From a6be7e929aad2bdebe0fe9b7ccde64a1d38e6a44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= Date: Sun, 22 Oct 2023 22:18:38 +0200 Subject: [PATCH] Require admin to create users --- Dockerfile | 1 + go.mod | 2 ++ server/server.go | 6 +++++- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 67d787b..6fabc67 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ FROM golang:alpine as build +RUN apk add --no-cache git WORKDIR /app COPY go.sum /app/go.sum COPY go.mod /app/go.mod diff --git a/go.mod b/go.mod index c773ded..5d216f0 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,8 @@ require ( ) require ( + git.t-juice.club/microfilm/auth v0.1.1 // indirect + github.com/golang-jwt/jwt/v5 v5.0.0 // indirect github.com/klauspost/compress v1.17.0 // indirect github.com/nats-io/nkeys v0.4.5 // indirect github.com/nats-io/nuid v1.0.1 // indirect diff --git a/server/server.go b/server/server.go index 54fd97f..798d4f9 100644 --- a/server/server.go +++ b/server/server.go @@ -8,6 +8,8 @@ import ( "net/http" "os" + "git.t-juice.club/microfilm/auth" + "git.t-juice.club/microfilm/auth/authmw" "git.t-juice.club/microfilm/users" "git.t-juice.club/microfilm/users/store" "github.com/go-chi/chi/v5" @@ -34,8 +36,10 @@ func NewServer(config *Config) (*UserServer, error) { r.Use(srv.MiddlewareLogging) + verifyAdmin := authmw.VerifyToken("http://mf-auth:8082", []string{auth.RoleAdmin}) + r.Get("/info", InfoHandler) - r.Post("/", srv.CreateUserHandler) + r.With(verifyAdmin).Post("/", srv.CreateUserHandler) r.Post("/{identifier}/password", srv.SetPasswordHandler) r.Post("/{identifier}/verify", srv.VerifyHandler)