adamf/web_server
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix

Browse Source
This commit is contained in:
Adam French
2025-12-10 04:55:59 +00:00
parent e7f774cbeb
commit 5ea3dc6eae
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/handlers/handle_post.go
View File

@@ -52,11 +52,12 @@ func (store *Store) CreatePost(ctx *gin.Context) {
return return
} }
userID, ok := (*claims)["id"].(uint) userIDF, ok := (*claims)["id"].(float64)
if !ok { if !ok {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"}) ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"})
return return
} }
userID := uint(userIDF)
// Create post // Create post
post := models.Post{Title: input.Title, Content: input.Content, AuthorID: userID} post := models.Post{Title: input.Title, Content: input.Content, AuthorID: userID}
@@ -89,11 +90,12 @@ func (store *Store) UpdatePost(ctx *gin.Context) {
return return
} }
userID, ok := (*claims)["id"].(uint) userIDF, ok := (*claims)["id"].(float64)
if !ok { if !ok {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"}) ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"})
return return
} }
userID := uint(userIDF)
if !(userID == post.AuthorID) { if !(userID == post.AuthorID) {
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "user and post author id missmatch"}) ctx.JSON(http.StatusUnauthorized, gin.H{"error": "user and post author id missmatch"})
@@ -136,11 +138,12 @@ func (store *Store) DeletePost(ctx *gin.Context) {
return return
} }
userID, ok := (*claims)["id"].(uint) userIDF, ok := (*claims)["id"].(float64)
if !ok { if !ok {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"}) ctx.JSON(http.StatusInternalServerError, gin.H{"error": "invalid user id in claims"})
return return
} }
userID := uint(userIDF)
if !(userID == post.AuthorID) { if !(userID == post.AuthorID) {
ctx.JSON(http.StatusUnauthorized, gin.H{"error": "user and post author id missmatch"}) ctx.JSON(http.StatusUnauthorized, gin.H{"error": "user and post author id missmatch"})