mirror of
https://github.com/khairul169/garage-webui.git
synced 2025-10-14 23:09:32 +07:00
32 lines
806 B
Go
32 lines
806 B
Go
package middleware
|
|
|
|
import (
|
|
"errors"
|
|
"khairul169/garage-webui/utils"
|
|
"net/http"
|
|
)
|
|
|
|
func AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
auth := utils.Session.Get(r, "authenticated")
|
|
userID := utils.Session.Get(r, "user_id")
|
|
|
|
// Check if user is authenticated
|
|
if auth == nil || !auth.(bool) || userID == nil {
|
|
utils.ResponseErrorStatus(w, errors.New("unauthorized"), http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// Verify user still exists and is enabled
|
|
user, err := utils.DB.GetUser(userID.(string))
|
|
if err != nil || !user.Enabled {
|
|
// Clear invalid session
|
|
utils.Session.Clear(r)
|
|
utils.ResponseErrorStatus(w, errors.New("unauthorized"), http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|