sessions added, refresh token moved to cookie
This commit is contained in:
nquidox
parent
9eba8b4555
commit
4a5d488ec5
4 changed files with 35 additions and 20 deletions
|
|
@ -7,17 +7,20 @@ import (
|
|||
"merch-parser-api/internal/shared"
|
||||
"merch-parser-api/pkg/responses"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
type controller struct {
|
||||
service *service
|
||||
utils interfaces.Utils
|
||||
refreshRoute string
|
||||
}
|
||||
|
||||
func newController(service *service, utils interfaces.Utils) *controller {
|
||||
func newController(service *service, utils interfaces.Utils, refreshRoute string) *controller {
|
||||
return &controller{
|
||||
service: service,
|
||||
utils: utils,
|
||||
refreshRoute: refreshRoute,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -180,7 +183,16 @@ func (co *controller) login(c *gin.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, response)
|
||||
c.Header("access-token", response.AccessToken)
|
||||
c.SetCookie(
|
||||
response.RefreshCookie.Name,
|
||||
response.RefreshCookie.Value,
|
||||
int(time.Until(response.RefreshCookie.Expires).Seconds()),
|
||||
co.refreshRoute,
|
||||
"",
|
||||
response.RefreshCookie.Secure,
|
||||
response.RefreshCookie.HttpOnly,
|
||||
)
|
||||
}
|
||||
|
||||
// @Summary Логаут
|
||||
|
|
@ -192,14 +204,14 @@ func (co *controller) login(c *gin.Context) {
|
|||
// @Failure 500 {object} responses.ErrorResponse500
|
||||
// @Router /user/logout [post]
|
||||
func (co *controller) logout(c *gin.Context) {
|
||||
userUuid, tokenUuid, err := co.utils.GetUserAndTokenUuidFromContext(c)
|
||||
userUuid, refreshUuid, sessionUuid, err := co.utils.GetAllTokensFromContext(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get uuids from context on refresh")
|
||||
return
|
||||
}
|
||||
|
||||
if err = co.service.logout(userUuid, tokenUuid); err != nil {
|
||||
if err = co.service.logout(userUuid, refreshUuid, sessionUuid); err != nil {
|
||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to logout")
|
||||
return
|
||||
|
|
@ -218,14 +230,14 @@ func (co *controller) logout(c *gin.Context) {
|
|||
// @Router /user/refresh [post]
|
||||
func (co *controller) refresh(c *gin.Context) {
|
||||
//токены будут помещены в контекст при срабатывании мидлвари авторизации
|
||||
userUuid, tokenUuid, err := co.utils.GetUserAndTokenUuidFromContext(c)
|
||||
userUuid, refreshUuid, sessionUuid, err := co.utils.GetAllTokensFromContext(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get uuids from context on refresh")
|
||||
return
|
||||
}
|
||||
|
||||
response, err := co.service.refresh(userUuid, tokenUuid)
|
||||
response, err := co.service.refresh(userUuid, refreshUuid, sessionUuid)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to refresh user info")
|
||||
|
|
|
|||
|
|
@ -15,12 +15,13 @@ type Deps struct {
|
|||
Auth interfaces.Auth
|
||||
DB *gorm.DB
|
||||
Utils interfaces.Utils
|
||||
RefreshRoute string
|
||||
}
|
||||
|
||||
func NewHandler(deps Deps) *Handler {
|
||||
r := newRepo(deps.DB)
|
||||
s := newService(deps.Auth, r, deps.Utils)
|
||||
c := newController(s, deps.Utils)
|
||||
c := newController(s, deps.Utils, deps.RefreshRoute)
|
||||
|
||||
return &Handler{
|
||||
controller: c,
|
||||
|
|
|
|||
|
|
@ -120,10 +120,10 @@ func (s *service) login(login Login) (shared.AuthData, error) {
|
|||
return authData, nil
|
||||
}
|
||||
|
||||
func (s *service) logout(userUuid string, refreshUuid string) error {
|
||||
return s.auth.Logout(userUuid, refreshUuid)
|
||||
func (s *service) logout(userUuid, refreshUuid, sessionUuid string) error {
|
||||
return s.auth.Logout(userUuid, refreshUuid, sessionUuid)
|
||||
}
|
||||
|
||||
func (s *service) refresh(userUuid string, refreshUuid string) (shared.AuthData, error) {
|
||||
return s.auth.Refresh(userUuid, refreshUuid)
|
||||
func (s *service) refresh(userUuid, refreshUuid, sessionUuid string) (shared.AuthData, error) {
|
||||
return s.auth.Refresh(userUuid, refreshUuid, sessionUuid)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
package shared
|
||||
|
||||
import "net/http"
|
||||
|
||||
type AuthData struct {
|
||||
AccessToken string `json:"access_token"`
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
AccessToken string
|
||||
RefreshCookie *http.Cookie
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue