diff options
| -rw-r--r-- | main.go | 4 | ||||
| -rw-r--r-- | user/controller.go | 27 |
2 files changed, 22 insertions, 9 deletions
@@ -38,7 +38,7 @@ import ( "log" ) -const OPENBILLS_VERSION = "v0.5.0" +const OPENBILLS_VERSION = "v0.6.0" func init() { if !viper.GetBool("debug_mode") { @@ -55,13 +55,13 @@ func main() { api := r.Group("/api") api.Use(errors.ErrResponse()) { - user.Routes(api) auth.Routes(api) } protected := api.Group("/") protected.Use(auth.Authorize()) { + user.Routes(protected) customer.Routes(protected) item.Routes(protected) invoice.Routes(protected) diff --git a/user/controller.go b/user/controller.go index 4933ea3..15061cc 100644 --- a/user/controller.go +++ b/user/controller.go @@ -1,5 +1,5 @@ /* openbills - Server for web based Libre Billing Software - * Copyright (C) 2023 Vidhu Kant Sharma <vidhukant@vidhukant.com> + * Copyright (C) 2023-2024 Vidhu Kant Sharma <vidhukant@vidhukant.com> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -18,6 +18,7 @@ package user import ( + e "vidhukant.com/openbills/errors" "github.com/gin-gonic/gin" "net/http" ) @@ -25,12 +26,24 @@ import ( func handleGetUser (ctx *gin.Context) { var user User - //err = getUser(&user, uint(id)) - //if err != nil { - // ctx.Error(err) - // ctx.Abort() - // return - //} + uId, ok := ctx.Get("UserID") + if !ok { + ctx.Error(e.ErrUnauthorized) + ctx.Abort() + return + } + + userId := uId.(uint) + + err := GetUser(&user, userId) + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } + + // remove password hash from response + user.Password = "" ctx.JSON(http.StatusOK, gin.H{ "message": "success", |