merch-tracker-v2/api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sessions added, refresh token moved to cookie

Browse source
This commit is contained in:
nquidox 2025-09-09 00:00:40 +03:00
parent 9eba8b4555
commit 4a5d488ec5
4 changed files with 35 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

32
internal/api/user/controller.go
View file

@ -7,17 +7,20 @@ import (
"merch-parser-api/internal/shared" "merch-parser-api/internal/shared"
"merch-parser-api/pkg/responses" "merch-parser-api/pkg/responses"
"net/http" "net/http"
"time"
) )
type controller struct { type controller struct {
service *service service *service
utils interfaces.Utils utils interfaces.Utils
refreshRoute string
} }
func newController(service *service, utils interfaces.Utils) *controller { func newController(service *service, utils interfaces.Utils, refreshRoute string) *controller {
return &controller{ return &controller{
service: service, service: service,
utils: utils, utils: utils,
refreshRoute: refreshRoute,
} }
} }
@ -180,7 +183,16 @@ func (co *controller) login(c *gin.Context) {
return return
} }
c.JSON(http.StatusOK, response) c.Header("access-token", response.AccessToken)
c.SetCookie(
response.RefreshCookie.Name,
response.RefreshCookie.Value,
int(time.Until(response.RefreshCookie.Expires).Seconds()),
co.refreshRoute,
"",
response.RefreshCookie.Secure,
response.RefreshCookie.HttpOnly,
)
} }
// @Summary Логаут // @Summary Логаут
@ -192,14 +204,14 @@ func (co *controller) login(c *gin.Context) {
// @Failure 500 {object} responses.ErrorResponse500 // @Failure 500 {object} responses.ErrorResponse500
// @Router /user/logout [post] // @Router /user/logout [post]
func (co *controller) logout(c *gin.Context) { func (co *controller) logout(c *gin.Context) {
userUuid, tokenUuid, err := co.utils.GetUserAndTokenUuidFromContext(c) userUuid, refreshUuid, sessionUuid, err := co.utils.GetAllTokensFromContext(c)
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
log.WithError(err).Error("User | Failed to get uuids from context on refresh") log.WithError(err).Error("User | Failed to get uuids from context on refresh")
return return
} }
if err = co.service.logout(userUuid, tokenUuid); err != nil { if err = co.service.logout(userUuid, refreshUuid, sessionUuid); err != nil {
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
log.WithError(err).Error("User | Failed to logout") log.WithError(err).Error("User | Failed to logout")
return return
@ -218,14 +230,14 @@ func (co *controller) logout(c *gin.Context) {
// @Router /user/refresh [post] // @Router /user/refresh [post]
func (co *controller) refresh(c *gin.Context) { func (co *controller) refresh(c *gin.Context) {
//токены будут помещены в контекст при срабатывании мидлвари авторизации //токены будут помещены в контекст при срабатывании мидлвари авторизации
userUuid, tokenUuid, err := co.utils.GetUserAndTokenUuidFromContext(c) userUuid, refreshUuid, sessionUuid, err := co.utils.GetAllTokensFromContext(c)
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
log.WithError(err).Error("User | Failed to get uuids from context on refresh") log.WithError(err).Error("User | Failed to get uuids from context on refresh")
return return
} }
response, err := co.service.refresh(userUuid, tokenUuid) response, err := co.service.refresh(userUuid, refreshUuid, sessionUuid)
if err != nil { if err != nil {
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
log.WithError(err).Error("User | Failed to refresh user info") log.WithError(err).Error("User | Failed to refresh user info")

9
internal/api/user/handler.go
View file

@ -12,15 +12,16 @@ type Handler struct {
} }
type Deps struct { type Deps struct {
Auth interfaces.Auth Auth interfaces.Auth
DB *gorm.DB DB *gorm.DB
Utils interfaces.Utils Utils interfaces.Utils
RefreshRoute string
} }
func NewHandler(deps Deps) *Handler { func NewHandler(deps Deps) *Handler {
r := newRepo(deps.DB) r := newRepo(deps.DB)
s := newService(deps.Auth, r, deps.Utils) s := newService(deps.Auth, r, deps.Utils)
c := newController(s, deps.Utils) c := newController(s, deps.Utils, deps.RefreshRoute)
return &Handler{ return &Handler{
controller: c, controller: c,

8
internal/api/user/service.go
View file

@ -120,10 +120,10 @@ func (s *service) login(login Login) (shared.AuthData, error) {
return authData, nil return authData, nil
} }
func (s *service) logout(userUuid string, refreshUuid string) error { func (s *service) logout(userUuid, refreshUuid, sessionUuid string) error {
return s.auth.Logout(userUuid, refreshUuid) return s.auth.Logout(userUuid, refreshUuid, sessionUuid)
} }
func (s *service) refresh(userUuid string, refreshUuid string) (shared.AuthData, error) { func (s *service) refresh(userUuid, refreshUuid, sessionUuid string) (shared.AuthData, error) {
return s.auth.Refresh(userUuid, refreshUuid) return s.auth.Refresh(userUuid, refreshUuid, sessionUuid)
} }

6
internal/shared/auth.go
View file

@ -1,6 +1,8 @@
package shared package shared
import "net/http"
type AuthData struct { type AuthData struct {
AccessToken string `json:"access_token"` AccessToken string
RefreshToken string `json:"refresh_token"` RefreshCookie *http.Cookie
} }