Compare commits
5 Commits
2e0596c924
...
e0a517a765
Author | SHA1 | Date | |
---|---|---|---|
e0a517a765 | |||
69fb7a683b | |||
8f0e8e4d85 | |||
9bc36bae7f | |||
8a43c166a8 |
@ -4,7 +4,7 @@ type HelloBodyRequest struct {
|
|||||||
Name string `json:"name" validate:"required"`
|
Name string `json:"name" validate:"required"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AddScopeRequest struct {
|
type UpdateScopesRequest struct {
|
||||||
Username string `json:"name"`
|
Username string `json:"name"`
|
||||||
Scopes []string `json:"scopes" validate:"required"`
|
Scopes []string `json:"scopes" validate:"required"`
|
||||||
}
|
}
|
||||||
|
@ -90,6 +90,12 @@ func (h *Handler) AuthLogin(c echo.Context) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) validateAdminToken(c echo.Context, password string) error {
|
func (h *Handler) validateAdminToken(c echo.Context, password string) error {
|
||||||
|
// if the admin token is blank, then the admin wanted this disabled.
|
||||||
|
// this will fail right away and not progress.
|
||||||
|
if h.Config.AdminToken == "" {
|
||||||
|
return h.InternalServerErrorResponse(c, ErrUserNotFound)
|
||||||
|
}
|
||||||
|
|
||||||
if h.Config.AdminToken != password {
|
if h.Config.AdminToken != password {
|
||||||
return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
|
return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
|
||||||
}
|
}
|
||||||
@ -102,7 +108,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
|
|||||||
return c.JSON(http.StatusOK, token)
|
return c.JSON(http.StatusOK, token)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) AddScope(c echo.Context) error {
|
func (h *Handler) AddScopes(c echo.Context) error {
|
||||||
token, err := h.getJwtToken(c)
|
token, err := h.getJwtToken(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||||
@ -113,7 +119,7 @@ func (h *Handler) AddScope(c echo.Context) error {
|
|||||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
request := domain.AddScopeRequest{}
|
request := domain.UpdateScopesRequest{}
|
||||||
err = (&echo.DefaultBinder{}).BindBody(c, &request)
|
err = (&echo.DefaultBinder{}).BindBody(c, &request)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
|
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
|
||||||
@ -132,10 +138,33 @@ func (h *Handler) AddScope(c echo.Context) error {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) RemoveScope(c echo.Context) error {
|
func (h *Handler) RemoveScopes(c echo.Context) error {
|
||||||
return c.JSON(http.StatusOK, domain.ErrorResponse{
|
token, err := h.getJwtToken(c)
|
||||||
|
if err != nil {
|
||||||
|
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
err = token.IsValid(domain.ScopeAll)
|
||||||
|
if err != nil {
|
||||||
|
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
request := domain.UpdateScopesRequest{}
|
||||||
|
err = (&echo.DefaultBinder{}).BindBody(c, &request)
|
||||||
|
if err != nil {
|
||||||
|
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
|
||||||
Success: false,
|
Success: false,
|
||||||
Message: "Not Implemented",
|
Message: err.Error(),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
err = h.UserService.RemoveScopes(request.Username, request.Scopes)
|
||||||
|
if err != nil {
|
||||||
|
return h.InternalServerErrorResponse(c, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.JSON(http.StatusOK, domain.ErrorResponse{
|
||||||
|
Success: true,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -41,8 +41,8 @@ func (h *Handler) Register(v1 *echo.Group) {
|
|||||||
auth.POST("/login", h.AuthLogin)
|
auth.POST("/login", h.AuthLogin)
|
||||||
auth.POST("/register", h.AuthRegister)
|
auth.POST("/register", h.AuthRegister)
|
||||||
auth.Use(echojwt.WithConfig(jwtConfig))
|
auth.Use(echojwt.WithConfig(jwtConfig))
|
||||||
auth.POST("/scopes/add", h.AddScope)
|
auth.POST("/scopes/add", h.AddScopes)
|
||||||
//auth.POST("/refresh", h.RefreshJwtToken)
|
auth.POST("/scopes/remove", h.RemoveScopes)
|
||||||
|
|
||||||
demo := v1.Group("/demo")
|
demo := v1.Group("/demo")
|
||||||
demo.GET("/hello", h.DemoHello)
|
demo.GET("/hello", h.DemoHello)
|
||||||
|
@ -63,15 +63,15 @@ func (us UserService) AddScopes(username string, scopes []string) error {
|
|||||||
return errors.New(repositories.ErrUserNotFound)
|
return errors.New(repositories.ErrUserNotFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
newScopes := strings.Split(usr.Scopes, ",")
|
currentScopes := strings.Split(usr.Scopes, ",")
|
||||||
|
|
||||||
// check the current scopes
|
// check the current scopes
|
||||||
for _, item := range strings.Split(usr.Scopes, ",") {
|
for _, item := range scopes {
|
||||||
if !us.doesScopeExist(scopes, item) {
|
if !strings.Contains(usr.Scopes, item) {
|
||||||
newScopes = append(newScopes, item)
|
currentScopes = append(currentScopes, item)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
|
return us.repo.UpdateScopes(username, strings.Join(currentScopes, ","))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (us UserService) RemoveScopes(username string, scopes []string) error {
|
func (us UserService) RemoveScopes(username string, scopes []string) error {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
### Create a standard User
|
### Create a standard User
|
||||||
POST http://localhost:1323/api/v1/auth/register?username=test&password=test1234!
|
POST http://localhost:1323/api/v1/auth/register
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
|
|
||||||
name=test&password=test1234!
|
name=test&password=test1234!
|
||||||
@ -9,6 +9,7 @@ Content-Type: application/x-www-form-urlencoded
|
|||||||
|
|
||||||
name=test&password=test1234!
|
name=test&password=test1234!
|
||||||
|
|
||||||
|
|
||||||
### Login with the admin token
|
### Login with the admin token
|
||||||
POST http://localhost:1323/api/v1/auth/login
|
POST http://localhost:1323/api/v1/auth/login
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
@ -33,6 +34,12 @@ POST http://localhost:1323/api/v1/auth/scopes/remove
|
|||||||
Content-Type: application/json
|
Content-Type: application/json
|
||||||
Authorization: Bearer
|
Authorization: Bearer
|
||||||
|
|
||||||
|
{
|
||||||
|
"name": "test",
|
||||||
|
"scopes": [
|
||||||
|
"recipe:create"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
###
|
###
|
||||||
POST http://localhost:1323/api/v1/
|
POST http://localhost:1323/api/v1/
|
||||||
|
Loading…
Reference in New Issue
Block a user