chore(back): refactor

backend/api/account.go

@@ -16,13 +16,11 @@ import (
 
 // (GET /account)
 func (s *Server) GetAccount(c echo.Context) error {
-	logged := c.Get("userLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	account, err := MustGetUser(c)
+	if err != nil {
+		return nil
 	}
 
-	account := c.Get("userAccount").(*models.Account)
-
 	// Return account
 	resp := autogen.GetAccount200JSONResponse{
 		Account: &account.Account,
@@ -33,15 +31,13 @@ func (s *Server) GetAccount(c echo.Context) error {
 
 // (PATCH /account)
 func (s *Server) PatchAccount(c echo.Context) error {
-	logged := c.Get("userLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	account, err := MustGetUser(c)
+	if err != nil {
+		return nil
 	}
 
-	account := c.Get("userAccount").(*models.Account)
-
 	var param autogen.PatchAccountJSONBody
-	err := c.Bind(&param)
+	err = c.Bind(&param)
 	if err != nil {
 		return Error400(c)
 	}
@@ -66,9 +62,9 @@ func (s *Server) PatchAccount(c echo.Context) error {
 
 // (GET /accounts)
 func (s *Server) GetAccounts(c echo.Context, params autogen.GetAccountsParams) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	_, err := MustGetUser(c)
+	if err != nil {
+		return nil
 	}
 
 	// Set up parameters
@@ -124,15 +120,13 @@ func (s *Server) GetAccounts(c echo.Context, params autogen.GetAccountsParams) e
 
 // (POST /accounts)
 func (s *Server) PostAccounts(c echo.Context) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	var req autogen.NewAccount
-	err := c.Bind(&req)
+	err = c.Bind(&req)
 	if err != nil {
 		return Error400(c)
 	}
@@ -169,42 +163,38 @@ func (s *Server) PostAccounts(c echo.Context) error {
 		return Error500(c)
 	}
 
-	logrus.Info("Account created: ", account.Account.Id, " by ", adminID)
+	logrus.Info("Account created: ", account.Account.Id, " by ", admin.Id.String())
 	autogen.PostAccounts200JSONResponse(account.Account).VisitPostAccountsResponse(c.Response())
 	return nil
 }
 
 // (DELETE /accounts/{account_id})
 func (s *Server) MarkDeleteAccountId(c echo.Context, accountId autogen.UUID) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
-	err := s.DBackend.MarkDeleteAccount(c.Request().Context(), accountId.String(), adminID)
+	err = s.DBackend.MarkDeleteAccount(c.Request().Context(), accountId.String(), admin.Id.String())
 	if err != nil {
 		if err == mongo.ErrNoDocuments {
 			return ErrorAccNotFound(c)
 		}
 		return Error500(c)
 	}
 
-	logrus.Info("Account marked as deleted: ", accountId, " by ", adminID)
+	logrus.Info("Account marked as deleted: ", accountId, " by ", admin.Id.String())
 	autogen.DeleteAccount204Response{}.VisitDeleteAccountResponse(c.Response())
 	return nil
 }
 
 // (GET /accounts/{account_id})
 func (s *Server) GetAccountId(c echo.Context, accountId autogen.UUID) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	account, err := s.DBackend.GetAccount(c.Request().Context(), accountId.String())
 	if err != nil {
 		if err == mongo.ErrNoDocuments {
@@ -213,22 +203,20 @@ func (s *Server) GetAccountId(c echo.Context, accountId autogen.UUID) error {
 		return Error500(c)
 	}
 
-	logrus.Info("Account retrieved: ", accountId, " by ", adminID)
+	logrus.Info("Account retrieved: ", accountId, " by ", admin.Id.String())
 	autogen.GetAccountId200JSONResponse(account.Account).VisitGetAccountIdResponse(c.Response())
 	return nil
 }
 
 // (PATCH /accounts/{account_id})
 func (s *Server) PatchAccountId(c echo.Context, accountId autogen.UUID) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	var req autogen.UpdateAccountAdmin
-	err := c.Bind(&req)
+	err = c.Bind(&req)
 	if err != nil {
 		return Error400(c)
 	}
@@ -296,20 +284,18 @@ func (s *Server) PatchAccountId(c echo.Context, accountId autogen.UUID) error {
 		return Error500(c)
 	}
 
-	logrus.Info("Account updated: ", accountId, " by ", adminID)
+	logrus.Info("Account updated: ", accountId, " by ", admin.Id.String())
 	autogen.PatchAccountId200JSONResponse(account.Account).VisitPatchAccountIdResponse(c.Response())
 	return nil
 }
 
 // (POST /import/accounts)
 func (s *Server) ImportAccounts(c echo.Context) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	// Get file from request
 	file, err := c.FormFile("file")
 	if err != nil {
@@ -390,27 +376,27 @@ func (s *Server) ImportAccounts(c echo.Context) error {
 		}
 	}
 
-	logrus.Info("Accounts imported: ", len(records)-len(notProcessed), " by ", adminID)
+	logrus.Info("Accounts imported: ", len(records)-len(notProcessed), " by ", admin.Id.String())
 	autogen.ImportAccounts200JSONResponse{
 		NotAccepted: &notProcessed,
 	}.VisitImportAccountsResponse(c.Response())
 	return nil
 }
 
 // (GET /account/admin)
-func (s *Server) GetAccountAdmin(ctx echo.Context) error {
-	logged := ctx.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(ctx)
+func (s *Server) GetAccountAdmin(c echo.Context) error {
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	canRestore := ctx.Get("adminAccountRole").(autogen.AccountRole) == autogen.AccountSuperAdmin
+	canRestore := admin.Role == autogen.AccountSuperAdmin
 
 	// Return account
 	resp := autogen.GetAccountAdmin200JSONResponse{
 		IsAllowed:  true,
 		CanRestore: canRestore,
 	}
-	resp.VisitGetAccountAdminResponse(ctx.Response())
+	resp.VisitGetAccountAdminResponse(c.Response())
 	return nil
 }

backend/api/carousel.go

@@ -37,13 +37,11 @@ func (s *Server) GetCarouselImages(c echo.Context) error {
 
 // (POST /carousel/images)
 func (s *Server) AddCarouselImage(c echo.Context) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	// Get image from request
 	image, err := c.FormFile("image")
 	if err != nil {
@@ -87,7 +85,7 @@ func (s *Server) AddCarouselImage(c echo.Context) error {
 		return Error500(c)
 	}
 
-	logrus.Infof("Carousel image %s added by admin %s", uid.String(), adminID)
+	logrus.Infof("Carousel image %s added by admin %s", uid.String(), admin.Id.String())
 	autogen.AddCarouselImage201JSONResponse(carouselImage.CarouselImage).VisitAddCarouselImageResponse(c.Response())
 	return nil
 }
@@ -126,25 +124,23 @@ func (s *Server) GetCarouselImage(c echo.Context, imageId autogen.UUID) error {
 
 // (DELETE /carousel/images/{image_id})
 func (s *Server) MarkDeleteCarouselImage(c echo.Context, imageId autogen.UUID) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
-	_, err := s.DBackend.GetCarouselImage(c.Request().Context(), imageId.String())
+	_, err = s.DBackend.GetCarouselImage(c.Request().Context(), imageId.String())
 	if err != nil {
 		return ErrorImageNotFound(c)
 	}
 
-	err = s.DBackend.MarkDeleteCarouselImage(c.Request().Context(), imageId.String(), adminID)
+	err = s.DBackend.MarkDeleteCarouselImage(c.Request().Context(), imageId.String(), admin.Id.String())
 	if err != nil {
 		logrus.Error(err)
 		return Error500(c)
 	}
 
-	logrus.Infof("Carousel image %s marked for deletion by admin %s", imageId.String(), adminID)
+	logrus.Infof("Carousel image %s marked for deletion by admin %s", imageId.String(), admin.Id.String())
 	autogen.MarkDeleteAccountId204Response{}.VisitMarkDeleteAccountIdResponse(c.Response())
 	return nil
 }
@@ -170,16 +166,14 @@ func (s *Server) GetCarouselTexts(c echo.Context) error {
 
 // (POST /carousel/texts)
 func (s *Server) AddCarouselText(c echo.Context) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
 	// Get text from request
 	var text autogen.CarouselTextCreate
-	err := c.Bind(&text)
+	err = c.Bind(&text)
 	if err != nil {
 		return Error400(c)
 	}
@@ -203,31 +197,29 @@ func (s *Server) AddCarouselText(c echo.Context) error {
 		return Error500(c)
 	}
 
-	logrus.Infof("Carousel text %s added by admin %s", t.Id.String(), adminID)
+	logrus.Infof("Carousel text %s added by admin %s", t.Id.String(), admin.Id.String())
 	autogen.AddCarouselText201JSONResponse(t.CarouselText).VisitAddCarouselTextResponse(c.Response())
 	return nil
 }
 
 // (DELETE /carousel/texts/{text_id})
 func (s *Server) MarkDeleteCarouselText(c echo.Context, textId autogen.UUID) error {
-	logged := c.Get("adminLogged").(bool)
-	if !logged {
-		return ErrorNotAuthenticated(c)
+	admin, err := MustGetAdmin(c)
+	if err != nil {
+		return nil
 	}
 
-	adminID := c.Get("adminAccountID").(string)
-
-	_, err := s.DBackend.GetCarouselText(c.Request().Context(), textId.String())
+	_, err = s.DBackend.GetCarouselText(c.Request().Context(), textId.String())
 	if err != nil {
 		return ErrorTextNotFound(c)
 	}
 
-	err = s.DBackend.MarkDeleteCarouselText(c.Request().Context(), textId.String(), adminID)
+	err = s.DBackend.MarkDeleteCarouselText(c.Request().Context(), textId.String(), admin.Id.String())
 	if err != nil {
 		logrus.Error(err)
 		return Error500(c)
 	}
 
-	logrus.Infof("Carousel text %s marked for deletion by admin %s", textId.String(), adminID)
+	logrus.Infof("Carousel text %s marked for deletion by admin %s", textId.String(), admin.Id.String())
 	return nil
 }