features/bootstrapping #1

Merged
jtom38 merged 24 commits from features/bootstrapping into main 2024-06-02 19:55:25 -07:00
2 changed files with 59 additions and 5 deletions
Showing only changes of commit 218ccaf9ec - Show all commits

View File

@ -6,18 +6,24 @@ import (
"git.jamestombleson.com/jtom38/newsbot-portal/internal/domain" "git.jamestombleson.com/jtom38/newsbot-portal/internal/domain"
"git.jamestombleson.com/jtom38/newsbot-portal/internal/models" "git.jamestombleson.com/jtom38/newsbot-portal/internal/models"
"git.jamestombleson.com/jtom38/newsbot-portal/internal/views/articles" "git.jamestombleson.com/jtom38/newsbot-portal/internal/views/articles"
"git.jamestombleson.com/jtom38/newsbot-portal/internal/views/layout"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
func (h *Handler) ArticlesList(c echo.Context) error { func (h *Handler) ArticlesList(c echo.Context) error {
_, err := ValidateJwt(c, h.config.JwtSecret, h.config.ServerAddress)
if err != nil {
return Render(c, http.StatusBadRequest, layout.Error(err))
}
userToken, err := c.Cookie(domain.CookieToken) userToken, err := c.Cookie(domain.CookieToken)
if err != nil { if err != nil {
return err return Render(c, http.StatusBadRequest, layout.Error(err))
} }
resp, err := h.api.Articles.List(userToken.Value, 0) resp, err := h.api.Articles.List(userToken.Value, 0)
if err != nil { if err != nil {
return err return Render(c, http.StatusBadRequest, layout.Error(err))
} }
vm := models.ListArticlesViewModel{ vm := models.ListArticlesViewModel{

View File

@ -1,14 +1,62 @@
package handlers package handlers
import ( import (
"errors"
"net/http" "net/http"
"time"
"git.jamestombleson.com/jtom38/newsbot-portal/internal/domain"
"github.com/golang-jwt/jwt/v4"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
) )
func SetCookie(c echo.Context, key string, value string) { func SetCookie(c echo.Context, key, value, path string) {
cookie := new(http.Cookie) cookie := new(http.Cookie)
cookie.Name = key cookie.Name = key
cookie.Value = value cookie.Value = value
if path != "" {
cookie.Path = path
}
c.SetCookie(cookie) c.SetCookie(cookie)
} }
type jwtToken struct {
Exp time.Time `json:"exp"`
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
Scopes []string `json:"scopes"`
jwt.RegisteredClaims
}
func ValidateJwt(ctx echo.Context, sharedSecret, issuer string) (jwtToken, error) {
cookie, err := ctx.Cookie(domain.CookieToken)
if err != nil {
return jwtToken{}, err
}
if cookie.Value == "" {
return jwtToken{}, errors.New("JWT Bearer Token is missing")
}
token, err := jwt.ParseWithClaims(cookie.Value, &jwtToken{}, func(token *jwt.Token) (interface{}, error) {
return []byte(sharedSecret), nil
})
if err != nil {
return jwtToken{}, err
}
if !token.Valid {
return jwtToken{}, errors.New("invalid jwt token")
}
claims := token.Claims.(*jwtToken)
if !claims.Exp.After(time.Now()) {
return jwtToken{}, errors.New("the jwt token has expired")
}
//if claims.Iss != issuer {
// return jwtToken{}, errors.New("the issuer was invalid")
//}
return *claims, nil
}