removed the snippet where it checks the authorization in authentication, authn is purely checking if the user is registered in db
This commit is contained in:
@@ -309,20 +309,6 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
// Check user authorization via authorization microservice
|
||||
allowed, err := checkUserAuthorization(userID, accessToken)
|
||||
if err != nil {
|
||||
helper.LogError(err, "Authorization check failed")
|
||||
helper.RespondWithError(w, http.StatusBadGateway, "Authorization check failed")
|
||||
return
|
||||
}
|
||||
|
||||
if !allowed {
|
||||
helper.LogWarn(fmt.Sprintf("User %s denied access by authorization service", userID))
|
||||
helper.RespondWithError(w, http.StatusForbidden, "Access denied: Insufficient permissions")
|
||||
return
|
||||
}
|
||||
|
||||
helper.LogInfo("Copy this access token: " + accessToken)
|
||||
|
||||
if FetchedRedirectURI != nil && *FetchedRedirectURI != "" {
|
||||
|
||||
Reference in New Issue
Block a user