Hugging Face's logo

Spaces:
lifedebugger
/
quzuu-api-dev-v2
Runtime error

App Files Community
quzuu-api-dev-v2
File size: 2,725 Bytes
32ac45b
 
 
b55a115
 
32ac45b
 
 
 
 
 
 
 
 
b55a115
 
32ac45b
 
 
b55a115
32ac45b
 
b55a115
32ac45b
 
b55a115
32ac45b
 
 
 
 
 
 
b55a115
32ac45b
 
 
 
 
 
 
 
 
 
 
 
 
 
b55a115
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package middleware

import (
	"strings"

	http_error "abdanhafidz.com/go-boilerplate/models/error"
	"abdanhafidz.com/go-boilerplate/services"
	utils "abdanhafidz.com/go-boilerplate/utils"
	"github.com/gin-gonic/gin"
	"github.com/google/uuid"
)

type AuthorizationMiddleware interface {
	AuthorizeUserToEvent(ctx *gin.Context)
	VerifyAdmin(ctx *gin.Context)
	VerifySuperAdmin(ctx *gin.Context)
}
type authorizationMiddleware struct {
	eventService services.EventService
	jwtService   services.JWTService
}

func NewAuthorizationMiddleware(eventService services.EventService, jwtService services.JWTService) AuthorizationMiddleware {
	return &authorizationMiddleware{
		eventService: eventService,
		jwtService:   jwtService,
	}
}

func (m *authorizationMiddleware) AuthorizeUserToEvent(c *gin.Context) {
	eventSlug := c.Param("slug")
	accountId, exists := c.Get("account_id")
	if !exists {
		utils.ResponseFAILED(c, eventSlug, http_error.NOT_FOUND_ERROR)
		c.Abort()
		return
	}

	err := m.eventService.AuthorizeUserToEvent(c.Request.Context(), eventSlug, accountId.(uuid.UUID))

	if err != nil {
		utils.ResponseFAILED(c, eventSlug, err)
		c.Abort()
		return
	}

	c.Next()
}

func (m *authorizationMiddleware) VerifyAdmin(c *gin.Context) {
	authHeader := c.GetHeader("Authorization")
	if authHeader == "" {
		utils.ResponseFAILED(c, "Authorization header missing", http_error.UNAUTHORIZED)
		c.Abort()
		return
	}

	tokenString := strings.Split(authHeader, " ")[1]
	claims, err := m.jwtService.ValidateToken(c.Request.Context(), tokenString)
	if err != nil {
		utils.ResponseFAILED(c, "Invalid token", http_error.UNAUTHORIZED)
		c.Abort()
		return
	}

	if claims.Role != "admin" && claims.Role != "super_admin" {
		utils.ResponseFAILED(c, "Forbidden: Admin access required", http_error.FORBIDDEN_ERROR)
		c.Abort()
		return
	}

	c.Set("role", claims.Role)
	c.Set("account_id", claims.AccountId)
	c.Next()
}

func (m *authorizationMiddleware) VerifySuperAdmin(c *gin.Context) {
	authHeader := c.GetHeader("Authorization")
	if authHeader == "" {
		utils.ResponseFAILED(c, "Authorization header missing", http_error.UNAUTHORIZED)
		c.Abort()
		return
	}

	tokenString := strings.Split(authHeader, " ")[1]
	claims, err := m.jwtService.ValidateToken(c.Request.Context(), tokenString)
	if err != nil {
		utils.ResponseFAILED(c, "Invalid token", http_error.UNAUTHORIZED)
		c.Abort()
		return
	}

	if claims.Role != "super_admin" {
		utils.ResponseFAILED(c, "Forbidden: Superadmin access required", http_error.FORBIDDEN_ERROR)
		c.Abort()
		return
	}

	c.Set("role", claims.Role)
	c.Set("account_id", claims.AccountId)
	c.Next()
}