jtom38/newsbot-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request 'sqlc removed and adding sessionToken to jwt' (#9) from features/sessiontokens into main

Browse Source 
Reviewed-on: #9
This commit is contained in:
jtom38 2024-05-26 09:02:18 -07:00
commit 877a6a9619
9 changed files with 50 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/docs.go
View File

@ -60,7 +60,7 @@ const docTemplate = `{
}
}
},
"/v1/articles/by/sourceid": {
"/v1/articles/by/sourceId": {
"get": {
"security": [
{
@ -1035,7 +1035,7 @@ const docTemplate = `{
}
}
},
"/v1/users/refreshToken": {
"/v1/users/refresh/token": {
"post": {
"security": [
{
@ -1350,9 +1350,6 @@ const docTemplate = `{
"refreshToken": {
"type": "string"
},
"sessionToken": {
"type": "string"
},
"token": {
"type": "string"
},

7
docs/swagger.json
View File

@ -51,7 +51,7 @@
}
}
},
"/v1/articles/by/sourceid": {
"/v1/articles/by/sourceId": {
"get": {
"security": [
{
@ -1026,7 +1026,7 @@
}
}
},
"/v1/users/refreshToken": {
"/v1/users/refresh/token": {
"post": {
"security": [
{
@ -1341,9 +1341,6 @@
"refreshToken": {
"type": "string"
},
"sessionToken": {
"type": "string"
},
"token": {
"type": "string"
},

6
docs/swagger.yaml
View File

@ -84,8 +84,6 @@ definitions:
type: string
refreshToken:
type: string
sessionToken:
type: string
token:
type: string
type:
@ -221,7 +219,7 @@ paths:
summary: Returns an article and source based on defined ID.
tags:
- Articles
/v1/articles/by/sourceid:
/v1/articles/by/sourceId:
get:
parameters:
- description: source id
@ -776,7 +774,7 @@ paths:
summary: Revokes the current session token and replaces it with a new one.
tags:
- Users
/v1/users/refreshToken:
/v1/users/refresh/token:
post:
parameters:
- description: body

4
domain/responses.go
View File

@ -1,6 +1,5 @@
package domain
type BaseResponse struct {
Message string `json:"message"`
}
@ -10,7 +9,6 @@ type LoginResponse struct {
Token string `json:"token"`
Type string `json:"type"`
RefreshToken string `json:"refreshToken"`
SessionToken string `json:"sessionToken"`
}
type ArticleResponse struct {
@ -36,4 +34,4 @@ type DiscordWebhookResponse struct {
type SourcesResponse struct {
BaseResponse
Payload []SourceDto `json:"payload"`
}
}

2
internal/handler/v1/articles.go
View File

@ -135,7 +135,7 @@ func (s *Handler) getArticleDetails(c echo.Context) error {
// @Param page query int false "Page to query"
// @Produce application/json
// @Tags Articles
// @Router /v1/articles/by/sourceid [get]
// @Router /v1/articles/by/sourceId [get]
// @Success 200 {object} domain.ArticleResponse "OK"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse

15
internal/handler/v1/handler.go
View File

@ -110,7 +110,8 @@ func NewServer(ctx context.Context, configs services.Configs, conn *sql.DB) *Han
users.Use(echojwt.WithConfig(jwtConfig))
users.POST("/scopes/add", s.AddScopes)
users.POST("/scopes/remove", s.RemoveScopes)
users.POST("/refreshToken", s.RefreshJwtToken)
users.POST("/refresh/token", s.RefreshJwtToken)
users.POST("/refresh/sessionToken", s.NewSessionToken)
s.Router = router
return s
@ -161,18 +162,24 @@ func (s *Handler) ValidateJwtToken(c echo.Context, requiredScope string) (JwtTok
err = token.hasExpired()
if err != nil {
return JwtToken{}, errors.New(ErrJwtExpired)
//s.WriteMessage(c, ErrJwtExpired, http.StatusUnauthorized)
}
err = token.hasScope(requiredScope)
if err != nil {
return JwtToken{}, errors.New(ErrJwtScopeMissing)
//s.WriteMessage(c, ErrJwtScopeMissing, http.StatusUnauthorized)
}
if token.Iss != s.config.ServerAddress {
return JwtToken{}, errors.New(ErrJwtInvalidIssuer)
//s.WriteMessage(c, ErrJwtInvalidIssuer, http.StatusUnauthorized)
}
user, err := s.repo.Users.GetUser(c.Request().Context(), token.UserName)
if err != nil {
return JwtToken{}, errors.New("user record not found")
}
if user.SessionToken != token.SessionToken {
return JwtToken{}, errors.New("invalid session token")
}
return token, nil

13
internal/handler/v1/jwt.go
View File

@ -19,12 +19,13 @@ const (
)
type JwtToken struct {
Exp time.Time `json:"exp"`
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
UserId int64 `json:"userId"`
Scopes []string `json:"scopes"`
Exp time.Time `json:"exp"`
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
UserId int64 `json:"userId"`
Scopes []string `json:"scopes"`
SessionToken string `json:"sessionToken"`
jwt.RegisteredClaims
}

23
internal/handler/v1/users.go
View File

@ -49,7 +49,7 @@ func (h *Handler) AuthRegister(c echo.Context) error {
return h.WriteError(c, err, http.StatusInternalServerError)
}
_, err = h.repo.Users.Create(c.Request().Context(), username, password, "", domain.ScopeArticleRead)
_, err = h.repo.Users.Create(c.Request().Context(), username, password, domain.ScopeArticleRead)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
@ -92,12 +92,8 @@ func (h *Handler) AuthLogin(c echo.Context) error {
// TODO think about moving this down some?
expiresAt := time.Now().Add(time.Hour * 48)
userScopes := strings.Split(user.Scopes, ",")
sessionToken, err := uuid.NewV7()
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
jwt, err := h.generateJwtWithExp(username, h.config.ServerAddress, sessionToken.String(), userScopes, user.ID, expiresAt)
jwt, err := h.generateJwtWithExp(username, h.config.ServerAddress, user.SessionToken, userScopes, user.ID, expiresAt)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
@ -114,7 +110,6 @@ func (h *Handler) AuthLogin(c echo.Context) error {
Token: jwt,
Type: "Bearer",
RefreshToken: refresh,
SessionToken: sessionToken.String(),
})
}
@ -152,7 +147,7 @@ func (h *Handler) createAdminToken(c echo.Context, password string) error {
// This will take collect some information about the requested refresh, validate and then return a new jwt token if approved.
// Register
// @Summary Generates a new token
// @Router /v1/users/refreshToken [post]
// @Router /v1/users/refresh/token [post]
// @Param request body domain.RefreshTokenRequest true "body"
// @Tags Users
// @Success 200 {object} domain.LoginResponse
@ -183,7 +178,7 @@ func (h *Handler) RefreshJwtToken(c echo.Context) error {
}
userScopes := strings.Split(user.Scopes, ",")
jwt, err := h.generateJwtWithExp(request.Username, h.config.ServerAddress, "", userScopes, user.ID, time.Now().Add(time.Hour*48))
jwt, err := h.generateJwtWithExp(request.Username, h.config.ServerAddress, user.SessionToken, userScopes, user.ID, time.Now().Add(time.Hour*48))
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
@ -281,16 +276,18 @@ func (h *Handler) RemoveScopes(c echo.Context) error {
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (h *Handler) LogoutEverywhere(c echo.Context) error {
func (h *Handler) NewSessionToken(c echo.Context) error {
token, err := h.getJwtTokenFromContext(c)
if err != nil {
return h.WriteError(c, err, http.StatusUnauthorized)
}
err = token.IsValid(domain.ScopeAll)
_, err = h.repo.Users.NewSessionToken(c.Request().Context(), token.UserName)
if err != nil {
return h.WriteError(c, err, http.StatusUnauthorized)
return h.WriteError(c, err, http.StatusInternalServerError)
}
return c.String(http.StatusInternalServerError, "Not Implemented")
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: "OK",
})
}

23
internal/repositoryServices/userService.go
View File

@ -27,8 +27,8 @@ type UserServices interface {
GetUser(ctx context.Context, username string) (entity.UserEntity, error)
AddScopes(ctx context.Context, username string, scopes []string) error
RemoveScopes(ctx context.Context, username string, scopes []string) error
Create(ctx context.Context, name, password, sessionToken, scope string) (entity.UserEntity, error)
NewSessionToken(ctx context.Context, name string) error
Create(ctx context.Context, name, password, scope string) (entity.UserEntity, error)
NewSessionToken(ctx context.Context, name string) (string, error)
CheckPasswordForRequirements(password string) error
}
@ -128,32 +128,37 @@ func (us UserService) doesScopeExist(scopes []string, target string) bool {
return false
}
func (us UserService) Create(ctx context.Context, name, password, sessionToken, scope string) (entity.UserEntity, error) {
func (us UserService) Create(ctx context.Context, name, password, scope string) (entity.UserEntity, error) {
err := us.CheckPasswordForRequirements(password)
if err != nil {
return entity.UserEntity{}, err
}
us.repo.Create(ctx, name, password, sessionToken, domain.ScopeArticleRead)
token, err := uuid.NewV7()
if err != nil {
return entity.UserEntity{}, err
}
us.repo.Create(ctx, name, password, token.String(), domain.ScopeArticleRead)
return entity.UserEntity{}, nil
}
func (us UserService) NewSessionToken(ctx context.Context, name string) error {
func (us UserService) NewSessionToken(ctx context.Context, name string) (string, error) {
token, err := uuid.NewV7()
if err != nil {
return err
return "", err
}
rows, err := us.repo.UpdateSessionToken(ctx, name, token.String())
if err != nil {
return err
return "", err
}
if rows != 1 {
return fmt.Errorf("UserService.NewSessionToken %w", err)
return "", fmt.Errorf("UserService.NewSessionToken %w", err)
}
return nil
return token.String(), nil
}
func (us UserService) CheckPasswordForRequirements(password string) error {