Use gin-gonic instead of httprouter
This commit is contained in:
parent
7c719d9fd5
commit
a203cdc36a
22 changed files with 1668 additions and 1392 deletions
94
api.go
Normal file
94
api.go
Normal file
|
|
@ -0,0 +1,94 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"net/http"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
func declareAPIRoutes(router *gin.Engine) {
|
||||
apiRoutes := router.Group("/api")
|
||||
apiRoutes.Use(authMiddleware())
|
||||
|
||||
declareAPIAuthRoutes(apiRoutes)
|
||||
declareAPISurveysRoutes(apiRoutes)
|
||||
declareAPIWorksRoutes(apiRoutes)
|
||||
|
||||
apiAuthRoutes := router.Group("/api")
|
||||
apiAuthRoutes.Use(authMiddleware(loggedUser))
|
||||
|
||||
declareAPIAuthAsksRoutes(apiAuthRoutes)
|
||||
declareAPIAuthQuestionsRoutes(apiAuthRoutes)
|
||||
declareAPIAuthHelpRoutes(apiAuthRoutes)
|
||||
declareAPIAuthSurveysRoutes(apiAuthRoutes)
|
||||
declareAPIAuthUsersRoutes(apiAuthRoutes)
|
||||
declareAPIAuthWorksRoutes(apiAuthRoutes)
|
||||
|
||||
apiAdminRoutes := router.Group("/api")
|
||||
apiAdminRoutes.Use(authMiddleware(adminRestricted))
|
||||
|
||||
declareAPIAdminAsksRoutes(apiAdminRoutes)
|
||||
declareAPIAuthGradesRoutes(apiAdminRoutes)
|
||||
declareAPIAdminHelpRoutes(apiAdminRoutes)
|
||||
declareAPIAdminQuestionsRoutes(apiAdminRoutes)
|
||||
declareAPIAdminSurveysRoutes(apiAdminRoutes)
|
||||
declareAPIAdminUsersRoutes(apiAdminRoutes)
|
||||
declareAPIAdminWorksRoutes(apiAdminRoutes)
|
||||
}
|
||||
|
||||
func loggedUser(u *User, c *gin.Context) bool {
|
||||
if u != nil {
|
||||
return true
|
||||
}
|
||||
|
||||
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Permission Denied"})
|
||||
return false
|
||||
}
|
||||
|
||||
func adminRestricted(u *User, c *gin.Context) bool {
|
||||
if u != nil && u.IsAdmin {
|
||||
return true
|
||||
}
|
||||
|
||||
c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Permission Denied"})
|
||||
return false
|
||||
}
|
||||
|
||||
func authMiddleware(access ...func(*User, *gin.Context) bool) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
var user *User = nil
|
||||
if cookie, err := c.Request.Cookie("auth"); err == nil {
|
||||
if sessionid, err := base64.StdEncoding.DecodeString(cookie.Value); err != nil {
|
||||
eraseCookie(c)
|
||||
c.AbortWithStatusJSON(http.StatusNotAcceptable, gin.H{"errmsg": err.Error()})
|
||||
return
|
||||
} else if session, err := getSession(sessionid); err != nil {
|
||||
eraseCookie(c)
|
||||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"errmsg": err.Error()})
|
||||
return
|
||||
} else if session.IdUser == nil {
|
||||
user = nil
|
||||
} else if std, err := getUser(int(*session.IdUser)); err != nil {
|
||||
eraseCookie(c)
|
||||
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"errmsg": err.Error()})
|
||||
return
|
||||
} else {
|
||||
user = std
|
||||
}
|
||||
}
|
||||
|
||||
// Check access limitation
|
||||
for _, a := range access {
|
||||
if !a(user, c) {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// Retrieve corresponding user
|
||||
c.Set("LoggedUser", user)
|
||||
|
||||
// We are now ready to continue
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
Reference in a new issue