Admin Dashboard, Webdocs, LICENSE, webhook, and ID's update.

2026-02-04 03:05:12 +00:00
parent 890e52af8c
commit 1d0ccca7d1
51 changed files with 1290 additions and 229 deletions
--- a/backend/internal/api/middleware.go
+++ b/backend/internal/api/middleware.go
@@ -5,6 +5,8 @@ import (
 	"strings"

 	"clickploy/internal/auth"
+	"clickploy/internal/db"
+	"clickploy/internal/models"

 	"github.com/gin-gonic/gin"
 )
@@ -31,3 +33,29 @@ func AuthMiddleware() gin.HandlerFunc {
 		c.Next()
 	}
 }
+
+func AdminMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		userID, exists := c.Get("userID")
+		if !exists {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "User not authenticated"})
+			c.Abort()
+			return
+		}
+
+		var user models.User
+		if err := db.DB.Where("id = ?", userID).First(&user).Error; err != nil {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "User not found"})
+			c.Abort()
+			return
+		}
+
+		if !user.IsAdmin {
+			c.JSON(http.StatusForbidden, gin.H{"error": "Admin privileges required"})
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}