From 9a1ef00618554425d63d30e8f5b0d133d1244b8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?B=C3=A1lint=20R=C3=A9thelyi?= <rethelyibalint@gmail.com> Date: Wed, 25 Aug 2021 22:21:03 +0200 Subject: [PATCH] add admin middleware --- admin/admin.go | 23 ++++++++++++++++++++--- k8s/apply.sh | 1 + k8s/values.yaml | 2 +- main.go | 2 +- 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/admin/admin.go b/admin/admin.go index 7e03783..7634ef5 100644 --- a/admin/admin.go +++ b/admin/admin.go @@ -10,7 +10,8 @@ import ( var adminTemplate *template.Template var balanceTemplate *template.Template -var Router = http.NewServeMux() +var router = http.NewServeMux() +var Handler = adminMW(router) type Between struct { User *homepage.User @@ -35,14 +36,30 @@ func init() { panic(err) } - Router.HandleFunc("/balance/", balance) - Router.HandleFunc("/", handler) + router.HandleFunc("/balance/", balance) + router.HandleFunc("/", handler) +} + +func adminMW(h http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + admin, err := homepage.GetUserInfoBySession(r) + if err != nil { + helpers.Logger.Println(err) + return + } + if admin.IsAdmin { + h.ServeHTTP(w, r) + } else { + w.WriteHeader(http.StatusForbidden) + } + }) } func handler(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodGet { admin, err := homepage.GetUserInfoBySession(r) if err != nil { + helpers.Logger.Println(err) return } er := adminTemplate.Execute(w, admin) diff --git a/k8s/apply.sh b/k8s/apply.sh index 71da4ca..19d0aea 100755 --- a/k8s/apply.sh +++ b/k8s/apply.sh @@ -5,3 +5,4 @@ source secret.env set +o allexport envsubst < values.yaml | helm upgrade --install --wait becskasszasch . -n apps --values - + diff --git a/k8s/values.yaml b/k8s/values.yaml index 2a23e46..5225ef6 100644 --- a/k8s/values.yaml +++ b/k8s/values.yaml @@ -7,5 +7,5 @@ POSTGRES: "${POSTGRES}" POSTGRES_PASS: "${POSTGRES_PASS}" POSTGRES_USER: "${POSTGRES_USER}" POSTGRES_DB: "${POSTGRES_DB}" -Tag: "v1.6.2" +Tag: "v1.6.3" REGISTRY_CONF: "${REGISTRY_CONF}" diff --git a/main.go b/main.go index ab4e2b1..1250afe 100644 --- a/main.go +++ b/main.go @@ -38,7 +38,7 @@ func main() { //mux.HandleFunc("/topup/api/", topup.PayPalHandler) mux.Handle("/metrics", promhttp.Handler()) mux.Handle("/metrics/", promhttp.Handler()) - mux.Handle("/admin/", http.StripPrefix("/admin", admin.Router)) + mux.Handle("/admin/", http.StripPrefix("/admin", admin.Handler)) mux.HandleFunc("/history/", history.Handler) mux.HandleFunc("/", homepage.Handler) //mux.HandleFunc("/new/", homepage.NewHandler) -- GitLab