feat(auth): include is_admin in JWT claims
This commit is contained in:
parent
deccc9d29b
commit
7c7e060d16
|
|
@ -147,6 +147,7 @@ func NewUserJWTAuthtoken(u *user.User, sessionID string) (token string, err erro
|
|||
claims["type"] = AuthTypeUser
|
||||
claims["id"] = u.ID
|
||||
claims["username"] = u.Username
|
||||
claims["is_admin"] = u.IsAdmin
|
||||
claims["exp"] = exp
|
||||
claims["sid"] = sessionID
|
||||
claims["jti"] = uuid.New().String()
|
||||
|
|
|
|||
|
|
@ -500,9 +500,12 @@ func GetUserFromClaims(claims jwt.MapClaims) (user *User, err error) {
|
|||
return nil, err
|
||||
}
|
||||
|
||||
isAdmin, _ := claims["is_admin"].(bool)
|
||||
|
||||
return &User{
|
||||
ID: userID,
|
||||
Username: username,
|
||||
IsAdmin: isAdmin,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,45 @@
|
|||
// Vikunja is a to-do list application to facilitate your life.
|
||||
// Copyright 2018-present Vikunja and contributors. All rights reserved.
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
package user
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestGetUserFromClaims_IsAdmin(t *testing.T) {
|
||||
claims := jwt.MapClaims{
|
||||
"id": float64(1),
|
||||
"username": "u1",
|
||||
"is_admin": true,
|
||||
}
|
||||
u, err := GetUserFromClaims(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, u.IsAdmin)
|
||||
}
|
||||
|
||||
func TestGetUserFromClaims_IsAdminMissing(t *testing.T) {
|
||||
claims := jwt.MapClaims{
|
||||
"id": float64(1),
|
||||
"username": "u1",
|
||||
}
|
||||
u, err := GetUserFromClaims(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.False(t, u.IsAdmin)
|
||||
}
|
||||
Loading…
Reference in New Issue