github
/
alist
mirror of https://github.com/Xhofe/alist
1
0
Fork 0
Code Issues Releases Wiki Activity
alist/server/middlewares/auth.go

63 lines
1.3 KiB
Go
Raw Blame History

package middlewares
import (
"github.com/alist-org/alist/v3/internal/conf"
"github.com/alist-org/alist/v3/internal/db"
"github.com/alist-org/alist/v3/internal/model"
"github.com/alist-org/alist/v3/internal/setting"
"github.com/alist-org/alist/v3/server/common"
"github.com/gin-gonic/gin"
)
// Auth is a middleware that checks if the user is logged in.
// if token is empty, set user to guest
func Auth(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == setting.GetByKey(conf.Token) {
admin, err := db.GetAdmin()
if err != nil {
common.ErrorResp(c, err, 500)
c.Abort()
return
}
c.Set("user", admin)
c.Next()
return
}
if token == "" {
guest, err := db.GetGuest()
if err != nil {
common.ErrorResp(c, err, 500)
c.Abort()
return
}
c.Set("user", guest)
c.Next()
return
}
userClaims, err := common.ParseToken(token)
if err != nil {
common.ErrorResp(c, err, 401)
c.Abort()
return
}
user, err := db.GetUserByName(userClaims.Username)
if err != nil {
common.ErrorResp(c, err, 401)
c.Abort()
return
}
c.Set("user", user)
c.Next()
}
func AuthAdmin(c *gin.Context) {
user := c.MustGet("user").(*model.User)
if !user.IsAdmin() {
common.ErrorStrResp(c, "You are not an admin", 403)
c.Abort()
} else {
c.Next()
}
}
Reference in New Issue View Git Blame Copy Permalink