feat: dynamic user based roles
This commit is contained in:
@ -76,6 +76,12 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var roles = []string{"user"}
|
||||||
|
|
||||||
|
if user.IsAdmin {
|
||||||
|
roles = append(roles, "admin")
|
||||||
|
}
|
||||||
|
|
||||||
claims := types.ApiClaims{
|
claims := types.ApiClaims{
|
||||||
Email: user.Email,
|
Email: user.Email,
|
||||||
// TODO:
|
// TODO:
|
||||||
@ -83,7 +89,7 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
|
|||||||
Name: user.FullName,
|
Name: user.FullName,
|
||||||
Picture: user.ProfilePicture,
|
Picture: user.ProfilePicture,
|
||||||
Nonce: nonce,
|
Nonce: nonce,
|
||||||
Roles: []string{"user", "admin"},
|
Roles: roles,
|
||||||
RegisteredClaims: jwt.RegisteredClaims{
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
Issuer: h.cfg.Jwt.Issuer,
|
Issuer: h.cfg.Jwt.Issuer,
|
||||||
// TODO: use dedicated API id that is in local DB and bind to user there
|
// TODO: use dedicated API id that is in local DB and bind to user there
|
||||||
|
|||||||
Reference in New Issue
Block a user