aboutsummaryrefslogtreecommitdiff
path: root/weed/admin/dash/middleware.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/admin/dash/middleware.go')
-rw-r--r--weed/admin/dash/middleware.go23
1 files changed, 23 insertions, 0 deletions
diff --git a/weed/admin/dash/middleware.go b/weed/admin/dash/middleware.go
index ce538d7ca..a4cfedfd0 100644
--- a/weed/admin/dash/middleware.go
+++ b/weed/admin/dash/middleware.go
@@ -25,3 +25,26 @@ func RequireAuth() gin.HandlerFunc {
c.Next()
}
}
+
+// RequireAuthAPI checks if user is authenticated for API endpoints
+// Returns JSON error instead of redirecting to login page
+func RequireAuthAPI() gin.HandlerFunc {
+ return func(c *gin.Context) {
+ session := sessions.Default(c)
+ authenticated := session.Get("authenticated")
+ username := session.Get("username")
+
+ if authenticated != true || username == nil {
+ c.JSON(http.StatusUnauthorized, gin.H{
+ "error": "Authentication required",
+ "message": "Please log in to access this endpoint",
+ })
+ c.Abort()
+ return
+ }
+
+ // Set username in context for use in handlers
+ c.Set("username", username)
+ c.Next()
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-21 09:26:25 +0000