Compare commits
No commits in common. "e0a517a7654e4a472a59f961e93aa3321ea1993e" and "2e0596c924abd850fa65cc96e8b63fb9cf36cb9d" have entirely different histories.
e0a517a765
...
2e0596c924
@ -4,7 +4,7 @@ type HelloBodyRequest struct {
|
||||
Name string `json:"name" validate:"required"`
|
||||
}
|
||||
|
||||
type UpdateScopesRequest struct {
|
||||
type AddScopeRequest struct {
|
||||
Username string `json:"name"`
|
||||
Scopes []string `json:"scopes" validate:"required"`
|
||||
}
|
||||
|
@ -90,12 +90,6 @@ func (h *Handler) AuthLogin(c echo.Context) error {
|
||||
}
|
||||
|
||||
func (h *Handler) validateAdminToken(c echo.Context, password string) error {
|
||||
// if the admin token is blank, then the admin wanted this disabled.
|
||||
// this will fail right away and not progress.
|
||||
if h.Config.AdminToken == "" {
|
||||
return h.InternalServerErrorResponse(c, ErrUserNotFound)
|
||||
}
|
||||
|
||||
if h.Config.AdminToken != password {
|
||||
return h.ReturnUnauthorizedResponse(c, ErrUserNotFound)
|
||||
}
|
||||
@ -108,7 +102,7 @@ func (h *Handler) validateAdminToken(c echo.Context, password string) error {
|
||||
return c.JSON(http.StatusOK, token)
|
||||
}
|
||||
|
||||
func (h *Handler) AddScopes(c echo.Context) error {
|
||||
func (h *Handler) AddScope(c echo.Context) error {
|
||||
token, err := h.getJwtToken(c)
|
||||
if err != nil {
|
||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||
@ -119,7 +113,7 @@ func (h *Handler) AddScopes(c echo.Context) error {
|
||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||
}
|
||||
|
||||
request := domain.UpdateScopesRequest{}
|
||||
request := domain.AddScopeRequest{}
|
||||
err = (&echo.DefaultBinder{}).BindBody(c, &request)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
|
||||
@ -138,33 +132,10 @@ func (h *Handler) AddScopes(c echo.Context) error {
|
||||
})
|
||||
}
|
||||
|
||||
func (h *Handler) RemoveScopes(c echo.Context) error {
|
||||
token, err := h.getJwtToken(c)
|
||||
if err != nil {
|
||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||
}
|
||||
|
||||
err = token.IsValid(domain.ScopeAll)
|
||||
if err != nil {
|
||||
return h.ReturnUnauthorizedResponse(c, err.Error())
|
||||
}
|
||||
|
||||
request := domain.UpdateScopesRequest{}
|
||||
err = (&echo.DefaultBinder{}).BindBody(c, &request)
|
||||
if err != nil {
|
||||
return c.JSON(http.StatusBadRequest, domain.ErrorResponse{
|
||||
Success: false,
|
||||
Message: err.Error(),
|
||||
})
|
||||
}
|
||||
|
||||
err = h.UserService.RemoveScopes(request.Username, request.Scopes)
|
||||
if err != nil {
|
||||
return h.InternalServerErrorResponse(c, err.Error())
|
||||
}
|
||||
|
||||
func (h *Handler) RemoveScope(c echo.Context) error {
|
||||
return c.JSON(http.StatusOK, domain.ErrorResponse{
|
||||
Success: true,
|
||||
Success: false,
|
||||
Message: "Not Implemented",
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -41,8 +41,8 @@ func (h *Handler) Register(v1 *echo.Group) {
|
||||
auth.POST("/login", h.AuthLogin)
|
||||
auth.POST("/register", h.AuthRegister)
|
||||
auth.Use(echojwt.WithConfig(jwtConfig))
|
||||
auth.POST("/scopes/add", h.AddScopes)
|
||||
auth.POST("/scopes/remove", h.RemoveScopes)
|
||||
auth.POST("/scopes/add", h.AddScope)
|
||||
//auth.POST("/refresh", h.RefreshJwtToken)
|
||||
|
||||
demo := v1.Group("/demo")
|
||||
demo.GET("/hello", h.DemoHello)
|
||||
|
@ -63,15 +63,15 @@ func (us UserService) AddScopes(username string, scopes []string) error {
|
||||
return errors.New(repositories.ErrUserNotFound)
|
||||
}
|
||||
|
||||
currentScopes := strings.Split(usr.Scopes, ",")
|
||||
newScopes := strings.Split(usr.Scopes, ",")
|
||||
|
||||
// check the current scopes
|
||||
for _, item := range scopes {
|
||||
if !strings.Contains(usr.Scopes, item) {
|
||||
currentScopes = append(currentScopes, item)
|
||||
for _, item := range strings.Split(usr.Scopes, ",") {
|
||||
if !us.doesScopeExist(scopes, item) {
|
||||
newScopes = append(newScopes, item)
|
||||
}
|
||||
}
|
||||
return us.repo.UpdateScopes(username, strings.Join(currentScopes, ","))
|
||||
return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
|
||||
}
|
||||
|
||||
func (us UserService) RemoveScopes(username string, scopes []string) error {
|
||||
|
@ -1,5 +1,5 @@
|
||||
### Create a standard User
|
||||
POST http://localhost:1323/api/v1/auth/register
|
||||
POST http://localhost:1323/api/v1/auth/register?username=test&password=test1234!
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
name=test&password=test1234!
|
||||
@ -9,7 +9,6 @@ Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
name=test&password=test1234!
|
||||
|
||||
|
||||
### Login with the admin token
|
||||
POST http://localhost:1323/api/v1/auth/login
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
@ -34,12 +33,6 @@ POST http://localhost:1323/api/v1/auth/scopes/remove
|
||||
Content-Type: application/json
|
||||
Authorization: Bearer
|
||||
|
||||
{
|
||||
"name": "test",
|
||||
"scopes": [
|
||||
"recipe:create"
|
||||
]
|
||||
}
|
||||
|
||||
###
|
||||
POST http://localhost:1323/api/v1/
|
||||
|
Loading…
Reference in New Issue
Block a user