Compare commits

..

5 Commits

5 changed files with 51 additions and 15 deletions

View File

@ -4,7 +4,7 @@ type HelloBodyRequest struct {
Name string `json:"name" validate:"required"` Name string `json:"name" validate:"required"`
} }
type AddScopeRequest struct { type UpdateScopesRequest struct {
Username string `json:"name"` Username string `json:"name"`
Scopes []string `json:"scopes" validate:"required"` Scopes []string `json:"scopes" validate:"required"`
} }

View File

@ -90,6 +90,12 @@ func (h *Handler) AuthLogin(c echo.Context) error {
} }
func (h *Handler) validateAdminToken(c echo.Context, password string) error { func (h *Handler) validateAdminToken(c echo.Context, password string) error {
// if the admin token is blank, then the admin wanted this disabled.
// this will fail right away and not progress.
if h.Config.AdminToken == "" {
return h.InternalServerErrorResponse(c, ErrUserNotFound)
}
if h.Config.AdminToken != password { if h.Config.AdminToken != password {
return h.ReturnUnauthorizedResponse(c, ErrUserNotFound) return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
} }
@ -102,7 +108,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
return c.JSON(http.StatusOK, token) return c.JSON(http.StatusOK, token)
} }
func (h *Handler) AddScope(c echo.Context) error { func (h *Handler) AddScopes(c echo.Context) error {
token, err := h.getJwtToken(c) token, err := h.getJwtToken(c)
if err != nil { if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error()) return h.ReturnUnauthorizedResponse(c, err.Error())
@ -113,7 +119,7 @@ func (h *Handler) AddScope(c echo.Context) error {
return h.ReturnUnauthorizedResponse(c, err.Error()) return h.ReturnUnauthorizedResponse(c, err.Error())
} }
request := domain.AddScopeRequest{} request := domain.UpdateScopesRequest{}
err = (&echo.DefaultBinder{}).BindBody(c, &request) err = (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil { if err != nil {
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{ return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
@ -132,10 +138,33 @@ func (h *Handler) AddScope(c echo.Context) error {
}) })
} }
func (h *Handler) RemoveScope(c echo.Context) error { func (h *Handler) RemoveScopes(c echo.Context) error {
token, err := h.getJwtToken(c)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
err = token.IsValid(domain.ScopeAll)
if err != nil {
return h.ReturnUnauthorizedResponse(c, err.Error())
}
request := domain.UpdateScopesRequest{}
err = (&echo.DefaultBinder{}).BindBody(c, &request)
if err != nil {
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
Success: false,
Message: err.Error(),
})
}
err = h.UserService.RemoveScopes(request.Username, request.Scopes)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
return c.JSON(http.StatusOK, domain.ErrorResponse{ return c.JSON(http.StatusOK, domain.ErrorResponse{
Success: false, Success: true,
Message: "Not Implemented",
}) })
} }

View File

@ -41,8 +41,8 @@ func (h *Handler) Register(v1 *echo.Group) {
auth.POST("/login", h.AuthLogin) auth.POST("/login", h.AuthLogin)
auth.POST("/register", h.AuthRegister) auth.POST("/register", h.AuthRegister)
auth.Use(echojwt.WithConfig(jwtConfig)) auth.Use(echojwt.WithConfig(jwtConfig))
auth.POST("/scopes/add", h.AddScope) auth.POST("/scopes/add", h.AddScopes)
//auth.POST("/refresh", h.RefreshJwtToken) auth.POST("/scopes/remove", h.RemoveScopes)
demo := v1.Group("/demo") demo := v1.Group("/demo")
demo.GET("/hello", h.DemoHello) demo.GET("/hello", h.DemoHello)

View File

@ -63,15 +63,15 @@ func (us UserService) AddScopes(username string, scopes []string) error {
return errors.New(repositories.ErrUserNotFound) return errors.New(repositories.ErrUserNotFound)
} }
newScopes := strings.Split(usr.Scopes, ",") currentScopes := strings.Split(usr.Scopes, ",")
// check the current scopes // check the current scopes
for _, item := range strings.Split(usr.Scopes, ",") { for _, item := range scopes {
if !us.doesScopeExist(scopes, item) { if !strings.Contains(usr.Scopes, item) {
newScopes = append(newScopes, item) currentScopes = append(currentScopes, item)
} }
} }
return us.repo.UpdateScopes(username, strings.Join(newScopes, ",")) return us.repo.UpdateScopes(username, strings.Join(currentScopes, ","))
} }
func (us UserService) RemoveScopes(username string, scopes []string) error { func (us UserService) RemoveScopes(username string, scopes []string) error {

View File

@ -1,5 +1,5 @@
### Create a standard User ### Create a standard User
POST http://localhost:1323/api/v1/auth/register?username=test&password=test1234! POST http://localhost:1323/api/v1/auth/register
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
name=test&password=test1234! name=test&password=test1234!
@ -9,6 +9,7 @@ Content-Type: application/x-www-form-urlencoded
name=test&password=test1234! name=test&password=test1234!
### Login with the admin token ### Login with the admin token
POST http://localhost:1323/api/v1/auth/login POST http://localhost:1323/api/v1/auth/login
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
@ -33,6 +34,12 @@ POST http://localhost:1323/api/v1/auth/scopes/remove
Content-Type: application/json Content-Type: application/json
Authorization: Bearer Authorization: Bearer
{
"name": "test",
"scopes": [
"recipe:create"
]
}
### ###
POST http://localhost:1323/api/v1/ POST http://localhost:1323/api/v1/