Add admin user, and an option to add a user admin on startup

2026-04-28 19:50:35 +02:00
parent d5281e7d57
commit ff8604eac1
11 changed files with 144 additions and 52 deletions
--- a/internal/routes/appinfo.go
+++ b/internal/routes/appinfo.go
@@ -5,12 +5,24 @@ import (

 	"git.artlef.fr/bibliomane/internal/appcontext"
 	"git.artlef.fr/bibliomane/internal/dto"
+	"git.artlef.fr/bibliomane/internal/myvalidator"
 )

 func GetAppInfo(ac appcontext.AppContext) {
+	admin := false
+	_, userIsInContext := ac.C.Get("user")
+	if userIsInContext {
+		user, err := ac.GetAuthenticatedUser()
+		if err != nil {
+			myvalidator.ReturnErrorsAsJsonResponse(&ac, err)
+			return
+		}
+		admin = user.Admin
+	}
 	ac.C.JSON(http.StatusOK, dto.AppInfo{
 		RegistrationDisabled: ac.Config.DisableRegistration,
 		DemoMode:             ac.Config.DemoMode,
 		DemoUsername:         ac.Config.DemoUsername,
+		Admin:                admin,
 	})
 }
--- a/internal/routes/userlogin.go
+++ b/internal/routes/userlogin.go
@@ -12,12 +12,12 @@ import (
 	"git.artlef.fr/bibliomane/internal/myvalidator"
 	"github.com/gin-gonic/gin"
 	"golang.org/x/crypto/bcrypt"
-	"gorm.io/gorm"
 )

 func PostLoginHandler(ac appcontext.AppContext) {

 	var username string
+	admin := false

 	if !ac.Config.DemoMode {
 		var user dto.UserLogin
@@ -26,19 +26,23 @@ func PostLoginHandler(ac appcontext.AppContext) {
 			myvalidator.ReturnErrorsAsJsonResponse(&ac, err)
 			return
 		}
+		var userDb model.User
+		ac.Db.Where("name = ?", user.Username).First(&userDb)

-		if !ac.Config.DemoMode && !isUserAndPasswordOk(ac.Db, user.Username, user.Password) {
+		if !ac.Config.DemoMode &&
+			bcrypt.CompareHashAndPassword([]byte(userDb.Password), []byte(user.Password)) != nil {
 			ac.C.JSON(http.StatusUnauthorized,
 				gin.H{"error": i18nresource.GetTranslatedMessage(&ac, "InvalidCredentials")})
 			return
 		}
 		username = user.Username
+		admin = userDb.Admin
 	} else {
 		username = ac.Config.DemoUsername
 	}

 	var jwtToken string
-	jwtToken, err := jwtauth.GenerateJwtToken(username)
+	jwtToken, err := jwtauth.GenerateJwtToken(username, admin)
 	if err != nil {
 		ac.C.JSON(http.StatusUnauthorized,
 			gin.H{"error": fmt.Errorf("Error when generating JWT token: %w", err)})
@@ -46,10 +50,3 @@ func PostLoginHandler(ac appcontext.AppContext) {
 	}
 	ac.C.JSON(http.StatusOK, gin.H{"message": i18nresource.GetTranslatedMessage(&ac, "AuthenticationSuccess"), "token": jwtToken})
 }
-
-func isUserAndPasswordOk(db *gorm.DB, username string, password string) bool {
-	var user model.User
-	db.Where("name = ?", username).First(&user)
-	err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
-	return err == nil
-}