func (fn AdminRequiredHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { setVersionHeaders(w) defer func() { if r.Body != nil { r.Body.Close() } }() fw := io.FlushingWriter{ResponseWriter: w} header := r.Header.Get("Authorization") if header == "" { http.Error(&fw, "You must provide the Authorization header", http.StatusUnauthorized) } else if t, err := auth.GetToken(header); err != nil { http.Error(&fw, "Invalid token", http.StatusUnauthorized) } else if user, err := t.User(); err != nil || !user.IsAdmin() { http.Error(&fw, "Forbidden", http.StatusForbidden) } else if err = fn(&fw, r, t); err != nil { code := http.StatusInternalServerError if e, ok := err.(*errors.HTTP); ok { code = e.Code } if fw.Wrote() { fmt.Fprintln(&fw, err) } else { http.Error(&fw, err.Error(), code) } log.Error(err.Error()) } }
func (fn Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { setVersionHeaders(w) defer func() { if r.Body != nil { r.Body.Close() } }() fw := io.FlushingWriter{ResponseWriter: w} if err := fn(&fw, r); err != nil { if fw.Wrote() { fmt.Fprintln(&fw, err) } else { http.Error(&fw, err.Error(), http.StatusInternalServerError) } log.Error(err.Error()) } }
func (fn authorizationRequiredHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { setVersionHeaders(w) defer func() { if r.Body != nil { r.Body.Close() } }() fw := io.FlushingWriter{ResponseWriter: w} token := r.Header.Get("Authorization") if t, err := validate(token, r); err != nil { http.Error(&fw, err.Error(), http.StatusUnauthorized) } else if err = fn(&fw, r, t); err != nil { code := http.StatusInternalServerError if e, ok := err.(*errors.HTTP); ok { code = e.Code } if fw.Wrote() { fmt.Fprintln(&fw, err) } else { http.Error(&fw, err.Error(), code) } log.Error(err.Error()) } }