diff --git a/internal/api/user/controller.go b/internal/api/user/controller.go index d908d9b..cf1105e 100644 --- a/internal/api/user/controller.go +++ b/internal/api/user/controller.go @@ -209,14 +209,15 @@ func (co *controller) login(c *gin.Context) { // @Failure 500 {object} responses.ErrorResponse500 // @Router /user/logout [post] func (co *controller) logout(c *gin.Context) { - userUuid, refreshUuid, err := co.utils.GetAllTokensFromContext(c) + cookie, err := c.Request.Cookie("refresh_uuid") if err != nil { c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) - log.WithError(err).Error("User | Failed to get uuids from context on refresh") - return + log.WithError(err).Error("User | Failed to get refresh cookie") } - if err = co.service.logout(userUuid, refreshUuid); err != nil { + refreshUuid := cookie.Value + + if err = co.service.logout(refreshUuid); err != nil { c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) log.WithError(err).Error("User | Failed to logout") return @@ -234,15 +235,15 @@ func (co *controller) logout(c *gin.Context) { // @Failure 500 {object} responses.ErrorResponse500 // @Router /user/refresh [post] func (co *controller) refresh(c *gin.Context) { - //токены будут помещены в контекст при срабатывании мидлвари авторизации - userUuid, refreshUuid, err := co.utils.GetAllTokensFromContext(c) + cookie, err := c.Request.Cookie("refresh_uuid") if err != nil { c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) - log.WithError(err).Error("User | Failed to get uuids from context on refresh") - return + log.WithError(err).Error("User | Failed to get refresh cookie") } - response, err := co.service.refresh(userUuid, refreshUuid) + refreshUuid := cookie.Value + + response, err := co.service.refresh(refreshUuid) if err != nil { c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) log.WithError(err).Error("User | Failed to refresh user info") diff --git a/internal/api/user/service.go b/internal/api/user/service.go index 1bf2240..e5e5a28 100644 --- a/internal/api/user/service.go +++ b/internal/api/user/service.go @@ -120,10 +120,10 @@ func (s *service) login(login Login) (shared.AuthData, error) { return authData, nil } -func (s *service) logout(userUuid, refreshUuid string) error { - return s.auth.Logout(userUuid, refreshUuid) +func (s *service) logout(refreshUuid string) error { + return s.auth.Logout(refreshUuid) } -func (s *service) refresh(userUuid, refreshUuid string) (shared.AuthData, error) { - return s.auth.Refresh(userUuid, refreshUuid) +func (s *service) refresh(refreshUuid string) (shared.AuthData, error) { + return s.auth.Refresh(refreshUuid) } diff --git a/internal/interfaces/auth.go b/internal/interfaces/auth.go index dedc506..46e6f7e 100644 --- a/internal/interfaces/auth.go +++ b/internal/interfaces/auth.go @@ -4,6 +4,6 @@ import "merch-parser-api/internal/shared" type Auth interface { Login(userUuid string) (shared.AuthData, error) - Logout(userUuid, refreshUuid string) error - Refresh(userUuid, refreshUuid string) (shared.AuthData, error) + Logout(refreshUuid string) error + Refresh(refreshUuid string) (shared.AuthData, error) } diff --git a/internal/provider/auth/repository.go b/internal/provider/auth/repository.go index af21d03..0658206 100644 --- a/internal/provider/auth/repository.go +++ b/internal/provider/auth/repository.go @@ -7,8 +7,8 @@ import ( type Repository interface { CreateRefreshToken(token *Session) error - ReadRefreshToken(userUuid, tokenUuid string) (Session, error) - InvalidateRefreshToken(userUuid, refreshUuid string) error + ReadRefreshToken(tokenUuid string) (Session, error) + InvalidateRefreshToken(refreshUuid string) error } type repo struct { @@ -23,11 +23,10 @@ func (r *repo) CreateRefreshToken(token *Session) error { return r.db.Create(token).Error } -func (r *repo) ReadRefreshToken(userUuid, tokenUuid string) (Session, error) { +func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) { var tokenData Session if err := r.db. - Where("user_uuid = ?", userUuid). Where("refresh_uuid = ?", tokenUuid). Where("deleted_at IS NULL"). First(&tokenData).Error; err != nil { @@ -37,10 +36,9 @@ func (r *repo) ReadRefreshToken(userUuid, tokenUuid string) (Session, error) { return tokenData, nil } -func (r *repo) InvalidateRefreshToken(userUuid, refreshUuid string) error { +func (r *repo) InvalidateRefreshToken(refreshUuid string) error { return r.db. Model(&Session{}). - Where("user_uuid = ?", userUuid). Where("refresh_uuid = ?", refreshUuid). Update("deleted_at", time.Now().UTC()).Error } diff --git a/internal/provider/auth/service.go b/internal/provider/auth/service.go index 27c1538..c839078 100644 --- a/internal/provider/auth/service.go +++ b/internal/provider/auth/service.go @@ -26,10 +26,10 @@ func (s *Service) Login(userUuid string) (shared.AuthData, error) { return s.newSession(userUuid) } -func (s *Service) Refresh(userUuid, refreshUuid string) (shared.AuthData, error) { +func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) { var err error - tokenData, err := s.repo.ReadRefreshToken(userUuid, refreshUuid) + tokenData, err := s.repo.ReadRefreshToken(refreshUuid) if err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist") @@ -38,20 +38,20 @@ func (s *Service) Refresh(userUuid, refreshUuid string) (shared.AuthData, error) } if time.Now().After(tokenData.Expires) { - _ = s.repo.InvalidateRefreshToken(userUuid, refreshUuid) + _ = s.repo.InvalidateRefreshToken(refreshUuid) return shared.AuthData{}, errors.New("token expired") } - err = s.repo.InvalidateRefreshToken(userUuid, refreshUuid) + err = s.repo.InvalidateRefreshToken(refreshUuid) if err != nil { return shared.AuthData{}, err } - return s.updateSession(userUuid, tokenData.SessionUuid) + return s.updateSession(tokenData.UserUuid, tokenData.SessionUuid) } -func (s *Service) Logout(userUuid, refreshUuid string) error { - return s.repo.InvalidateRefreshToken(userUuid, refreshUuid) +func (s *Service) Logout(refreshUuid string) error { + return s.repo.InvalidateRefreshToken(refreshUuid) } func (s *Service) newSession(userUuid string) (shared.AuthData, error) {