Skip to content

auth with role problem #230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ghost opened this issue Aug 4, 2020 · 2 comments
Open

auth with role problem #230

ghost opened this issue Aug 4, 2020 · 2 comments

Comments

@ghost
Copy link

ghost commented Aug 4, 2020

Hi,

Hope you are all well !

How can I restrict the access to the admin path to only users with the "Admin" role set in the database ?

I tried with qor-example and anybody can have access to the admin dashboard with a confirmed account.
Also, I noticed that new accounts have an empty role when they create a new account. How to set it while submitting the registration form ?

Is it possible to fix the demo ? Or is there a parameter to add somewhere to check the user's role ?

Thanks in advance for your replies and insights about these questions.

Have a nice day !

Cheers,
X
@lutfuahmet
Copy link

You can use middleware.

Admin.GetRouter().Use(&admin.Middleware{
		Name: "restrict",
		Handler: func(context *admin.Context, middleware *admin.Middleware) {

		        if currentUser,ok := ctx.CurrentUser.(*models.User);!ok || currentUser.Role != "Admin" {
			        http.Redirect(ctx.Writer, ctx.Request, "/", 302)
                                 return
		        }

			middleware.Next(context)
		},
	})

@ghost
Copy link
Author

ghost commented Oct 24, 2020

Awesome, thanks @lutfuahmet :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lutfuahmet