camper/pkg/auth/user.go

47 lines
859 B
Go

/*
* SPDX-FileCopyrightText: 2023 jordi fita mas <jfita@peritasoft.com>
* SPDX-License-Identifier: AGPL-3.0-only
*/
package auth
import (
"errors"
"net/http"
"golang.org/x/text/language"
"dev.tandem.ws/tandem/camper/pkg/locale"
)
const (
CSRFTokenField = "csrf_token"
CSRFTokenHeader = "X-CSRFToken"
)
type User struct {
ID int
Email string
LoggedIn bool
Role string
Language language.Tag
CSRFToken string
Locale *locale.Locale
}
func (user *User) VerifyCSRFToken(r *http.Request) error {
token := r.Header.Get(CSRFTokenHeader)
if token == "" {
token = r.FormValue(CSRFTokenField)
}
if user.CSRFToken == token {
return nil
}
return errors.New(user.Locale.Gettext("Cross-site request forgery detected."))
}
func (user *User) IsEmployee() bool {
role := user.Role[0]
return role == 'e' || role == 'a'
}