Implement admin media approval endpoints and add JWT role-based auth - NOT TESTED

2025-05-16 14:56:13 +03:30
parent 1abc05ecd9
commit 2e4b97e4bc
7 changed files with 60 additions and 43 deletions
--- a/internal/auth/jwt.go
+++ b/internal/auth/jwt.go
@@ -43,7 +43,7 @@ func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
 			c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
 			return
 		}
-		_, err = jwt.Parse(token.Value, func(t *jwt.Token) (interface{}, error) {
+		t, err := jwt.Parse(token.Value, func(t *jwt.Token) (interface{}, error) {
 			if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
 				return nil, jwt.ErrSignatureInvalid
 			}
@@ -53,6 +53,11 @@ func (j *JwtTokenGenerator) GinMiddleware() gin.HandlerFunc {
 			c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
 			return
 		}
+		claims, ok := t.Claims.(jwt.MapClaims)
+		if !ok || claims["role"] != "admin" { // Check role, only if its admin let it go
+			c.AbortWithStatusJSON(401, gin.H{"error": "Unauthorized"})
+			return
+		}
 		c.Next()
 	}
 }
--- a/internal/models/requestModels/approveMedia.go
+++ b/internal/models/requestModels/approveMedia.go
@@ -0,0 +1,5 @@
+package requestmodels
+
+type ApproveMediaInput struct {
+	MediaId string `json:"mediaId" binding:"required"`
+}
--- a/internal/models/requestModels/rejectMedia.go
+++ b/internal/models/requestModels/rejectMedia.go
@@ -0,0 +1,5 @@
+package requestmodels
+
+type RejectMediaInput struct {
+	MediaId string `json:"mediaId" binding:"required"`
+}
--- a/internal/server/router.go
+++ b/internal/server/router.go
@@ -4,7 +4,6 @@ import (
 	"CatsOfMastodonBotGo/internal"
 	handlers_admin "CatsOfMastodonBotGo/internal/web/handlers/admin"
 	handlers_api "CatsOfMastodonBotGo/internal/web/handlers/api"
-	handlers_home "CatsOfMastodonBotGo/internal/web/handlers/home"

 	"github.com/gin-gonic/gin"
 )
@@ -14,21 +13,18 @@ func SetupRouter(appContext *internal.AppContext) *gin.Engine {
 	

 	adminDashboardHandler := handlers_admin.NewAdminDashboardHandler(appContext)
-	homePageHandler := handlers_home.NewMainPageHandler(appContext)
 	apiHandler := handlers_api.NewApiEndpointHandler(appContext)

 	admin := r.Group("/admin")

-	admin.GET("/", adminDashboardHandler.AdminHomePage)
+	// My man, this is done way more efficient and fast in .NET, specially the authentication part
 	admin.POST("/login", adminDashboardHandler.Login)
-	admin.POST("/approve", adminDashboardHandler.ApproveMedia)
-	admin.POST("/reject", adminDashboardHandler.RejectMedia)
+	admin.POST("/approve", appContext.Jwt.GinMiddleware() ,adminDashboardHandler.ApproveMedia)
+	admin.POST("/reject" ,appContext.Jwt.GinMiddleware() , adminDashboardHandler.RejectMedia)

 	api := r.Group("/api")

 	api.GET("/post/random", apiHandler.GetRandomPost)

-	r.GET("/", homePageHandler.HomePageHandler)
-
 	return r
 }
--- a/internal/services/postService.go
+++ b/internal/services/postService.go
@@ -88,6 +88,8 @@ func (ps *PostService) InsertNewAccounts(newAccounts []models.Account) int {
 	return int(ps.db.Clauses(clause.OnConflict{UpdateAll: true}).Create(&newAccounts).RowsAffected)
 }

+// From this point on, its for the api endpoints
+
 func (ps *PostService) GetRandomPost() models.Post {
 	var post models.Post
 	ps.db.
@@ -98,6 +100,18 @@ func (ps *PostService) GetRandomPost() models.Post {
 	return post
 }

+func (ps *PostService) ApproveMedia(mediaId string) bool {
+	return ps.db.Model(&models.MediaAttachment{}).
+		Where("id = ?", mediaId).
+		Update("approved", true).RowsAffected > 0
+}
+
+func (ps *PostService) RejectMedia(mediaId string) bool {
+	return ps.db.Model(&models.MediaAttachment{}).
+		Where("id = ?", mediaId).
+		Update("rejected", true).RowsAffected > 0
+}
+
 func arrayContains(arr []string, str string) bool {
 	for _, a := range arr {
 		if a == str {
--- a/internal/web/handlers/admin/adminDash.go
+++ b/internal/web/handlers/admin/adminDash.go
@@ -19,34 +19,43 @@ func NewAdminDashboardHandler(appContext *internal.AppContext) *AdminDashboardHa
 	}
 }

-func (appContext *AdminDashboardHandler) AdminHomePage(c *gin.Context) {
-	c.JSON(200, gin.H{
-		"YouAreOn": "AdminDashboardHomePage",
-	})
-}
-
 func (appContext *AdminDashboardHandler) ApproveMedia(c *gin.Context) {
-	c.JSON(200, gin.H{
-		"YouAreOn": "ApproveMedia",
-	})
+	var input requestmodels.ApproveMediaInput
+	if err := c.ShouldBindJSON(&input); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if appContext.AppContext.PostService.ApproveMedia(input.MediaId) {
+		c.JSON(http.StatusOK, gin.H{"message": "Media approved successfully"})
+	} else {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to approve media"})
+	}
 }

 func (appContext *AdminDashboardHandler) RejectMedia(c *gin.Context) {
-	c.JSON(200, gin.H{
-		"YouAreOn": "RejectMedia",
-	})
+	var input requestmodels.RejectMediaInput
+	if err := c.ShouldBindJSON(&input); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+	if appContext.AppContext.PostService.RejectMedia(input.MediaId) {
+		c.JSON(http.StatusOK, gin.H{"message": "Media rejected successfully"})
+	} else {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to reject media"})
+	}
 }

 func (appContext *AdminDashboardHandler) Login(c *gin.Context) {

 	var input requestmodels.LoginInput
-
+	
+	// Validate data
 	if err := c.ShouldBindJSON(&input); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}

-	if input.Password == appContext.AppContext.AdminPassword {
+	if input.Password == appContext.AppContext.AdminPassword { // Its more than enough for this project
 		token, err := appContext.AppContext.Jwt.GenerateToken(map[string]interface{}{"role": "admin"})
 		if err != nil {
 			c.JSON(http.StatusInternalServerError, gin.H{"error": "Token generation failed"})
@@ -60,6 +69,10 @@ func (appContext *AdminDashboardHandler) Login(c *gin.Context) {
 		c.JSON(401, gin.H{
 			"YouAreOn": "Unauthorized",
 		})
+		return
 	}
+	c.JSON(200, gin.H{
+		"YouAreOn": "Login",
+	})

 }
--- a/internal/web/handlers/home/mainPage.go
+++ b/internal/web/handlers/home/mainPage.go
@@ -1,21 +0,0 @@
-package handlers_home
-
-import (
-	"CatsOfMastodonBotGo/internal"
-
-	"github.com/gin-gonic/gin"
-)
-
-type MainPageHandler struct {
-	AppContext *internal.AppContext
-}
-
-func NewMainPageHandler(appContext *internal.AppContext) *MainPageHandler {
-	return &MainPageHandler{
-		AppContext: appContext,
-	}
-}
-
-func (appContext *MainPageHandler) HomePageHandler(c *gin.Context) {
-	c.Data(200, "text/html; charset=utf-8", []byte(`<p>Welcome to CatsOfMastodonBotGo - <a href="https://git.mahdium.ir/mahdium/CatsOfMastodon">The main project</a>, writen in C# is available at that link - This is only my attempt to port it to Go for learning purposes</p>`))
-}