Add user profile based permission check in auth middleware.

2025-12-05 16:00:03 +01:00 · 2024-06-17 16:24:52 +05:30
parent 09145b4abe
commit dd9612b1ed
4 changed files with 32 additions and 2 deletions
--- a/queries.sql
+++ b/queries.sql
@@ -1084,7 +1084,9 @@ SELECT username, password FROM users WHERE status='enabled' AND type='api';

 -- name: login-user
 WITH u AS (
-    SELECT * FROM users WHERE username=$1 AND status != 'disabled' AND password_login = TRUE
+    SELECT users.*, r.name as role_name, r.permissions FROM users
+        LEFT JOIN user_roles r ON (r.id = users.role_id)
+        WHERE username=$1 AND status != 'disabled' AND password_login = TRUE
 )
 SELECT * FROM u WHERE CRYPT($2, password) = password;