merch-tracker-v2/api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

access token excluded from refresh and logout

Browse source
This commit is contained in:
nquidox 2025-09-10 23:11:05 +03:00
parent 0dc93fcd16
commit 404a52473d
5 changed files with 27 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

14
internal/provider/auth/service.go
View file

@ -26,10 +26,10 @@ func (s *Service) Login(userUuid string) (shared.AuthData, error) {
return s.newSession(userUuid)
}
func (s *Service) Refresh(userUuid, refreshUuid string) (shared.AuthData, error) {
func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
var err error
tokenData, err := s.repo.ReadRefreshToken(userUuid, refreshUuid)
tokenData, err := s.repo.ReadRefreshToken(refreshUuid)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
@ -38,20 +38,20 @@ func (s *Service) Refresh(userUuid, refreshUuid string) (shared.AuthData, error)
}
if time.Now().After(tokenData.Expires) {
_ = s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
_ = s.repo.InvalidateRefreshToken(refreshUuid)
return shared.AuthData{}, errors.New("token expired")
}
err = s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
err = s.repo.InvalidateRefreshToken(refreshUuid)
if err != nil {
return shared.AuthData{}, err
}
return s.updateSession(userUuid, tokenData.SessionUuid)
return s.updateSession(tokenData.UserUuid, tokenData.SessionUuid)
}
func (s *Service) Logout(userUuid, refreshUuid string) error {
return s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
func (s *Service) Logout(refreshUuid string) error {
return s.repo.InvalidateRefreshToken(refreshUuid)
}
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {