forked from mirrors/homebox
cleanup user token access
This commit is contained in:
parent
1107904f47
commit
682774c9ce
5 changed files with 13 additions and 16 deletions
|
@ -10,7 +10,6 @@ import (
|
||||||
"github.com/go-chi/chi/v5/middleware"
|
"github.com/go-chi/chi/v5/middleware"
|
||||||
"github.com/hay-kot/content/backend/internal/config"
|
"github.com/hay-kot/content/backend/internal/config"
|
||||||
"github.com/hay-kot/content/backend/internal/services"
|
"github.com/hay-kot/content/backend/internal/services"
|
||||||
"github.com/hay-kot/content/backend/pkgs/hasher"
|
|
||||||
"github.com/hay-kot/content/backend/pkgs/logger"
|
"github.com/hay-kot/content/backend/pkgs/logger"
|
||||||
"github.com/hay-kot/content/backend/pkgs/server"
|
"github.com/hay-kot/content/backend/pkgs/server"
|
||||||
)
|
)
|
||||||
|
@ -49,17 +48,11 @@ func (a *app) mwAuthToken(next http.Handler) http.Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
requestToken = strings.TrimPrefix(requestToken, "Bearer ")
|
requestToken = strings.TrimPrefix(requestToken, "Bearer ")
|
||||||
|
usr, err := a.services.User.GetSelf(r.Context(), requestToken)
|
||||||
hash := hasher.HashToken(requestToken)
|
|
||||||
|
|
||||||
// Check the database for the token
|
// Check the database for the token
|
||||||
usr, err := a.repos.AuthTokens.GetUserFromToken(r.Context(), hash)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
a.logger.Error(err, logger.Props{
|
|
||||||
"token": requestToken,
|
|
||||||
"hash": fmt.Sprintf("%x", hash),
|
|
||||||
})
|
|
||||||
server.RespondUnauthorized(w)
|
server.RespondUnauthorized(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@ package services
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
"github.com/hay-kot/content/backend/ent"
|
"github.com/hay-kot/content/backend/internal/types"
|
||||||
)
|
)
|
||||||
|
|
||||||
type contextKeys struct {
|
type contextKeys struct {
|
||||||
|
@ -17,16 +17,16 @@ var (
|
||||||
|
|
||||||
// SetUserCtx is a helper function that sets the ContextUser and ContextUserToken
|
// SetUserCtx is a helper function that sets the ContextUser and ContextUserToken
|
||||||
// values within the context of a web request (or any context).
|
// values within the context of a web request (or any context).
|
||||||
func SetUserCtx(ctx context.Context, user *ent.User, token string) context.Context {
|
func SetUserCtx(ctx context.Context, user *types.UserOut, token string) context.Context {
|
||||||
ctx = context.WithValue(ctx, ContextUser, user)
|
ctx = context.WithValue(ctx, ContextUser, user)
|
||||||
ctx = context.WithValue(ctx, ContextUserToken, token)
|
ctx = context.WithValue(ctx, ContextUserToken, token)
|
||||||
return ctx
|
return ctx
|
||||||
}
|
}
|
||||||
|
|
||||||
// UseUserCtx is a helper function that returns the user from the context.
|
// UseUserCtx is a helper function that returns the user from the context.
|
||||||
func UseUserCtx(ctx context.Context) *ent.User {
|
func UseUserCtx(ctx context.Context) *types.UserOut {
|
||||||
if val := ctx.Value(ContextUser); val != nil {
|
if val := ctx.Value(ContextUser); val != nil {
|
||||||
return val.(*ent.User)
|
return val.(*types.UserOut)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,12 +5,12 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/hay-kot/content/backend/ent"
|
"github.com/hay-kot/content/backend/internal/types"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
func Test_SetAuthContext(t *testing.T) {
|
func Test_SetAuthContext(t *testing.T) {
|
||||||
user := &ent.User{
|
user := &types.UserOut{
|
||||||
ID: uuid.New(),
|
ID: uuid.New(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@ type UserService struct {
|
||||||
repos *repo.AllRepos
|
repos *repo.AllRepos
|
||||||
}
|
}
|
||||||
|
|
||||||
func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
func ToOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return &types.UserOut{}, err
|
return &types.UserOut{}, err
|
||||||
}
|
}
|
||||||
|
@ -37,6 +37,10 @@ func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error)
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
||||||
|
return ToOutUser(user, err)
|
||||||
|
}
|
||||||
|
|
||||||
func (svc *UserService) RegisterUser(ctx context.Context, data types.UserRegistration) (*types.UserOut, error) {
|
func (svc *UserService) RegisterUser(ctx context.Context, data types.UserRegistration) (*types.UserOut, error) {
|
||||||
group, err := svc.repos.Groups.Create(ctx, data.GroupName)
|
group, err := svc.repos.Groups.Create(ctx, data.GroupName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -54,7 +54,7 @@ type UserOut struct {
|
||||||
ID uuid.UUID `json:"id"`
|
ID uuid.UUID `json:"id"`
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
IsSuperuser bool `json:"isSuper"`
|
IsSuperuser bool `json:"isSuperuser"`
|
||||||
GroupID uuid.UUID `json:"groupId"`
|
GroupID uuid.UUID `json:"groupId"`
|
||||||
GroupName string `json:"groupName"`
|
GroupName string `json:"groupName"`
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue