summaryrefslogtreecommitdiff
path: root/lib/silmataivas_web/plugs
diff options
context:
space:
mode:
Diffstat (limited to 'lib/silmataivas_web/plugs')
-rw-r--r--lib/silmataivas_web/plugs/admin_only.ex8
-rw-r--r--lib/silmataivas_web/plugs/auth.ex20
2 files changed, 28 insertions, 0 deletions
diff --git a/lib/silmataivas_web/plugs/admin_only.ex b/lib/silmataivas_web/plugs/admin_only.ex
new file mode 100644
index 0000000..b3f21dc
--- /dev/null
+++ b/lib/silmataivas_web/plugs/admin_only.ex
@@ -0,0 +1,8 @@
+defmodule SilmataivasWeb.Plugs.AdminOnly do
+ import Plug.Conn
+
+ def init(opts), do: opts
+
+ def call(%{assigns: %{current_user: %{role: "admin"}}} = conn, _opts), do: conn
+ def call(conn, _opts), do: send_resp(conn, 403, "Forbidden") |> halt()
+end
diff --git a/lib/silmataivas_web/plugs/auth.ex b/lib/silmataivas_web/plugs/auth.ex
new file mode 100644
index 0000000..ff5d25b
--- /dev/null
+++ b/lib/silmataivas_web/plugs/auth.ex
@@ -0,0 +1,20 @@
+defmodule SilmataivasWeb.Plugs.Auth do
+ import Plug.Conn
+ alias Silmataivas.Users
+ alias Silmataivas.Repo
+
+ def init(opts), do: opts
+
+ def call(conn, _opts) do
+ with ["Bearer " <> user_id] <- get_req_header(conn, "authorization"),
+ %Users.User{} = user <- Users.get_user_by_user_id(user_id),
+ loaded_user <- Repo.preload(user, :location) do
+ assign(conn, :current_user, loaded_user)
+ else
+ _ ->
+ conn
+ |> send_resp(:unauthorized, "Unauthorized")
+ |> halt()
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-09 03:42:50 +0000