package authorization import ( "errors" "net/http" "github.com/notherealmarco/WASAPhoto/service/api/reqcontext" "github.com/notherealmarco/WASAPhoto/service/database" ) func BuildAuth(header string) (reqcontext.Authorization, error) { auth, err := BuildBearer(header) if err != nil { if err.Error() == "invalid authorization header" { return nil, errors.New("method not supported") // todo: better error description } return nil, err } return auth, nil } func SendAuthorizationError(f func(db database.AppDatabase, uid string) (reqcontext.AuthStatus, error), uid string, db database.AppDatabase, w http.ResponseWriter, notFoundStatus int) bool { auth, err := f(db, uid) if err != nil { w.WriteHeader(http.StatusInternalServerError) // todo: log error and write it to the response return false } if auth == reqcontext.UNAUTHORIZED { w.WriteHeader(http.StatusUnauthorized) return false } if auth == reqcontext.FORBIDDEN { w.WriteHeader(http.StatusForbidden) return false } // requested user is not found -> 404 as the resource is not found if auth == reqcontext.USER_NOT_FOUND { w.WriteHeader(notFoundStatus) return false } return true }