home to your local SPACEGIRL 💫 arimelody.space
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

merge 'dev' into feature/auditlogs

+20 -16
+20 -16
api/api.go
··· 38 38 ServeArtist(app, artist).ServeHTTP(w, r) 39 39 case http.MethodPut: 40 40 // PUT /api/v1/artist/{id} (admin) 41 - requireAccount(app, UpdateArtist(app, artist)).ServeHTTP(w, r) 41 + requireAccount(UpdateArtist(app, artist)).ServeHTTP(w, r) 42 42 case http.MethodDelete: 43 43 // DELETE /api/v1/artist/{id} (admin) 44 - requireAccount(app, DeleteArtist(app, artist)).ServeHTTP(w, r) 44 + requireAccount(DeleteArtist(app, artist)).ServeHTTP(w, r) 45 45 default: 46 46 http.NotFound(w, r) 47 47 } ··· 53 53 ServeAllArtists(app).ServeHTTP(w, r) 54 54 case http.MethodPost: 55 55 // POST /api/v1/artist (admin) 56 - requireAccount(app, CreateArtist(app)).ServeHTTP(w, r) 56 + requireAccount(CreateArtist(app)).ServeHTTP(w, r) 57 57 default: 58 58 http.NotFound(w, r) 59 59 } ··· 80 80 ServeRelease(app, release).ServeHTTP(w, r) 81 81 case http.MethodPut: 82 82 // PUT /api/v1/music/{id} (admin) 83 - requireAccount(app, UpdateRelease(app, release)).ServeHTTP(w, r) 83 + requireAccount(UpdateRelease(app, release)).ServeHTTP(w, r) 84 84 case http.MethodDelete: 85 85 // DELETE /api/v1/music/{id} (admin) 86 - requireAccount(app, DeleteRelease(app, release)).ServeHTTP(w, r) 86 + requireAccount(DeleteRelease(app, release)).ServeHTTP(w, r) 87 87 default: 88 88 http.NotFound(w, r) 89 89 } ··· 95 95 ServeCatalog(app).ServeHTTP(w, r) 96 96 case http.MethodPost: 97 97 // POST /api/v1/music (admin) 98 - requireAccount(app, CreateRelease(app)).ServeHTTP(w, r) 98 + requireAccount(CreateRelease(app)).ServeHTTP(w, r) 99 99 default: 100 100 http.NotFound(w, r) 101 101 } ··· 119 119 switch r.Method { 120 120 case http.MethodGet: 121 121 // GET /api/v1/track/{id} (admin) 122 - requireAccount(app, ServeTrack(app, track)).ServeHTTP(w, r) 122 + requireAccount(ServeTrack(app, track)).ServeHTTP(w, r) 123 123 case http.MethodPut: 124 124 // PUT /api/v1/track/{id} (admin) 125 - requireAccount(app, UpdateTrack(app, track)).ServeHTTP(w, r) 125 + requireAccount(UpdateTrack(app, track)).ServeHTTP(w, r) 126 126 case http.MethodDelete: 127 127 // DELETE /api/v1/track/{id} (admin) 128 - requireAccount(app, DeleteTrack(app, track)).ServeHTTP(w, r) 128 + requireAccount(DeleteTrack(app, track)).ServeHTTP(w, r) 129 129 default: 130 130 http.NotFound(w, r) 131 131 } ··· 134 134 switch r.Method { 135 135 case http.MethodGet: 136 136 // GET /api/v1/track (admin) 137 - requireAccount(app, ServeAllTracks(app)).ServeHTTP(w, r) 137 + requireAccount(ServeAllTracks(app)).ServeHTTP(w, r) 138 138 case http.MethodPost: 139 139 // POST /api/v1/track (admin) 140 - requireAccount(app, CreateTrack(app)).ServeHTTP(w, r) 140 + requireAccount(CreateTrack(app)).ServeHTTP(w, r) 141 141 default: 142 142 http.NotFound(w, r) 143 143 } 144 144 })) 145 145 146 - return mux 147 - } 148 - 149 - func requireAccount(app *model.AppState, next http.Handler) http.Handler { 150 146 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 151 147 session, err := getSession(app, r) 152 148 if err != nil { ··· 154 150 http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) 155 151 return 156 152 } 157 - if session.Account == nil { 153 + ctx := context.WithValue(r.Context(), "session", session) 154 + mux.ServeHTTP(w, r.WithContext(ctx)) 155 + }) 156 + } 157 + 158 + func requireAccount(next http.Handler) http.Handler { 159 + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 160 + session := r.Context().Value("session").(*model.Session) 161 + if session == nil || session.Account == nil { 158 162 http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) 159 163 return 160 164 }