mock auth, author by role token, next: filtering doctor request

This commit is contained in:
mario
2025-05-09 16:15:55 +07:00
parent 9664b1e0e3
commit 28e6110b6d
9 changed files with 459 additions and 199 deletions

View File

@@ -34,7 +34,7 @@ func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
return
}
// Authenticate user
// Authenticate user using mock database
response, err := h.authService.Login(req.Email, req.Password)
if err != nil {
h.logger.Warn("Login failed", zap.Error(err), zap.String("email", req.Email))
@@ -42,6 +42,12 @@ func (h *AuthHandler) Login(w http.ResponseWriter, r *http.Request) {
return
}
// Log successful login with role information
h.logger.Info("User logged in successfully",
zap.String("email", req.Email),
zap.String("userID", response.User.ID),
zap.String("role", response.User.Role))
// Return tokens and user info
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)

View File

@@ -4,8 +4,10 @@ import (
"fmt"
"io"
"net/http"
"net/url"
"strings"
"devone.aplikasi.web.id/gitea/mario/go-ohif-proxy/internal/auth"
"devone.aplikasi.web.id/gitea/mario/go-ohif-proxy/internal/proxy"
"github.com/go-chi/chi/v5"
"go.uber.org/zap"
@@ -27,6 +29,13 @@ func NewDicomHandler(client *proxy.Client, logger *zap.Logger) *DicomHandler {
// ForwardRequest forwards the request to Google Healthcare API
func (h *DicomHandler) ForwardRequest(w http.ResponseWriter, r *http.Request) {
// Get claims from context if they exist
var claims *auth.CustomClaims
claimsValue := r.Context().Value("claims")
if claimsValue != nil {
claims = claimsValue.(*auth.CustomClaims)
}
// Get the path after /dicomWeb
urlPath := chi.URLParam(r, "*")
@@ -45,6 +54,46 @@ func (h *DicomHandler) ForwardRequest(w http.ResponseWriter, r *http.Request) {
zap.String("url", r.URL.String()),
)
// Copy query parameters
queryParams := r.URL.Query()
// Apply role-specific query modifications
if claims != nil {
switch claims.Role {
case "patient":
// For patients requesting study list, filter to only show their study
if strings.HasPrefix(urlPath, "/studies") && !strings.Contains(urlPath, "/") {
// Ensure only the patient's study is shown
queryParams.Set("StudyInstanceUID", claims.StudyIUID)
}
case "ref_doctor":
// For ref_doctor requesting study list, apply filter from token
if strings.HasPrefix(urlPath, "/studies") && !strings.Contains(urlPath, "/") && claims.FilterURL != "" {
// Parse the filter URL and add its query params
filterURL, err := url.Parse(claims.FilterURL)
if err == nil {
filterQuery := filterURL.Query()
for key, values := range filterQuery {
for _, value := range values {
queryParams.Add(key, value)
}
}
}
}
case "expertise_doctor":
// No restrictions for expertise_doctor
}
}
// Add the query string back to the path
encodedQuery := queryParams.Encode()
if encodedQuery != "" {
if !strings.HasPrefix(urlPath, "/") {
urlPath = "/" + urlPath
}
urlPath = urlPath + "?" + encodedQuery
}
// Read request body if present
var bodyBytes []byte
if r.Body != nil && r.ContentLength > 0 {
@@ -57,15 +106,6 @@ func (h *DicomHandler) ForwardRequest(w http.ResponseWriter, r *http.Request) {
}
}
// Copy query parameters
queryParams := r.URL.Query().Encode()
if queryParams != "" {
if !strings.HasPrefix(urlPath, "/") {
urlPath = "/" + urlPath
}
urlPath = urlPath + "?" + queryParams
}
// Get request headers
headers := make(map[string]string)
for k, v := range r.Header {