upload

internal/middleware/admin.go

@@ -0,0 +1,33 @@
+package middleware
+
+import (
+	"net/http"
+	"fotbal-club/internal/models"
+	"github.com/gin-gonic/gin"
+)
+
+// AdminMiddleware checks if the user has admin role
+func AdminMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		user, exists := c.Get("user")
+		if !exists {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
+			return
+		}
+
+		// Type assert the user to your User model
+		userModel, ok := user.(*models.User)
+		if !ok {
+			c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "Internal server error"})
+			return
+		}
+
+		// Check if user is admin
+		if userModel.Role != "admin" {
+			c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"error": "Forbidden - Admin access required"})
+			return
+		}
+
+		c.Next()
+	}
+}