homebox/backend/app/api/v1/v1_ctrl_auth.go

package v1

import (
	"errors"
	"net/http"

	"github.com/hay-kot/content/backend/internal/services"
	"github.com/hay-kot/content/backend/internal/types"
	"github.com/hay-kot/content/backend/pkgs/server"
	"github.com/rs/zerolog/log"
)

// HandleAuthLogin godoc
// @Summary  User Login
// @Tags     Authentication
// @Accept   x-www-form-urlencoded
// @Accept   application/json
// @Param    username  formData  string  false  "string"  example(admin@admin.com)
// @Param    password  formData  string  false  "string"  example(admin)
// @Produce  json
// @Success  200  {object}  types.TokenResponse
// @Router   /v1/users/login [POST]
func (ctrl *V1Controller) HandleAuthLogin() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		loginForm := &types.LoginForm{}

		if r.Header.Get("Content-Type") == server.ContentFormUrlEncoded {
			err := r.ParseForm()
			if err != nil {
				server.Respond(w, http.StatusBadRequest, server.Wrap(err))
				log.Error().Err(err).Msg("failed to parse form")
				return
			}

			loginForm.Username = r.PostFormValue("username")
			loginForm.Password = r.PostFormValue("password")
		} else if r.Header.Get("Content-Type") == server.ContentJSON {
			err := server.Decode(r, loginForm)

			if err != nil {
				log.Err(err).Msg("failed to decode login form")
				server.Respond(w, http.StatusBadRequest, server.Wrap(err))
				return
			}
		} else {
			server.Respond(w, http.StatusBadRequest, errors.New("invalid content type"))
			return
		}

		if loginForm.Username == "" || loginForm.Password == "" {
			server.RespondError(w, http.StatusBadRequest, errors.New("username and password are required"))
			return
		}

		newToken, err := ctrl.svc.User.Login(r.Context(), loginForm.Username, loginForm.Password)

		if err != nil {
			server.RespondError(w, http.StatusUnauthorized, err)
			return
		}

		server.Respond(w, http.StatusOK, types.TokenResponse{
			BearerToken: "Bearer " + newToken.Raw,
			ExpiresAt:   newToken.ExpiresAt,
		})
	}
}

// HandleAuthLogout godoc
// @Summary   User Logout
// @Tags      Authentication
// @Success   204
// @Router    /v1/users/logout [POST]
// @Security  Bearer
func (ctrl *V1Controller) HandleAuthLogout() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		token := services.UseTokenCtx(r.Context())

		if token == "" {
			server.RespondError(w, http.StatusUnauthorized, errors.New("no token within request context"))
			return
		}

		err := ctrl.svc.User.Logout(r.Context(), token)

		if err != nil {
			server.RespondError(w, http.StatusInternalServerError, err)
			return
		}

		server.Respond(w, http.StatusNoContent, nil)
	}
}

// HandleAuthLogout godoc
// @Summary      User Token Refresh
// @Description  handleAuthRefresh returns a handler that will issue a new token from an existing token.
// @Description  This does not validate that the user still exists within the database.
// @Tags         Authentication
// @Success      200
// @Router       /v1/users/refresh [GET]
// @Security     Bearer
func (ctrl *V1Controller) HandleAuthRefresh() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		requestToken := services.UseTokenCtx(r.Context())

		if requestToken == "" {
			server.RespondError(w, http.StatusUnauthorized, errors.New("no user token found"))
			return
		}

		newToken, err := ctrl.svc.User.RenewToken(r.Context(), requestToken)

		if err != nil {
			server.RespondUnauthorized(w)
			return
		}

		server.Respond(w, http.StatusOK, newToken)
	}
}
Initial commit 2022-08-30 02:30:36 +00:00			`package v1`

			`import (`
			`"errors"`
			`"net/http"`

update imports 2022-08-30 02:40:54 +00:00			`"github.com/hay-kot/content/backend/internal/services"`
			`"github.com/hay-kot/content/backend/internal/types"`
			`"github.com/hay-kot/content/backend/pkgs/server"`
switch to zero log 2022-09-03 18:38:35 +00:00			`"github.com/rs/zerolog/log"`
Initial commit 2022-08-30 02:30:36 +00:00			`)`

			`// HandleAuthLogin godoc`
			`// @Summary User Login`
			`// @Tags Authentication`
			`// @Accept x-www-form-urlencoded`
			`// @Accept application/json`
			`// @Param username formData string false "string" example(admin@admin.com)`
			`// @Param password formData string false "string" example(admin)`
			`// @Produce json`
			`// @Success 200 {object} types.TokenResponse`
			`// @Router /v1/users/login [POST]`
			`func (ctrl *V1Controller) HandleAuthLogin() http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`loginForm := &types.LoginForm{}`

cleanup user implementation 2022-08-31 00:40:39 +00:00			`if r.Header.Get("Content-Type") == server.ContentFormUrlEncoded {`
Initial commit 2022-08-30 02:30:36 +00:00			`err := r.ParseForm()`
			`if err != nil {`
			`server.Respond(w, http.StatusBadRequest, server.Wrap(err))`
switch to zero log 2022-09-03 18:38:35 +00:00			`log.Error().Err(err).Msg("failed to parse form")`
Initial commit 2022-08-30 02:30:36 +00:00			`return`
			`}`

			`loginForm.Username = r.PostFormValue("username")`
			`loginForm.Password = r.PostFormValue("password")`
cleanup user implementation 2022-08-31 00:40:39 +00:00			`} else if r.Header.Get("Content-Type") == server.ContentJSON {`
Initial commit 2022-08-30 02:30:36 +00:00			`err := server.Decode(r, loginForm)`

			`if err != nil {`
switch to zero log 2022-09-03 18:38:35 +00:00			`log.Err(err).Msg("failed to decode login form")`
Initial commit 2022-08-30 02:30:36 +00:00			`server.Respond(w, http.StatusBadRequest, server.Wrap(err))`
			`return`
			`}`
			`} else {`
			`server.Respond(w, http.StatusBadRequest, errors.New("invalid content type"))`
			`return`
			`}`

			`if loginForm.Username == "" \|\| loginForm.Password == "" {`
			`server.RespondError(w, http.StatusBadRequest, errors.New("username and password are required"))`
			`return`
			`}`

			`newToken, err := ctrl.svc.User.Login(r.Context(), loginForm.Username, loginForm.Password)`

			`if err != nil {`
			`server.RespondError(w, http.StatusUnauthorized, err)`
			`return`
			`}`

cleanup user implementation 2022-08-31 00:40:39 +00:00			`server.Respond(w, http.StatusOK, types.TokenResponse{`
Initial commit 2022-08-30 02:30:36 +00:00			`BearerToken: "Bearer " + newToken.Raw,`
			`ExpiresAt: newToken.ExpiresAt,`
			`})`
			`}`
			`}`

			`// HandleAuthLogout godoc`
			`// @Summary User Logout`
			`// @Tags Authentication`
			`// @Success 204`
			`// @Router /v1/users/logout [POST]`
			`// @Security Bearer`
			`func (ctrl *V1Controller) HandleAuthLogout() http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`token := services.UseTokenCtx(r.Context())`

			`if token == "" {`
			`server.RespondError(w, http.StatusUnauthorized, errors.New("no token within request context"))`
			`return`
			`}`

			`err := ctrl.svc.User.Logout(r.Context(), token)`

			`if err != nil {`
			`server.RespondError(w, http.StatusInternalServerError, err)`
			`return`
			`}`

logger 2022-08-31 00:07:05 +00:00			`server.Respond(w, http.StatusNoContent, nil)`
Initial commit 2022-08-30 02:30:36 +00:00			`}`
			`}`

			`// HandleAuthLogout godoc`
			`// @Summary User Token Refresh`
			`// @Description handleAuthRefresh returns a handler that will issue a new token from an existing token.`
			`// @Description This does not validate that the user still exists within the database.`
			`// @Tags Authentication`
			`// @Success 200`
			`// @Router /v1/users/refresh [GET]`
			`// @Security Bearer`
			`func (ctrl *V1Controller) HandleAuthRefresh() http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`requestToken := services.UseTokenCtx(r.Context())`

			`if requestToken == "" {`
			`server.RespondError(w, http.StatusUnauthorized, errors.New("no user token found"))`
			`return`
			`}`

			`newToken, err := ctrl.svc.User.RenewToken(r.Context(), requestToken)`

			`if err != nil {`
			`server.RespondUnauthorized(w)`
			`return`
			`}`

cleanup user implementation 2022-08-31 00:40:39 +00:00			`server.Respond(w, http.StatusOK, newToken)`
Initial commit 2022-08-30 02:30:36 +00:00			`}`
			`}`