Search code examples
goroutesgo-gin

show static image based on users in golang gin

I'm using the Gin framework. I have a database that contains some course info. Users can register in the courses and access the contents. The contents are image, video, and audio. I store the relative location of these contents in my database like this:

Content\Courses\CourseOne\Unit_1\image\1.jpg

and change it to the actual location in gin:

route := gin.Default()
route.Static("/Content","./Media")

Everything works fine, but I am looking for a way to authenticate users before accessing the contents. In the above-mentioned way, all users can access any data by changing the desired pattern's address. But I want if the user is registered in the course, be able to access data, otherwise, get a 404 error. how can I do that?

Edit

since it was asked to explain the implementation of authentication:

I used JWT for authentication. so each user has a HashID. I have a table called UserCourses and the user info would be inserted after purchasing a course.

this is my course route:

route.GET("api/v1/courses", handler.GetCourses)

and my handler:

func GetCourses(context *gin.Context) {
    hashID, status, err := repository.GetToken(context)
    if err != nil {
        context.IndentedJSON(status, err)
        return
    }
    courses := make([]model.CourseAPI, 0)
    userInfo := model.Users{HashID: hashID}
    err = repository.DatabaseInstance.GetCourses(&courses, &userInfo)
    if err != nil {
        context.IndentedJSON(http.StatusServiceUnavailable, err)
        return
    }
    context.IndentedJSON(http.StatusOK, gin.H{"courses": courses})
}

The JWT token is passed by the client in the header. so I get the token and validate it. The token contains the user HashID and I check for that HashID in the UserCourses table. besides the course info, there is a variable called isRegistered.if the HashID was registered for any course in UserCourses table,the isRegistered become true for that course otherwise false.

Solution

  • You can create group route and apply authentication middleware through it

    r = gin.Default()

// public routes
r.GET("public", publicHandler)

// routes group
auth = r.Group("/")
// authentication middleware within group
auth.Use(AuthMiddleware())
// route before which auth middleware will be run
auth.Static("/Content","./Media")