adding userId to the jwt and updated routes to use scope requirements
This commit is contained in:
parent
c539a20cc7
commit
471ef4fdd8
@ -1,5 +1,10 @@
|
|||||||
package domain
|
package domain
|
||||||
|
|
||||||
|
type LoginFormRequest struct {
|
||||||
|
Username string `form:"username"`
|
||||||
|
Password string `form:"password"`
|
||||||
|
}
|
||||||
|
|
||||||
type GetSourceBySourceAndNameParamRequest struct {
|
type GetSourceBySourceAndNameParamRequest struct {
|
||||||
Name string `query:"name"`
|
Name string `query:"name"`
|
||||||
Source string `query:"source"`
|
Source string `query:"source"`
|
||||||
|
@ -2,7 +2,13 @@ package domain
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
ScopeAll = "newsbot:all"
|
ScopeAll = "newsbot:all"
|
||||||
|
|
||||||
ScopeArticleRead = "newsbot:article:read"
|
ScopeArticleRead = "newsbot:article:read"
|
||||||
|
ScopeArticleDisable = "newsbot:article:disable"
|
||||||
|
|
||||||
|
ScopeSourceRead = "newsbot:source:read"
|
||||||
ScopeSourceCreate = "newsbot:source:create"
|
ScopeSourceCreate = "newsbot:source:create"
|
||||||
|
|
||||||
ScopeDiscordWebHookCreate = "newsbot:discordwebhook:create"
|
ScopeDiscordWebHookCreate = "newsbot:discordwebhook:create"
|
||||||
|
ScopeDiscordWebhookRead = "newsbot:discordwebhook:read"
|
||||||
)
|
)
|
||||||
|
@ -20,6 +20,8 @@ import (
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) listArticles(c echo.Context) error {
|
func (s *Handler) listArticles(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeArticleRead)
|
||||||
|
|
||||||
resp := domain.ArticleResponse{
|
resp := domain.ArticleResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -51,6 +53,7 @@ func (s *Handler) listArticles(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) getArticle(c echo.Context) error {
|
func (s *Handler) getArticle(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeArticleRead)
|
||||||
p := domain.ArticleResponse{
|
p := domain.ArticleResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -86,13 +89,12 @@ func (s *Handler) getArticle(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) getArticleDetails(c echo.Context) error {
|
func (s *Handler) getArticleDetails(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeArticleRead)
|
||||||
p := domain.ArticleDetailedResponse{
|
p := domain.ArticleDetailedResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
},
|
},
|
||||||
Payload: domain.ArticleAndSourceModel{
|
Payload: domain.ArticleAndSourceModel{},
|
||||||
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
id, err := strconv.Atoi(c.Param("ID"))
|
id, err := strconv.Atoi(c.Param("ID"))
|
||||||
@ -128,6 +130,7 @@ func (s *Handler) getArticleDetails(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) ListArticlesBySourceId(c echo.Context) error {
|
func (s *Handler) ListArticlesBySourceId(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeArticleRead)
|
||||||
p := domain.ArticleResponse{
|
p := domain.ArticleResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
|
@ -90,7 +90,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
|
|||||||
// TODO think about moving this down some?
|
// TODO think about moving this down some?
|
||||||
expiresAt := time.Now().Add(time.Hour * 48)
|
expiresAt := time.Now().Add(time.Hour * 48)
|
||||||
|
|
||||||
jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, expiresAt)
|
jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, user.ID, expiresAt)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return h.InternalServerErrorResponse(c, err.Error())
|
return h.InternalServerErrorResponse(c, err.Error())
|
||||||
}
|
}
|
||||||
@ -121,7 +121,7 @@ func (h *Handler) createAdminToken(c echo.Context, password string) error {
|
|||||||
return h.UnauthorizedResponse(c, ErrUserNotFound)
|
return h.UnauthorizedResponse(c, ErrUserNotFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress)
|
token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress, -1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return h.InternalServerErrorResponse(c, err.Error())
|
return h.InternalServerErrorResponse(c, err.Error())
|
||||||
}
|
}
|
||||||
@ -163,7 +163,7 @@ func (h *Handler) RefreshJwtToken(c echo.Context) error {
|
|||||||
return h.InternalServerErrorResponse(c, err.Error())
|
return h.InternalServerErrorResponse(c, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, time.Now().Add(time.Hour*48))
|
jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, user.ID, time.Now().Add(time.Hour*48))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return h.InternalServerErrorResponse(c, err.Error())
|
return h.InternalServerErrorResponse(c, err.Error())
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,9 @@ import (
|
|||||||
// @Success 200 {object} domain.DiscordWebhookResponse
|
// @Success 200 {object} domain.DiscordWebhookResponse
|
||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
|
func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
|
||||||
p := domain.DiscordWebhookResponse{
|
p := domain.DiscordWebhookResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -42,7 +44,9 @@ func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
|
|||||||
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
|
func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
|
||||||
p := domain.DiscordWebhookResponse{
|
p := domain.DiscordWebhookResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -74,7 +78,9 @@ func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
|
|||||||
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
|
func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
|
||||||
p := domain.DiscordWebhookResponse{
|
p := domain.DiscordWebhookResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -110,13 +116,9 @@ func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
|
|||||||
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) NewDiscordWebHook(c echo.Context) error {
|
func (s *Handler) NewDiscordWebHook(c echo.Context) error {
|
||||||
token, err := s.getJwtToken(c)
|
token := s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
|
||||||
if err != nil {
|
|
||||||
return c.JSON(http.StatusUnauthorized, domain.BaseResponse{
|
|
||||||
Message: ErrJwtMissing,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
_url := c.QueryParam("url")
|
_url := c.QueryParam("url")
|
||||||
_server := c.QueryParam("server")
|
_server := c.QueryParam("server")
|
||||||
@ -181,7 +183,9 @@ func (s *Handler) NewDiscordWebHook(c echo.Context) error {
|
|||||||
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
|
||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) disableDiscordWebHook(c echo.Context) error {
|
func (s *Handler) disableDiscordWebHook(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
|
||||||
id, err := strconv.Atoi(c.Param("ID"))
|
id, err := strconv.Atoi(c.Param("ID"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
||||||
@ -190,11 +194,15 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check to make sure we can find the record
|
// Check to make sure we can find the record
|
||||||
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.WriteError(c, err, http.StatusInternalServerError)
|
s.WriteError(c, err, http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if record.UserID != s.GetUserIdFromJwtToken(c) {
|
||||||
|
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
|
||||||
|
}
|
||||||
|
|
||||||
// flip the it
|
// flip the it
|
||||||
updated, err := s.repo.DiscordWebHooks.Disable(c.Request().Context(), int64(id))
|
updated, err := s.repo.DiscordWebHooks.Disable(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -226,18 +234,24 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
|
|||||||
// @Param id path int true "id"
|
// @Param id path int true "id"
|
||||||
// @Tags DiscordWebhook
|
// @Tags DiscordWebhook
|
||||||
// @Router /v1/discord/webhooks/{ID}/enable [post]
|
// @Router /v1/discord/webhooks/{ID}/enable [post]
|
||||||
|
// @Security Bearer
|
||||||
func (s *Handler) enableDiscordWebHook(c echo.Context) error {
|
func (s *Handler) enableDiscordWebHook(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
|
||||||
id, err := strconv.Atoi(c.Param("ID"))
|
id, err := strconv.Atoi(c.Param("ID"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.WriteError(c, err, http.StatusBadRequest)
|
s.WriteError(c, err, http.StatusBadRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check to make sure we can find the record
|
// Check to make sure we can find the record
|
||||||
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.WriteError(c, err, http.StatusBadRequest)
|
s.WriteError(c, err, http.StatusBadRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if record.UserID != s.GetUserIdFromJwtToken(c) {
|
||||||
|
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
|
||||||
|
}
|
||||||
|
|
||||||
updated, err := s.repo.DiscordWebHooks.Enable(c.Request().Context(), int64(id))
|
updated, err := s.repo.DiscordWebHooks.Enable(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.WriteError(c, err, http.StatusInternalServerError)
|
s.WriteError(c, err, http.StatusInternalServerError)
|
||||||
@ -271,17 +285,22 @@ func (s *Handler) enableDiscordWebHook(c echo.Context) error {
|
|||||||
// @Failure 400 {object} domain.BaseResponse
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
func (s *Handler) deleteDiscordWebHook(c echo.Context) error {
|
func (s *Handler) deleteDiscordWebHook(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
|
||||||
id, err := strconv.Atoi(c.Param("ID"))
|
id, err := strconv.Atoi(c.Param("ID"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, err.Error())
|
return c.JSON(http.StatusBadRequest, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check to make sure we can find the record
|
// Check to make sure we can find the record
|
||||||
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, err.Error())
|
return c.JSON(http.StatusInternalServerError, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if record.UserID != s.GetUserIdFromJwtToken(c) {
|
||||||
|
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
|
||||||
|
}
|
||||||
|
|
||||||
// Soft delete the record
|
// Soft delete the record
|
||||||
updated, err := s.repo.DiscordWebHooks.SoftDelete(c.Request().Context(), int64(id))
|
updated, err := s.repo.DiscordWebHooks.SoftDelete(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -12,14 +12,13 @@ import (
|
|||||||
swagger "github.com/swaggo/echo-swagger"
|
swagger "github.com/swaggo/echo-swagger"
|
||||||
|
|
||||||
_ "git.jamestombleson.com/jtom38/newsbot-api/docs"
|
_ "git.jamestombleson.com/jtom38/newsbot-api/docs"
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
|
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
|
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
|
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Handler struct {
|
type Handler struct {
|
||||||
Router *echo.Echo
|
Router *echo.Echo
|
||||||
Db *database.Queries
|
//Db *database.Queries
|
||||||
config services.Configs
|
config services.Configs
|
||||||
repo services.RepositoryService
|
repo services.RepositoryService
|
||||||
}
|
}
|
||||||
@ -28,9 +27,13 @@ const (
|
|||||||
ErrParameterIdMissing = "The requested parameter ID was not found."
|
ErrParameterIdMissing = "The requested parameter ID was not found."
|
||||||
ErrParameterMissing = "The requested parameter was not found found:"
|
ErrParameterMissing = "The requested parameter was not found found:"
|
||||||
ErrUnableToParseId = "Unable to parse the requested ID"
|
ErrUnableToParseId = "Unable to parse the requested ID"
|
||||||
|
|
||||||
ErrRecordMissing = "The requested record was not found"
|
ErrRecordMissing = "The requested record was not found"
|
||||||
ErrFailedToCreateRecord = "The record was not created due to a database problem"
|
ErrFailedToCreateRecord = "The record was not created due to a database problem"
|
||||||
|
ErrFailedToUpdateRecord = "The requested record was not updated due to a database problem"
|
||||||
|
|
||||||
ErrUserUnknown = "User is unknown"
|
ErrUserUnknown = "User is unknown"
|
||||||
|
ErrYouDontOwnTheRecord = "The record requested does not belong to you"
|
||||||
|
|
||||||
ResponseMessageSuccess = "Success"
|
ResponseMessageSuccess = "Success"
|
||||||
)
|
)
|
||||||
@ -170,3 +173,12 @@ func (s *Handler) ValidateJwtToken(c echo.Context, requiredScope string) JwtToke
|
|||||||
|
|
||||||
return token
|
return token
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Handler) GetUserIdFromJwtToken(c echo.Context) int64 {
|
||||||
|
token, err := s.getJwtTokenFromContext(c)
|
||||||
|
if err != nil {
|
||||||
|
s.WriteMessage(c, ErrJwtMissing, http.StatusUnauthorized)
|
||||||
|
}
|
||||||
|
|
||||||
|
return token.GetUserId()
|
||||||
|
}
|
||||||
|
@ -23,6 +23,7 @@ type JwtToken struct {
|
|||||||
Iss string `json:"iss"`
|
Iss string `json:"iss"`
|
||||||
Authorized bool `json:"authorized"`
|
Authorized bool `json:"authorized"`
|
||||||
UserName string `json:"username"`
|
UserName string `json:"username"`
|
||||||
|
UserId int64 `json:"userId"`
|
||||||
Scopes []string `json:"scopes"`
|
Scopes []string `json:"scopes"`
|
||||||
jwt.RegisteredClaims
|
jwt.RegisteredClaims
|
||||||
}
|
}
|
||||||
@ -52,6 +53,10 @@ func (j JwtToken) GetUsername() string {
|
|||||||
return j.UserName
|
return j.UserName
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (j JwtToken) GetUserId() int64 {
|
||||||
|
return j.UserId
|
||||||
|
}
|
||||||
|
|
||||||
func (j JwtToken) hasExpired() error {
|
func (j JwtToken) hasExpired() error {
|
||||||
// Check to see if the token has expired
|
// Check to see if the token has expired
|
||||||
hasExpired := j.Exp.Compare(time.Now())
|
hasExpired := j.Exp.Compare(time.Now())
|
||||||
@ -77,11 +82,11 @@ func (j JwtToken) hasScope(scope string) error {
|
|||||||
return errors.New(ErrJwtScopeMissing)
|
return errors.New(ErrJwtScopeMissing)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) generateJwt(username, scopes, issuer string) (string, error) {
|
func (h *Handler) generateJwt(username, scopes, issuer string, userId int64) (string, error) {
|
||||||
return h.generateJwtWithExp(username, scopes, issuer, time.Now().Add(10*time.Minute))
|
return h.generateJwtWithExp(username, scopes, issuer, userId, time.Now().Add(10*time.Minute))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expiresAt time.Time) (string, error) {
|
func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, userId int64, expiresAt time.Time) (string, error) {
|
||||||
secret := []byte(h.config.JwtSecret)
|
secret := []byte(h.config.JwtSecret)
|
||||||
|
|
||||||
// Anyone who wants to decrypt the key needs to use the same method
|
// Anyone who wants to decrypt the key needs to use the same method
|
||||||
@ -91,6 +96,7 @@ func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expire
|
|||||||
claims["authorized"] = true
|
claims["authorized"] = true
|
||||||
claims["username"] = username
|
claims["username"] = username
|
||||||
claims["iss"] = issuer
|
claims["iss"] = issuer
|
||||||
|
claims["userId"] = userId
|
||||||
|
|
||||||
var scopes []string
|
var scopes []string
|
||||||
scopes = append(scopes, domain.ScopeAll)
|
scopes = append(scopes, domain.ScopeAll)
|
||||||
|
@ -1,17 +1,13 @@
|
|||||||
package v1
|
package v1
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
|
||||||
"encoding/json"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
|
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
|
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
|
||||||
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
|
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
|
||||||
"github.com/google/uuid"
|
|
||||||
"github.com/labstack/echo/v4"
|
"github.com/labstack/echo/v4"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -25,6 +21,7 @@ import (
|
|||||||
// @Failure 400 {object} domain.BaseResponse "Unable to reach SQL or Data problems"
|
// @Failure 400 {object} domain.BaseResponse "Unable to reach SQL or Data problems"
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) listSources(c echo.Context) error {
|
func (s *Handler) listSources(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceRead)
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -58,6 +55,7 @@ func (s *Handler) listSources(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) listSourcesBySource(c echo.Context) error {
|
func (s *Handler) listSourcesBySource(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceRead)
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -97,6 +95,7 @@ func (s *Handler) listSourcesBySource(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) getSource(c echo.Context) error {
|
func (s *Handler) getSource(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceRead)
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -133,6 +132,7 @@ func (s *Handler) getSource(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
|
func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceRead)
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -169,6 +169,8 @@ func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) newRedditSource(c echo.Context) error {
|
func (s *Handler) newRedditSource(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
|
||||||
|
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -178,20 +180,13 @@ func (s *Handler) newRedditSource(c echo.Context) error {
|
|||||||
var param domain.NewSourceParamRequest
|
var param domain.NewSourceParamRequest
|
||||||
err := c.Bind(¶m)
|
err := c.Bind(¶m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteError(c, err, http.StatusBadRequest)
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if param.Url == "" {
|
if param.Url == "" {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteMessage(c, "url is missing", http.StatusBadRequest)
|
||||||
Message: "Url is missing a value",
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
if !strings.Contains(param.Url, "reddit.com") {
|
if !strings.Contains(param.Url, "reddit.com") {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteMessage(c, "invalid url", http.StatusBadRequest)
|
||||||
Message: "Invalid URL given",
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tags := fmt.Sprintf("twitch, %v, %s", param.Name, param.Tags)
|
tags := fmt.Sprintf("twitch, %v, %s", param.Name, param.Tags)
|
||||||
@ -223,61 +218,54 @@ func (s *Handler) newRedditSource(c echo.Context) error {
|
|||||||
// @Router /v1/sources/new/youtube [post]
|
// @Router /v1/sources/new/youtube [post]
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) newYoutubeSource(c echo.Context) error {
|
func (s *Handler) newYoutubeSource(c echo.Context) error {
|
||||||
|
// Validate the jwt
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
|
||||||
|
|
||||||
var param domain.NewSourceParamRequest
|
var param domain.NewSourceParamRequest
|
||||||
err := c.Bind(¶m)
|
err := c.Bind(¶m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteError(c, err, http.StatusBadRequest)
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//query := r.URL.Query()
|
|
||||||
//_name := query["name"][0]
|
|
||||||
//_url := query["url"][0]
|
|
||||||
////_tags := query["tags"][0]
|
|
||||||
|
|
||||||
if param.Url == "" {
|
if param.Url == "" {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteMessage(c, "url is missing a value", http.StatusBadRequest)
|
||||||
Message: "url is missing a value",
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
if !strings.Contains(param.Url, "youtube.com") {
|
if !strings.Contains(param.Url, "youtube.com") {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteMessage(c, "invalid url", http.StatusBadRequest)
|
||||||
Message: "Invalid URL",
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
resp := domain.SourcesResponse{
|
||||||
if _tags == "" {
|
BaseResponse: domain.BaseResponse{
|
||||||
tags = fmt.Sprintf("twitch, %v", _name)
|
Message: ResponseMessageSuccess,
|
||||||
} else {
|
},
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
|
item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
|
||||||
|
if err == nil {
|
||||||
|
var dto []domain.SourceDto
|
||||||
|
dto = append(dto, services.SourceToDto(item))
|
||||||
|
resp.Payload = dto
|
||||||
|
return c.JSON(http.StatusOK, resp)
|
||||||
|
}
|
||||||
|
|
||||||
tags := fmt.Sprintf("twitch, %v", param.Name)
|
tags := fmt.Sprintf("twitch, %v", param.Name)
|
||||||
|
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorYoutube, param.Name, param.Url, tags, true)
|
||||||
params := database.CreateSourceParams{
|
|
||||||
ID: uuid.New(),
|
|
||||||
Site: "youtube",
|
|
||||||
Name: param.Name,
|
|
||||||
Source: "youtube",
|
|
||||||
Type: "feed",
|
|
||||||
Enabled: true,
|
|
||||||
Url: param.Url,
|
|
||||||
Tags: tags,
|
|
||||||
}
|
|
||||||
err = s.Db.CreateSource(context.Background(), params)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, err.Error())
|
return c.JSON(http.StatusInternalServerError, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
bJson, err := json.Marshal(¶ms)
|
if rows != 1 {
|
||||||
if err != nil {
|
s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(http.StatusOK, bJson)
|
item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
|
||||||
|
if err == nil {
|
||||||
|
var dto []domain.SourceDto
|
||||||
|
dto = append(dto, services.SourceToDto(item))
|
||||||
|
resp.Payload = dto
|
||||||
|
return c.JSON(http.StatusOK, resp)
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.JSON(http.StatusOK, resp)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewTwitchSource
|
// NewTwitchSource
|
||||||
@ -287,6 +275,8 @@ func (s *Handler) newYoutubeSource(c echo.Context) error {
|
|||||||
// @Router /v1/sources/new/twitch [post]
|
// @Router /v1/sources/new/twitch [post]
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) newTwitchSource(c echo.Context) error {
|
func (s *Handler) newTwitchSource(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
|
||||||
|
|
||||||
var param domain.NewSourceParamRequest
|
var param domain.NewSourceParamRequest
|
||||||
err := c.Bind(¶m)
|
err := c.Bind(¶m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -295,37 +285,41 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
//query := r.URL.Query()
|
resp := domain.SourcesResponse{
|
||||||
//_name := query["name"][0]
|
BaseResponse: domain.BaseResponse{
|
||||||
|
Message: ResponseMessageSuccess,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
tags := fmt.Sprintf("twitch, %v", param.Name)
|
tags := fmt.Sprintf("twitch, %v", param.Name)
|
||||||
_url := fmt.Sprintf("https://twitch.tv/%v", param.Name)
|
url := fmt.Sprintf("https://twitch.tv/%v", param.Name)
|
||||||
|
|
||||||
params := database.CreateSourceParams{
|
// Check if the record already exists
|
||||||
ID: uuid.New(),
|
item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
|
||||||
Site: "twitch",
|
if err == nil {
|
||||||
Name: param.Name,
|
var dto []domain.SourceDto
|
||||||
Source: "twitch",
|
dto = append(dto, services.SourceToDto(item))
|
||||||
Type: "api",
|
resp.Payload = dto
|
||||||
Enabled: true,
|
return c.JSON(http.StatusOK, resp)
|
||||||
Url: _url,
|
|
||||||
Tags: tags,
|
|
||||||
}
|
}
|
||||||
err = s.Db.CreateSource(c.Request().Context(), params)
|
|
||||||
|
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorTwitch, param.Name, url, tags, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
||||||
Message: err.Error(),
|
Message: err.Error(),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
bJson, err := json.Marshal(¶ms)
|
if rows != 1 {
|
||||||
if err != nil {
|
s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(http.StatusOK, bJson)
|
item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
|
||||||
|
var dto []domain.SourceDto
|
||||||
|
dto = append(dto, services.SourceToDto(item))
|
||||||
|
resp.Payload = dto
|
||||||
|
|
||||||
|
return c.JSON(http.StatusOK, resp)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewRssSource
|
// NewRssSource
|
||||||
@ -339,6 +333,8 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
|
|||||||
// @Failure 500 {object} domain.BaseResponse
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) newRssSource(c echo.Context) error {
|
func (s *Handler) newRssSource(c echo.Context) error {
|
||||||
|
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
|
||||||
|
|
||||||
resp := domain.SourcesResponse{
|
resp := domain.SourcesResponse{
|
||||||
BaseResponse: domain.BaseResponse{
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: ResponseMessageSuccess,
|
Message: ResponseMessageSuccess,
|
||||||
@ -382,50 +378,52 @@ func (s *Handler) newRssSource(c echo.Context) error {
|
|||||||
|
|
||||||
// DeleteSource
|
// DeleteSource
|
||||||
// @Summary Marks a source as deleted based on its ID value.
|
// @Summary Marks a source as deleted based on its ID value.
|
||||||
// @Param id path string true "id"
|
// @Param id path int true "id"
|
||||||
// @Tags Source
|
// @Tags Source
|
||||||
// @Router /v1/sources/{id} [POST]
|
// @Router /v1/sources/{id} [POST]
|
||||||
|
// @Success 200 {object} domain.SourcesResponse "ok"
|
||||||
|
// @Failure 400 {object} domain.BaseResponse
|
||||||
|
// @Failure 500 {object} domain.BaseResponse
|
||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
func (s *Handler) deleteSources(c echo.Context) error {
|
func (s *Handler) deleteSources(c echo.Context) error {
|
||||||
id := c.Param("ID")
|
s.ValidateJwtToken(c, domain.ScopeAll)
|
||||||
uuid, err := uuid.Parse(id)
|
id, err := strconv.Atoi(c.Param("ID"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
|
s.WriteError(c, err, http.StatusBadRequest)
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check to make sure we can find the record
|
// Check to make sure we can find the record
|
||||||
_, err = s.Db.GetSourceByID(c.Request().Context(), uuid)
|
_, err = s.repo.Sources.GetById(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
s.WriteError(c, err, http.StatusInternalServerError)
|
||||||
Message: err.Error(),
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete the record
|
// Delete the record
|
||||||
err = s.Db.DeleteSource(c.Request().Context(), uuid)
|
rows, err := s.repo.Sources.SoftDelete(c.Request().Context(), int64(id))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
s.WriteError(c, err, http.StatusInternalServerError)
|
||||||
Message: err.Error(),
|
}
|
||||||
})
|
if rows != 1 {
|
||||||
|
s.WriteMessage(c, ErrFailedToUpdateRecord, http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
|
|
||||||
p := ApiStatusModel{
|
// pull the record with its updated value
|
||||||
|
item, err := s.repo.Sources.GetById(c.Request().Context(), int64(id))
|
||||||
|
if err != nil {
|
||||||
|
s.WriteError(c, err, http.StatusInternalServerError)
|
||||||
|
}
|
||||||
|
|
||||||
|
var items []domain.SourceDto
|
||||||
|
items = append(items, services.SourceToDto(item))
|
||||||
|
|
||||||
|
return c.JSON(http.StatusOK, domain.SourcesResponse{
|
||||||
|
BaseResponse: domain.BaseResponse{
|
||||||
Message: "OK",
|
Message: "OK",
|
||||||
StatusCode: http.StatusOK,
|
},
|
||||||
}
|
Payload: items,
|
||||||
|
|
||||||
b, err := json.Marshal(p)
|
|
||||||
if err != nil {
|
|
||||||
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
|
|
||||||
Message: err.Error(),
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(http.StatusOK, b)
|
|
||||||
}
|
|
||||||
|
|
||||||
// DisableSource
|
// DisableSource
|
||||||
// @Summary Disables a source from processing.
|
// @Summary Disables a source from processing.
|
||||||
// @Param id path int true "id"
|
// @Param id path int true "id"
|
||||||
|
@ -130,7 +130,7 @@ func (us UserService) Create(ctx context.Context, name, password, scope string)
|
|||||||
return domain.UserEntity{}, err
|
return domain.UserEntity{}, err
|
||||||
}
|
}
|
||||||
|
|
||||||
us.repo.Create(ctx, name, password, domain.ScopeRead)
|
us.repo.Create(ctx, name, password, domain.ScopeArticleRead)
|
||||||
return domain.UserEntity{}, nil
|
return domain.UserEntity{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user