feat: implement access control using casbin (#806)

* feat: implement access control using casbin Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * chore: sort imports Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: remove Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * Update auth.go Co-authored-by: Gucheng <85475922+nomeguy@users.noreply.github.com>
2025-07-02 03:00:18 +08:00 · 2022-07-13 00:34:35 +08:00
parent de49a45e19
commit 2bca424370
5 changed files with 159 additions and 1 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -50,6 +50,17 @@ func tokenToResponse(token *object.Token) *Response {
 // HandleLoggedIn ...
 func (c *ApiController) HandleLoggedIn(application *object.Application, user *object.User, form *RequestForm) (resp *Response) {
 	userId := user.GetId()
+
+	allowed, err := object.CheckPermission(userId, application)
+	if err != nil {
+		c.ResponseError(err.Error(), nil)
+		return
+	}
+	if !allowed {
+		c.ResponseError("Unauthorized operation")
+		return
+	}
+
 	if form.Type == ResponseTypeLogin {
 		c.SetSessionUsername(userId)
 		util.LogInfo(c.Ctx, "API: [%s] signed in", userId)