Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2025-11-03 23:56:18 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

validate user in session (#32)

Browse Source
This commit is contained in:
Christoph Haas
2021-07-30 13:56:21 +02:00
parent fbc0b26631
commit 57b57931b2
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
internal/server/handlers_common.go
View File

@@ -192,3 +192,10 @@ func (s *Server) setFormInSession(c *gin.Context, formData interface{}) (Session
return currentSession, nil return currentSession, nil
} }
func (s *Server) isUserStillValid(email string) bool {
if s.users.GetUser(email) == nil {
return false
}
return true
}

8
internal/server/routes.go
View File

@@ -141,6 +141,14 @@ func (s *Server) RequireAuthentication(scope string) gin.HandlerFunc {
return return
} }
// Check if logged-in user is still valid
if !s.isUserStillValid(session.Email) {
_ = DestroySessionData(c)
c.Abort()
s.GetHandleError(c, http.StatusUnauthorized, "unauthorized", "session no longer available")
return
}
// Continue down the chain to handler etc // Continue down the chain to handler etc
c.Next() c.Next()
} }