From be337b4bb94600cb532ee3a49946c10b657358f7 Mon Sep 17 00:00:00 2001 From: James Tombleson Date: Sun, 21 Apr 2024 10:28:50 -0700 Subject: [PATCH] auth handler now can work with refresh token request --- internal/handlers/v1/auth.go | 72 ++++++++++++++++++++++++++---------- 1 file changed, 52 insertions(+), 20 deletions(-) diff --git a/internal/handlers/v1/auth.go b/internal/handlers/v1/auth.go index 5d41a71..4b98d3e 100644 --- a/internal/handlers/v1/auth.go +++ b/internal/handlers/v1/auth.go @@ -3,6 +3,7 @@ package v1 import ( "errors" "net/http" + "time" "git.jamestombleson.com/jtom38/go-cook/internal/domain" "git.jamestombleson.com/jtom38/go-cook/internal/repositories" @@ -25,13 +26,12 @@ func (h *Handler) AuthRegister(c echo.Context) error { password := c.FormValue("password") //username := c.QueryParam("username") - exists, err := h.userRepo.GetByName(username) + exists, err := h.users.GetUser(username) if err != nil { // if we have an err, validate that if its not user not found. // if the user is not found, we can use that name if err.Error() != repositories.ErrUserNotFound { return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ - Message: err.Error(), Success: true, }) @@ -42,7 +42,7 @@ func (h *Handler) AuthRegister(c echo.Context) error { } //password := c.QueryParam("password") - err = h.UserService.CheckPasswordForRequirements(password) + err = h.users.CheckPasswordForRequirements(password) if err != nil { return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ Success: false, @@ -50,7 +50,7 @@ func (h *Handler) AuthRegister(c echo.Context) error { }) } - _, err = h.userRepo.Create(username, password, domain.ScopeRecipeRead) + _, err = h.users.Create(username, password, domain.ScopeRecipeRead) if err != nil { return c.JSON(http.StatusInternalServerError, domain.ErrorResponse{ Success: false, @@ -73,27 +73,38 @@ func (h *Handler) AuthLogin(c echo.Context) error { } // check if the user exists - err := h.UserService.DoesUserExist(username) + err := h.users.DoesUserExist(username) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } // make sure the hash matches - err = h.UserService.DoesPasswordMatchHash(username, password) + err = h.users.DoesPasswordMatchHash(username, password) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } - token, err := h.generateJwt(username, h.Config.ApiUri) + // TODO think about moving this down some? + expiresAt := time.Now().Add(time.Hour * 48) + + jwt, err := h.generateJwtWithExp(username, h.Config.ApiUri, expiresAt) + if err != nil { + return h.InternalServerErrorResponse(c, err.Error()) + } + + refresh, err := h.refreshTokens.Create(username) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } return c.JSON(http.StatusOK, domain.LoginResponse{ - Success: true, - Token: token, + BaseResponse: domain.BaseResponse{ + Success: true, + Message: "OK", + }, + Token: jwt, Type: "Bearer", - RefreshToken: "", + RefreshToken: refresh, }) } @@ -108,7 +119,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error { return h.ReturnUnauthorizedResponse(c, ErrUserNotFound) } - token, err := h.generateAdminJwt("admin") + token, err := h.generateJwt("admin", h.Config.ApiUri) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } @@ -116,14 +127,39 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error { return c.JSON(http.StatusOK, token) } -func (h *Handler) GenerateRefreshToken(c echo.Context) error { +// This will take collect some information about the requested refresh, validate and then return a new jwt token if approved. +func (h *Handler) RefreshJwtToken(c echo.Context) error { // Check the context for the refresh token var request domain.RefreshTokenRequest err := (&echo.DefaultBinder{}).BindBody(c, &request) if err != nil { - return err + return h.InternalServerErrorResponse(c, err.Error()) } - h.refreshTokenRepo.Create() + + err = h.refreshTokens.IsRequestValid(request.Username, request.RefreshToken) + if err != nil { + return h.InternalServerErrorResponse(c, err.Error()) + } + + jwt, err := h.generateJwtWithExp(request.Username, h.Config.ApiUri, time.Now().Add(time.Hour * 48)) + if err!= nil { + return h.InternalServerErrorResponse(c, err.Error()) + } + + newRefreshToken, err := h.refreshTokens.Create(request.Username) + if err != nil { + return h.InternalServerErrorResponse(c, err.Error()) + } + + return c.JSON(http.StatusOK, domain.LoginResponse{ + BaseResponse: domain.BaseResponse{ + Success: true, + Message: "OK", + }, + Token: jwt, + Type: "Bearer", + RefreshToken: newRefreshToken, + }) } func (h *Handler) AddScopes(c echo.Context) error { @@ -146,7 +182,7 @@ func (h *Handler) AddScopes(c echo.Context) error { }) } - err = h.UserService.AddScopes(request.Username, request.Scopes) + err = h.users.AddScopes(request.Username, request.Scopes) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } @@ -176,7 +212,7 @@ func (h *Handler) RemoveScopes(c echo.Context) error { }) } - err = h.UserService.RemoveScopes(request.Username, request.Scopes) + err = h.users.RemoveScopes(request.Username, request.Scopes) if err != nil { return h.InternalServerErrorResponse(c, err.Error()) } @@ -186,10 +222,6 @@ func (h *Handler) RemoveScopes(c echo.Context) error { }) } -func (h *Handler) RefreshJwtToken(c echo.Context) error { - return nil -} - func (h *Handler) getJwtToken(c echo.Context) (JwtToken, error) { // Make sure that the request came with a jwtToken token, ok := c.Get("user").(*jwt.Token)