mirror of
https://github.com/Luzifer/twitch-bot.git
synced 2024-12-30 00:21:16 +00:00
45 lines
1.2 KiB
Go
45 lines
1.2 KiB
Go
package main
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/Luzifer/go_helpers/v2/str"
|
|
"github.com/Luzifer/twitch-bot/v3/pkg/twitch"
|
|
)
|
|
|
|
func getAuthorizationFromRequest(r *http.Request) (string, *twitch.Client, error) {
|
|
token := r.Header.Get("Authorization")
|
|
if token == "" {
|
|
return "", nil, errors.New("no authorization provided")
|
|
}
|
|
|
|
tc := twitch.New(cfg.TwitchClient, cfg.TwitchClientSecret, token, "")
|
|
|
|
_, user, err := tc.GetAuthorizedUser()
|
|
return user, tc, errors.Wrap(err, "getting authorized user")
|
|
}
|
|
|
|
func botEditorAuthMiddleware(h http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
user, tc, err := getAuthorizationFromRequest(r)
|
|
if err != nil {
|
|
http.Error(w, errors.Wrap(err, "getting authorized user").Error(), http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
id, err := tc.GetIDForUsername(user)
|
|
if err != nil {
|
|
http.Error(w, errors.Wrap(err, "getting ID for authorized user").Error(), http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
if !str.StringInSlice(user, config.BotEditors) && !str.StringInSlice(id, config.BotEditors) {
|
|
http.Error(w, "user is not authorized", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
h.ServeHTTP(w, r)
|
|
})
|
|
}
|