You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.2 KiB
48 lines
1.2 KiB
package models
|
|
|
|
// A Token contains the parsed results from an bearer token. Its methods are safe to use with a nil receiver, but
|
|
// the userID should be checked.
|
|
type Token struct {
|
|
UserID string
|
|
Permissions []string
|
|
}
|
|
|
|
// Authenticated returns true if the token is non-nil and parsed
|
|
func (token *Token) Authenticated() bool {
|
|
return token != nil && token.UserID != ""
|
|
}
|
|
|
|
// Permitted returns true if the token is non-nil and has the given permission or the "admin" permission
|
|
func (token *Token) Permitted(permissions ...string) bool {
|
|
if token == nil {
|
|
return false
|
|
}
|
|
|
|
for _, tokenPermission := range token.Permissions {
|
|
if tokenPermission == "admin" {
|
|
return true
|
|
}
|
|
|
|
for _, permission := range permissions {
|
|
if permission == tokenPermission {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// PermittedUser checks the first permission if the user matches, the second otherwise. This is a common
|
|
// pattern.
|
|
func (token *Token) PermittedUser(userID, permissionIfUser, permissionOtherwise string) bool {
|
|
if token == nil {
|
|
return false
|
|
}
|
|
|
|
if token.UserID == userID {
|
|
return token.Permitted(permissionIfUser)
|
|
}
|
|
|
|
return token.Permitted(permissionOtherwise)
|
|
}
|