forked from mirrors/homebox
cleanup user token access
This commit is contained in:
parent
1107904f47
commit
682774c9ce
5 changed files with 13 additions and 16 deletions
|
@ -10,7 +10,6 @@ import (
|
|||
"github.com/go-chi/chi/v5/middleware"
|
||||
"github.com/hay-kot/content/backend/internal/config"
|
||||
"github.com/hay-kot/content/backend/internal/services"
|
||||
"github.com/hay-kot/content/backend/pkgs/hasher"
|
||||
"github.com/hay-kot/content/backend/pkgs/logger"
|
||||
"github.com/hay-kot/content/backend/pkgs/server"
|
||||
)
|
||||
|
@ -49,17 +48,11 @@ func (a *app) mwAuthToken(next http.Handler) http.Handler {
|
|||
}
|
||||
|
||||
requestToken = strings.TrimPrefix(requestToken, "Bearer ")
|
||||
|
||||
hash := hasher.HashToken(requestToken)
|
||||
usr, err := a.services.User.GetSelf(r.Context(), requestToken)
|
||||
|
||||
// Check the database for the token
|
||||
usr, err := a.repos.AuthTokens.GetUserFromToken(r.Context(), hash)
|
||||
|
||||
if err != nil {
|
||||
a.logger.Error(err, logger.Props{
|
||||
"token": requestToken,
|
||||
"hash": fmt.Sprintf("%x", hash),
|
||||
})
|
||||
server.RespondUnauthorized(w)
|
||||
return
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@ package services
|
|||
import (
|
||||
"context"
|
||||
|
||||
"github.com/hay-kot/content/backend/ent"
|
||||
"github.com/hay-kot/content/backend/internal/types"
|
||||
)
|
||||
|
||||
type contextKeys struct {
|
||||
|
@ -17,16 +17,16 @@ var (
|
|||
|
||||
// SetUserCtx is a helper function that sets the ContextUser and ContextUserToken
|
||||
// values within the context of a web request (or any context).
|
||||
func SetUserCtx(ctx context.Context, user *ent.User, token string) context.Context {
|
||||
func SetUserCtx(ctx context.Context, user *types.UserOut, token string) context.Context {
|
||||
ctx = context.WithValue(ctx, ContextUser, user)
|
||||
ctx = context.WithValue(ctx, ContextUserToken, token)
|
||||
return ctx
|
||||
}
|
||||
|
||||
// UseUserCtx is a helper function that returns the user from the context.
|
||||
func UseUserCtx(ctx context.Context) *ent.User {
|
||||
func UseUserCtx(ctx context.Context) *types.UserOut {
|
||||
if val := ctx.Value(ContextUser); val != nil {
|
||||
return val.(*ent.User)
|
||||
return val.(*types.UserOut)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
@ -5,12 +5,12 @@ import (
|
|||
"testing"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/hay-kot/content/backend/ent"
|
||||
"github.com/hay-kot/content/backend/internal/types"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func Test_SetAuthContext(t *testing.T) {
|
||||
user := &ent.User{
|
||||
user := &types.UserOut{
|
||||
ID: uuid.New(),
|
||||
}
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ type UserService struct {
|
|||
repos *repo.AllRepos
|
||||
}
|
||||
|
||||
func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
||||
func ToOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
||||
if err != nil {
|
||||
return &types.UserOut{}, err
|
||||
}
|
||||
|
@ -37,6 +37,10 @@ func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error)
|
|||
}, nil
|
||||
}
|
||||
|
||||
func (UserService) toOutUser(user *ent.User, err error) (*types.UserOut, error) {
|
||||
return ToOutUser(user, err)
|
||||
}
|
||||
|
||||
func (svc *UserService) RegisterUser(ctx context.Context, data types.UserRegistration) (*types.UserOut, error) {
|
||||
group, err := svc.repos.Groups.Create(ctx, data.GroupName)
|
||||
if err != nil {
|
||||
|
|
|
@ -54,7 +54,7 @@ type UserOut struct {
|
|||
ID uuid.UUID `json:"id"`
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
IsSuperuser bool `json:"isSuper"`
|
||||
IsSuperuser bool `json:"isSuperuser"`
|
||||
GroupID uuid.UUID `json:"groupId"`
|
||||
GroupName string `json:"groupName"`
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue