auth handler now can work with refresh token request

internal/handlers/v1/auth.go

@@ -3,6 +3,7 @@ package v1
 import (
 	"errors"
 	"net/http"
+	"time"
 
 	"git.jamestombleson.com/jtom38/go-cook/internal/domain"
 	"git.jamestombleson.com/jtom38/go-cook/internal/repositories"
@@ -25,13 +26,12 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 	password := c.FormValue("password")
 
 	//username := c.QueryParam("username")
-	exists, err := h.userRepo.GetByName(username)
+	exists, err := h.users.GetUser(username)
 	if err != nil {
 		// if we have an err, validate that if its not user not found.
 		// if the user is not found, we can use that name
 		if err.Error() != repositories.ErrUserNotFound {
 			return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
-
 				Message: err.Error(),
 				Success: true,
 			})
@@ -42,7 +42,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 	}
 
 	//password := c.QueryParam("password")
-	err = h.UserService.CheckPasswordForRequirements(password)
+	err = h.users.CheckPasswordForRequirements(password)
 	if err != nil {
 		return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
 			Success: false,
@@ -50,7 +50,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
 		})
 	}
 
-	_, err = h.userRepo.Create(username, password, domain.ScopeRecipeRead)
+	_, err = h.users.Create(username, password, domain.ScopeRecipeRead)
 	if err != nil {
 		return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{
 			Success: false,
@@ -73,27 +73,38 @@ func (h *Handler) AuthLogin(c echo.Context) error {
 	}
 
 	// check if the user exists
-	err := h.UserService.DoesUserExist(username)
+	err := h.users.DoesUserExist(username)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
 	// make sure the hash matches
-	err = h.UserService.DoesPasswordMatchHash(username, password)
+	err = h.users.DoesPasswordMatchHash(username, password)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
-	token, err := h.generateJwt(username, h.Config.ApiUri)
+	// TODO think about moving this down some?
+	expiresAt := time.Now().Add(time.Hour * 48)
+
+	jwt, err := h.generateJwtWithExp(username, h.Config.ApiUri, expiresAt)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	refresh, err := h.refreshTokens.Create(username)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
 
 	return c.JSON(http.StatusOK, domain.LoginResponse{
-		Success:      true,
-		Token:        token,
+		BaseResponse: domain.BaseResponse{
+			Success: true,
+			Message: "OK",
+		},
+		Token:        jwt,
 		Type:         "Bearer",
-		RefreshToken: "",
+		RefreshToken: refresh,
 	})
 }
 
@@ -108,7 +119,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
 		return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
 	}
 
-	token, err := h.generateAdminJwt("admin")
+	token, err := h.generateJwt("admin", h.Config.ApiUri)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -116,14 +127,39 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
 	return c.JSON(http.StatusOK, token)
 }
 
-func (h *Handler) GenerateRefreshToken(c echo.Context) error {
+// This will take collect some information about the requested refresh, validate and then return a new jwt token if approved.
+func (h *Handler) RefreshJwtToken(c echo.Context) error {
 	// Check the context for the refresh token
 	var request domain.RefreshTokenRequest
 	err := (&echo.DefaultBinder{}).BindBody(c, &request)
 	if err != nil {
-		return err
+		return h.InternalServerErrorResponse(c, err.Error())
 	}
-	h.refreshTokenRepo.Create()
+
+	err = h.refreshTokens.IsRequestValid(request.Username, request.RefreshToken)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	jwt, err := h.generateJwtWithExp(request.Username, h.Config.ApiUri, time.Now().Add(time.Hour * 48))
+	if err!= nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	newRefreshToken, err := h.refreshTokens.Create(request.Username)
+	if err != nil {
+		return h.InternalServerErrorResponse(c, err.Error())
+	}
+
+	return c.JSON(http.StatusOK, domain.LoginResponse{
+		BaseResponse: domain.BaseResponse{
+			Success: true,
+			Message: "OK",
+		},
+		Token:        jwt,
+		Type:         "Bearer",
+		RefreshToken: newRefreshToken,
+	})
 }
 
 func (h *Handler) AddScopes(c echo.Context) error {
@@ -146,7 +182,7 @@ func (h *Handler) AddScopes(c echo.Context) error {
 		})
 	}
 
-	err = h.UserService.AddScopes(request.Username, request.Scopes)
+	err = h.users.AddScopes(request.Username, request.Scopes)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -176,7 +212,7 @@ func (h *Handler) RemoveScopes(c echo.Context) error {
 		})
 	}
 
-	err = h.UserService.RemoveScopes(request.Username, request.Scopes)
+	err = h.users.RemoveScopes(request.Username, request.Scopes)
 	if err != nil {
 		return h.InternalServerErrorResponse(c, err.Error())
 	}
@@ -186,10 +222,6 @@ func (h *Handler) RemoveScopes(c echo.Context) error {
 	})
 }
 
-func (h *Handler) RefreshJwtToken(c echo.Context) error {
-	return nil
-}
-
 func (h *Handler) getJwtToken(c echo.Context) (JwtToken, error) {
 	// Make sure that the request came with a jwtToken
 	token, ok := c.Get("user").(*jwt.Token)