neko/internal/http/auth/auth.go

package auth

import (
	"context"
	"net/http"

	"demodesk/neko/internal/types"
	"demodesk/neko/internal/utils"
)

type key int

const (
	keySessionCtx key = iota
)

func SetSession(r *http.Request, session types.Session) *http.Request {
	ctx := context.WithValue(r.Context(), keySessionCtx, session)
	return r.WithContext(ctx)
}

func GetSession(r *http.Request) types.Session {
	return r.Context().Value(keySessionCtx).(types.Session)
}

func AdminsOnly(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session := GetSession(r)
		if !session.Profile().IsAdmin {
			utils.HttpForbidden(w)
		} else {
			next.ServeHTTP(w, r)
		}
	})
}

func HostsOnly(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session := GetSession(r)
		if !session.IsHost() {
			utils.HttpForbidden(w, "Only host can do this.")
		} else {
			next.ServeHTTP(w, r)
		}
	})
}

func HostsOrAdminsOnly(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session := GetSession(r)
		if !session.IsHost() && !session.Profile().IsAdmin {
			utils.HttpForbidden(w, "Only host can do this.")
		} else {
			next.ServeHTTP(w, r)
		}
	})
}

func CanHostOnly(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session := GetSession(r)
		if !session.Profile().CanHost {
			utils.HttpForbidden(w, "Only for sessions, that can host.")
		} else {
			next.ServeHTTP(w, r)
		}
	})
}

func CanWatchOnly(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		session := GetSession(r)
		if !session.Profile().CanWatch {
			utils.HttpForbidden(w, "Only for sessions, that can watch.")
		} else {
			next.ServeHTTP(w, r)
		}
	})
}
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`package auth`

			`import (`
			`"context"`
			`"net/http"`

			`"demodesk/neko/internal/types"`
			`"demodesk/neko/internal/utils"`
			`)`

			`type key int`

			`const (`
lint fix. 2021-01-09 10:41:37 +13:00			`keySessionCtx key = iota`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`)`

			`func SetSession(r http.Request, session types.Session) http.Request {`
			`ctx := context.WithValue(r.Context(), keySessionCtx, session)`
			`return r.WithContext(ctx)`
			`}`

			`func GetSession(r *http.Request) types.Session {`
			`return r.Context().Value(keySessionCtx).(types.Session)`
			`}`

			`func AdminsOnly(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`session := GetSession(r)`
session profile decoupled. 2021-03-14 12:45:51 +13:00			`if !session.Profile().IsAdmin {`
http response name convention. 2020-11-29 03:00:21 +13:00			`utils.HttpForbidden(w)`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`} else {`
			`next.ServeHTTP(w, r)`
			`}`
			`})`
			`}`

			`func HostsOnly(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`session := GetSession(r)`
			`if !session.IsHost() {`
http response name convention. 2020-11-29 03:00:21 +13:00			`utils.HttpForbidden(w, "Only host can do this.")`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`} else {`
			`next.ServeHTTP(w, r)`
			`}`
			`})`
			`}`

			`func HostsOrAdminsOnly(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`session := GetSession(r)`
session profile decoupled. 2021-03-14 12:45:51 +13:00			`if !session.IsHost() && !session.Profile().IsAdmin {`
http response name convention. 2020-11-29 03:00:21 +13:00			`utils.HttpForbidden(w, "Only host can do this.")`
introduce REST API authorization. 2020-11-17 07:37:52 +13:00			`} else {`
			`next.ServeHTTP(w, r)`
			`}`
			`})`
			`}`
add CanHostOnly. 2020-12-30 10:00:28 +13:00
			`func CanHostOnly(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`session := GetSession(r)`
session profile decoupled. 2021-03-14 12:45:51 +13:00			`if !session.Profile().CanHost {`
memberState -> sessionState. 2021-03-14 11:42:16 +13:00			`utils.HttpForbidden(w, "Only for sessions, that can host.")`
add CanHostOnly. 2020-12-30 10:00:28 +13:00			`} else {`
			`next.ServeHTTP(w, r)`
			`}`
			`})`
			`}`
generate screenshot using Xlib. 2021-01-22 08:44:09 +13:00
			`func CanWatchOnly(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`session := GetSession(r)`
session profile decoupled. 2021-03-14 12:45:51 +13:00			`if !session.Profile().CanWatch {`
memberState -> sessionState. 2021-03-14 11:42:16 +13:00			`utils.HttpForbidden(w, "Only for sessions, that can watch.")`
generate screenshot using Xlib. 2021-01-22 08:44:09 +13:00			`} else {`
			`next.ServeHTTP(w, r)`
			`}`
			`})`
			`}`