opengist/internal/auth/auth.go

package auth

type AuthInfoProvider interface {
	RequireLogin() (bool, error)
	AllowGistsWithoutLogin() (bool, error)
}

func ShouldAllowUnauthenticatedGistAccess(prov AuthInfoProvider, isSingleGistAccess bool) (bool, error) {
	require, err := prov.RequireLogin()
	if err != nil {
		return false, err
	}
	allow, err := prov.AllowGistsWithoutLogin()
	if err != nil {
		return false, err
	}
	return !require || (isSingleGistAccess && allow), nil
}
Add a setting to allow anonymous access to individual gists while still RequireLogin everywhere else (#229) * Add a setting to allow accessing individual gists without auth This is a middle ground between the existing setting "Require Login", which requires login to do anything at all, and having it off, which shows a public list of gists and more generally allows discovering info about the users/gists of the instance without login. The idea of this setting is that it is "require login" for everything except individual gists. Fixes #228. Co-authored-by: Thomas Miceli <tho.miceli@gmail.com> 2024-05-12 21:40:11 +00:00			`package auth`

			`type AuthInfoProvider interface {`
			`RequireLogin() (bool, error)`
			`AllowGistsWithoutLogin() (bool, error)`
			`}`

			`func ShouldAllowUnauthenticatedGistAccess(prov AuthInfoProvider, isSingleGistAccess bool) (bool, error) {`
			`require, err := prov.RequireLogin()`
			`if err != nil {`
			`return false, err`
			`}`
			`allow, err := prov.AllowGistsWithoutLogin()`
			`if err != nil {`
			`return false, err`
			`}`
			`return !require \|\| (isSingleGistAccess && allow), nil`
			`}`