From ae10e121875982d6956d6bff453544cc59a75616 Mon Sep 17 00:00:00 2001
From: Gabriel Arakaki Giovanini <mail@gabrielgio.me>
Date: Tue, 12 Sep 2023 18:37:30 +0200
Subject: feat: Add admin control

Now only admins can access settings.
---
 pkg/view/view.go | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'pkg/view/view.go')

diff --git a/pkg/view/view.go b/pkg/view/view.go
index 663738b..f8dfa16 100644
--- a/pkg/view/view.go
+++ b/pkg/view/view.go
@@ -1,7 +1,22 @@
 package view
 
-import "git.sr.ht/~gabrielgio/img/pkg/ext"
+import (
+	"net/http"
+
+	"git.sr.ht/~gabrielgio/img/pkg/ext"
+)
 
 type View interface {
 	SetMyselfIn(r *ext.Router)
 }
+
+func Protect(next ext.ErrorRequestHandler) ext.ErrorRequestHandler {
+	return func(w http.ResponseWriter, r *http.Request) error {
+		user := ext.GetUserFromCtx(r)
+		if !user.IsAdmin {
+			http.NotFound(w, r)
+			return nil
+		}
+		return next(w, r)
+	}
+}
-- 
cgit v1.2.3