fix: resolve context key cycle for admin check

This commit is contained in:
2026-04-22 21:23:38 +02:00
parent 77f0daca26
commit ee05ad7511
8 changed files with 23 additions and 36 deletions

View File

@@ -11,6 +11,7 @@ import (
"mal/api/auth"
"mal/internal/db"
"mal/internal/middleware"
webcontext "mal/web/context"
"mal/web/templates"
)
@@ -166,7 +167,7 @@ func GetImpersonatedUserID(r *http.Request) string {
}
// Verify the current user is admin
user, ok := r.Context().Value(middleware.UserContextKey).(*database.User)
user, ok := r.Context().Value(webcontext.UserKey).(*database.User)
if !ok || user == nil || !middleware.IsAdmin(user) {
return ""
}

View File

@@ -12,7 +12,7 @@ import (
"mal/integrations/jikan"
"mal/internal/db"
"mal/internal/middleware"
webcontext "mal/web/context"
animecomponents "mal/web/components/anime"
watchcomponents "mal/web/components/watch"
"mal/web/templates"
@@ -65,7 +65,7 @@ func parsePageParam(r *http.Request) int {
}
func userIDFromRequest(r *http.Request) string {
user, ok := r.Context().Value(middleware.UserContextKey).(*database.User)
user, ok := r.Context().Value(webcontext.UserKey).(*database.User)
if !ok || user == nil {
return ""
}

View File

@@ -17,6 +17,7 @@ import (
"mal/integrations/jikan"
"mal/internal/db"
"mal/internal/middleware"
webcontext "mal/web/context"
"mal/web/components/watch"
"mal/web/shared"
"mal/web/templates"
@@ -131,7 +132,7 @@ func (h *Handler) HandleWatchPage(w http.ResponseWriter, r *http.Request) {
}
func watchlistUserIDFromRequest(r *http.Request) string {
user, ok := r.Context().Value(middleware.UserContextKey).(*database.User)
user, ok := r.Context().Value(webcontext.UserKey).(*database.User)
if !ok || user == nil {
return ""
}