rnsrk/wisski-cloud-distillery
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improvements for tokens

Browse source
This commit is contained in:
Tom 2023-06-29 08:59:19 +02:00
parent effa79aacd
commit 8ccd490bed
15 changed files with 34 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

10
internal/dis/component/auth/scopes/admin.go
View file

@ -19,19 +19,19 @@ var (
)
const (
ScopeAdminLoggedIn Scope = "login.admin"
ScopeUserAdmin Scope = "user.admin"
)
func (*AdminLoggedIn) Scope() component.ScopeInfo {
return component.ScopeInfo{
Scope: ScopeAdminLoggedIn,
Description: "session has a signed in admin",
DeniedMessage: "user must be signed into an admin account with TOTP enabled",
Scope: ScopeUserAdmin,
Description: "session must have a valid admin",
DeniedMessage: "user must have an admin account with TOTP enabled",
TakesParam: false,
}
}
func (al *AdminLoggedIn) HasScope(param string, r *http.Request) (bool, error) {
user, _, err := al.Dependencies.Auth.SessionOf(r)
_, user, err := al.Dependencies.Auth.SessionOf(r)
return user != nil && user.IsAdmin() && user.IsTOTPEnabled(), err
}

8
internal/dis/component/auth/scopes/user.go
View file

@ -19,18 +19,18 @@ var (
)
const (
ScopeUserLoggedIn Scope = "login.user"
ScopeUserValid Scope = "user.valid"
)
func (*UserLoggedIn) Scope() component.ScopeInfo {
return component.ScopeInfo{
Scope: ScopeUserLoggedIn,
Description: "session has an associated user",
Scope: ScopeUserValid,
Description: "session must have a valid user",
TakesParam: false,
}
}
func (iu *UserLoggedIn) HasScope(param string, r *http.Request) (bool, error) {
user, _, err := iu.Dependencies.Auth.SessionOf(r)
_, user, err := iu.Dependencies.Auth.SessionOf(r)
return user != nil, err
}