jwt.Parse(token.Value, func(t *jwt.Token) (interface{}, error) {
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, jwt.ErrSignatureInvalid
}
@@ -53,6 +53,11 @@ func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
claims, ok := t.Claims.(jwt.MapClaims)
if !ok || claims["role"] != "admin" { // Check role, only if its admin let it go
c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
return
}
c.Next()
}
}