diff options
author | Gabriel A. Giovanini <mail@gabrielgio.me> | 2024-12-12 15:05:26 +0100 |
---|---|---|
committer | Gabriel A. Giovanini <mail@gabrielgio.me> | 2024-12-12 15:05:26 +0100 |
commit | fa7b51a709413a214fbd5157fe0f32138a889f0d (patch) | |
tree | 81fe7ab4e63ffc90d0392a17fadd7a79d893c95b /pkg/ext/auth.go | |
parent | 1059bc71871c14b813b0bb27b4601e2c2ac65acd (diff) | |
download | cerrado-fa7b51a709413a214fbd5157fe0f32138a889f0d.tar.gz cerrado-fa7b51a709413a214fbd5157fe0f32138a889f0d.tar.bz2 cerrado-fa7b51a709413a214fbd5157fe0f32138a889f0d.zip |
feat: Filter private repository from the UIv0.0.17
Now the whole application takes public into account.
Diffstat (limited to 'pkg/ext/auth.go')
-rw-r--r-- | pkg/ext/auth.go | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/pkg/ext/auth.go b/pkg/ext/auth.go index 304f4ad..5c3070e 100644 --- a/pkg/ext/auth.go +++ b/pkg/ext/auth.go @@ -6,6 +6,8 @@ import ( "errors" "log/slog" "net/http" + + serverconfig "git.gabrielgio.me/cerrado/pkg/config" ) type authService interface { @@ -20,6 +22,25 @@ func DisableAuthentication(next http.HandlerFunc) http.HandlerFunc { } } +func VerifyRespository( + config *serverconfig.ConfigurationRepository, +) func(next http.HandlerFunc) http.HandlerFunc { + return func(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + name := r.PathValue("name") + if name != "" { + repo := config.GetByName(name) + if repo != nil && !repo.Public && !IsLoggedIn(r.Context()) { + NotFound(w, r) + return + } + } + + next(w, r) + } + } +} + func Authenticate(auth authService) func(next http.HandlerFunc) http.HandlerFunc { return func(next http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { @@ -28,6 +49,7 @@ func Authenticate(auth authService) func(next http.HandlerFunc) http.HandlerFunc if !errors.Is(err, http.ErrNoCookie) { slog.Error("Error loading cookie", "error", err) } + next(w, r) return } @@ -47,10 +69,15 @@ func Authenticate(auth authService) func(next http.HandlerFunc) http.HandlerFunc } ctx := r.Context() - ctx = context.WithValue(ctx, "logged", true) + ctx = context.WithValue(ctx, "logged", valid) slog.Info("Validated token", "valid?", valid) next(w, r.WithContext(ctx)) } } } + +func IsLoggedIn(ctx context.Context) bool { + t, ok := ctx.Value("logged").(bool) + return ok && t +} |