From 9a43fa05ade031c91d515d1254e05fd33cc7a482 Mon Sep 17 00:00:00 2001
From: physcik <mynameisgennadiy@vk.com>
Date: Mon, 27 Apr 2026 16:52:45 +0500
Subject: Auth middleware + origin check

---
 backend/src/Handler.zig | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 'backend/src/Handler.zig')

diff --git a/backend/src/Handler.zig b/backend/src/Handler.zig
index 3e40cf8..2f3389e 100644
--- a/backend/src/Handler.zig
+++ b/backend/src/Handler.zig
@@ -3,6 +3,11 @@ const httpz = @import("httpz");
 const userModel = @import("Models/User.zig");
 const tokens = @import("Authentication/Tokens.zig");
 
+pub const errors = error {
+    Unauthorized,
+    Forbidden,
+};
+
 pub const RequestData = struct {
     User: ?userModel.User,
 
@@ -32,13 +37,31 @@ pub const RequestData = struct {
         if (self.User == null) return false;
         return self.User.?.Role >= minimalRole;
     }
+
+    pub fn CheckAccess(self: RequestData, minimalRole: userModel.Role) !void {
+        if (self.User == null) return errors.Unauthorized;
+        if (@intFromEnum(self.User.?.Role) < @intFromEnum(minimalRole)) 
+            return errors.Forbidden;
+    }
 };
 
 pub const Handler = struct {
     pub fn dispatch(_: *Handler, action: httpz.Action(*RequestData), req: *httpz.Request, res: *httpz.Response) !void {
         var data = try RequestData.Init(req);
         // std.debug.print("Data: {any}\n", .{ data });
-        try action(&data, req, res);
+        action(&data, req, res) catch |err| {
+            switch (err) {
+                errors.Forbidden => {
+                    res.setStatus(.forbidden);
+                },
+                errors.Unauthorized => {
+                    res.setStatus(.unauthorized);
+                },
+                else => {
+                    return err;
+                }
+            }
+        };
         std.debug.print("{any} {s}: {d}\n", .{req.method, req.url.raw, res.status});
     }
 };
-- 
cgit v1.3