Zoe
770472c30c
Some checks failed
Build and Push Docker Image to GHCR / build-and-push (push) Failing after 2m42s
Switch to all pure go libraries to no longer depends on libc, allowing us to use a static container image. Compress binary using UPX for an addition 7MB
54 lines
1.2 KiB
Go
54 lines
1.2 KiB
Go
package middleware
|
|
|
|
import (
|
|
"database/sql"
|
|
"fmt"
|
|
"log/slog"
|
|
"time"
|
|
|
|
"github.com/gofiber/fiber/v3"
|
|
)
|
|
|
|
type Session struct {
|
|
SessionID string `json:"session_id"`
|
|
ExpiresAt string `json:"expires_at"`
|
|
}
|
|
|
|
func AdminMiddleware(db *sql.DB) func(c fiber.Ctx) error {
|
|
return func(c fiber.Ctx) error {
|
|
sessionToken := c.Cookies("SessionToken")
|
|
if sessionToken == "" {
|
|
return c.Next()
|
|
}
|
|
|
|
// Check if session exists
|
|
var session Session
|
|
err := db.QueryRow(`
|
|
SELECT session_id, expires_at
|
|
FROM sessions
|
|
WHERE session_id = ?
|
|
`, sessionToken).Scan(&session.SessionID, &session.ExpiresAt)
|
|
if err != nil {
|
|
slog.Error("Failed to check session", "error", err)
|
|
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
|
|
"message": fmt.Sprintf("Failed to check session: %v", err),
|
|
})
|
|
}
|
|
|
|
sessionExpiry, err := time.Parse("2006-01-02 15:04:05-07:00", session.ExpiresAt)
|
|
if err != nil {
|
|
slog.Error("Failed to parse session expiry", "error", err)
|
|
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
|
|
"message": fmt.Sprintf("Failed to parse session expiry: %v", err),
|
|
})
|
|
}
|
|
|
|
if sessionExpiry.Before(time.Now()) {
|
|
return c.Next()
|
|
}
|
|
|
|
c.Locals("IsAdmin", true)
|
|
return c.Next()
|
|
}
|
|
}
|