mirror of
https://github.com/zoriya/Kyoo.git
synced 2025-05-24 02:02:36 -04:00
74 lines
1.6 KiB
Go
74 lines
1.6 KiB
Go
package main
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"slices"
|
|
"strings"
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
"github.com/google/uuid"
|
|
"github.com/jackc/pgx/v5/pgconn"
|
|
"github.com/labstack/echo/v4"
|
|
)
|
|
|
|
func GetCurrentUserId(c echo.Context) (uuid.UUID, error) {
|
|
user := c.Get("user").(*jwt.Token)
|
|
if user == nil {
|
|
return uuid.UUID{}, echo.NewHTTPError(401, "Unauthorized")
|
|
}
|
|
sub, err := user.Claims.GetSubject()
|
|
if err != nil {
|
|
return uuid.UUID{}, echo.NewHTTPError(403, "Could not retrieve subject")
|
|
}
|
|
ret, err := uuid.Parse(sub)
|
|
if err != nil {
|
|
return uuid.UUID{}, echo.NewHTTPError(403, "Invalid id")
|
|
}
|
|
return ret, nil
|
|
}
|
|
|
|
func CheckPermissions(c echo.Context, perms []string) error {
|
|
token, ok := c.Get("user").(*jwt.Token)
|
|
if !ok {
|
|
return echo.NewHTTPError(401, "Not logged in")
|
|
}
|
|
claims, ok := token.Claims.(jwt.MapClaims)
|
|
if !ok {
|
|
return echo.NewHTTPError(403, "Could not retrieve claims")
|
|
}
|
|
|
|
permissions_claims, ok := claims["permissions"]
|
|
if !ok {
|
|
return echo.NewHTTPError(403, fmt.Sprintf("Missing permissions: %s.", ", "))
|
|
}
|
|
permissions, ok := permissions_claims.([]string)
|
|
if !ok {
|
|
return echo.NewHTTPError(403, "Invalid permission claim.")
|
|
}
|
|
|
|
missing := make([]string, 0)
|
|
for _, perm := range perms {
|
|
if !slices.Contains(permissions, perm) {
|
|
missing = append(missing, perm)
|
|
}
|
|
}
|
|
|
|
if len(missing) != 0 {
|
|
return echo.NewHTTPError(
|
|
403,
|
|
fmt.Sprintf("Missing permissions: %s.", strings.Join(missing, ", ")),
|
|
)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ErrIs(err error, code string) bool {
|
|
var pgerr *pgconn.PgError
|
|
|
|
if !errors.As(err, &pgerr) {
|
|
return false
|
|
}
|
|
return pgerr.Code == code
|
|
}
|