-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
80 lines (65 loc) · 1.63 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package main
import (
"errors"
"net/http"
)
var (
ErrUnauthorized = errors.New("unauthorized")
)
type User[T any] interface {
GetID() T
}
type RoleChecker[T any] interface {
UserInRole(user User[T]) (bool, error)
}
type ErrorHandler func(err error, w http.ResponseWriter, r *http.Request)
func DefaultErrorHandler(err error, w http.ResponseWriter, r *http.Request) {
http.Error(w, "", http.StatusUnauthorized)
}
type RequestUserProvider[T any] interface {
GetUser(r *http.Request) (User[T], error)
}
type Middleware[T any] struct {
errorHandler ErrorHandler
handler http.Handler
roleChecker RoleChecker[T]
requestUserProvider RequestUserProvider[T]
}
func NewMiddleware[T any](
roleChecker RoleChecker[T],
handlerToWrap http.Handler,
requestUserProvider RequestUserProvider[T],
) *Middleware[T] {
return &Middleware[T]{
handler: handlerToWrap,
roleChecker: roleChecker,
requestUserProvider: requestUserProvider,
}
}
func (m *Middleware[T]) ServeHTTP(w http.ResponseWriter, r *http.Request) {
user, err := m.requestUserProvider.GetUser(r)
if err != nil {
m.handleError(err, w, r)
return
}
hasAccess, err := m.roleChecker.UserInRole(user)
if err != nil {
m.handleError(err, w, r)
return
}
if !hasAccess {
m.handleError(ErrUnauthorized, w, r)
return
}
m.handler.ServeHTTP(w, r)
}
func (m *Middleware[T]) SetErrorHandler(handler ErrorHandler) {
m.errorHandler = handler
}
func (m *Middleware[T]) handleError(err error, w http.ResponseWriter, r *http.Request) {
if m.errorHandler != nil {
m.errorHandler(err, w, r)
} else {
DefaultErrorHandler(err, w, r)
}
}