From 4a5a10fc2ba6b689f47c4d35ced3bfc0d4b2c86f Mon Sep 17 00:00:00 2001
From: leo <leo.bao@dyuanzi.com>
Date: Thu, 18 Nov 2021 18:10:19 +0800
Subject: [PATCH] add authorized handler middleware

---
 script/config.go |  9 +++++++--
 server.go        | 20 ++++++++++++++++++++
 service/error.go |  8 ++++++--
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/script/config.go b/script/config.go
index 5cd6202..f029cf0 100644
--- a/script/config.go
+++ b/script/config.go
@@ -28,8 +28,13 @@ func GetLedgerConfigMap() map[string]Config {
 	return ledgerConfigMap
 }
 
-func GetLedgerConfig(ledgerId string) Config {
-	return ledgerConfigMap[ledgerId]
+func GetLedgerConfig(ledgerId string) *Config {
+	for k, v := range ledgerConfigMap {
+		if k == ledgerId {
+			return &v
+		}
+	}
+	return nil
 }
 
 func GetLedgerConfigByMail(mail string) *Config {
diff --git a/server.go b/server.go
index 3d9679c..201457e 100644
--- a/server.go
+++ b/server.go
@@ -20,9 +20,29 @@ func LoadServerCache() error {
 	return script.LoadLedgerConfigMap()
 }
 
+func AuthorizedHandler() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		ledgerId := c.GetHeader("ledgerId")
+		ledgerConfig := script.GetLedgerConfig(ledgerId)
+		if ledgerConfig != nil {
+			c.Set("LedgerConfig", &ledgerConfig)
+			c.Next()
+		} else {
+			service.Unauthorized(c)
+			c.Abort()
+		}
+	}
+}
+
 func RegisterRouter(router *gin.Engine) {
 	router.StaticFS("/", http.Dir("./public"))
 	router.POST("/api/ledger", service.OpenOrCreateLedger)
+	authorized := router.Group("/api/auth/")
+	authorized.Use(AuthorizedHandler())
+	{
+		// need authorized
+		//authorized.POST("/tags")
+	}
 }
 
 func main() {
diff --git a/service/error.go b/service/error.go
index cf14681..c42e51b 100644
--- a/service/error.go
+++ b/service/error.go
@@ -10,11 +10,15 @@ func OK(c *gin.Context, data string) {
 }
 
 func BadRequest(c *gin.Context, message string) {
-	c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": message})
+	c.JSON(http.StatusOK, gin.H{"code": 400, "message": message})
+}
+
+func Unauthorized(c *gin.Context) {
+	c.JSON(http.StatusOK, gin.H{"code": 401})
 }
 
 func InternalError(c *gin.Context, message string) {
-	c.JSON(http.StatusInternalServerError, gin.H{"code": 500, "message": message})
+	c.JSON(http.StatusOK, gin.H{"code": 500, "message": message})
 }
 
 func LedgerIsNotExist(c *gin.Context) {