FreePad/lib/controllers/controllers_admin.go

63 lines
1.2 KiB
Go
Raw Permalink Normal View History

package controllers
import (
2022-06-03 22:56:25 +03:00
"crypto/sha512"
"encoding/hex"
"fmt"
2022-06-03 22:56:25 +03:00
"net/http"
2022-06-03 22:56:25 +03:00
"github.com/JustKato/FreePad/lib/helper"
"github.com/gin-gonic/gin"
)
func AdminMiddleware(router *gin.RouterGroup) {
// Handl
router.Use(func(ctx *gin.Context) {
// Check which route we are accessing
fmt.Println(`Accesing: `, ctx.Request.RequestURI)
2022-06-03 22:56:25 +03:00
// Check if the request is other than the login request
if ctx.Request.RequestURI != "/admin/login" {
// Check if the user is logged-in
fmt.Println(`Checking if admin`)
if !IsAdmin(ctx) {
// Not an admin, redirect to homepage
ctx.Redirect(http.StatusTemporaryRedirect, "/")
ctx.Abort()
fmt.Println(`Not an admin!`)
return
}
}
})
}
2022-06-03 22:56:25 +03:00
func IsAdmin(ctx *gin.Context) bool {
adminToken, err := ctx.Cookie("admin_token")
if err != nil {
return false
}
// Encode the real token
sha512Hasher := sha512.New()
sha512Hasher.Write([]byte(helper.GetAdminToken()))
hashHexToken := sha512Hasher.Sum(nil)
trueToken := hex.EncodeToString(hashHexToken)
// Check if the user's admin token matches the token
if adminToken != "" && adminToken == trueToken {
// Yep, it's the admin!
return true
}
// Definitely not an admin
return false
}