sessions added
This commit is contained in:
nquidox
parent
305044a736
commit
9eba8b4555
4 changed files with 49 additions and 37 deletions
|
|
@ -4,6 +4,6 @@ import "merch-parser-api/internal/shared"
|
|||
|
||||
type Auth interface {
|
||||
Login(userUuid string) (shared.AuthData, error)
|
||||
Logout(userUuid string, refreshUuid string) error
|
||||
Refresh(userUuid string, refreshUuid string) (shared.AuthData, error)
|
||||
Logout(userUuid, refreshUuid, sessionUuid string) error
|
||||
Refresh(userUuid, refreshUuid, sessionUuid string) (shared.AuthData, error)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,11 +6,12 @@ import (
|
|||
)
|
||||
|
||||
type RefreshToken struct {
|
||||
Id uint `gorm:"primary_key"`
|
||||
CreatedAt time.Time `gorm:"column:created_at"`
|
||||
UpdatedAt sql.NullTime `gorm:"column:updated_at"`
|
||||
DeletedAt sql.NullTime `gorm:"column:deleted_at"`
|
||||
UserUuid string `gorm:"column:user_uuid"`
|
||||
TokenUuid string `gorm:"column:token_uuid"`
|
||||
Expires int64 `gorm:"column:expires"`
|
||||
Id uint `gorm:"primary_key"`
|
||||
CreatedAt time.Time `gorm:"column:created_at"`
|
||||
UpdatedAt sql.NullTime `gorm:"column:updated_at"`
|
||||
DeletedAt sql.NullTime `gorm:"column:deleted_at"`
|
||||
UserUuid string `gorm:"column:user_uuid"`
|
||||
RefreshUuid string `gorm:"column:refresh_uuid"`
|
||||
SessionUuid string `gorm:"column:session_uuid"`
|
||||
Expires time.Time `gorm:"column:expires"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,8 +7,8 @@ import (
|
|||
|
||||
type Repository interface {
|
||||
CreateRefreshToken(token *RefreshToken) error
|
||||
ReadRefreshToken(userUuid string, tokenUuid string) (RefreshToken, error)
|
||||
InvalidateRefreshToken(userUuid string, tokenUuid string) error
|
||||
ReadRefreshToken(userUuid, tokenUuid, sessionUuid string) (RefreshToken, error)
|
||||
InvalidateRefreshToken(userUuid, refreshUuid, sessionUuid string) error
|
||||
}
|
||||
|
||||
type repo struct {
|
||||
|
|
@ -23,12 +23,13 @@ func (r *repo) CreateRefreshToken(token *RefreshToken) error {
|
|||
return r.db.Create(token).Error
|
||||
}
|
||||
|
||||
func (r *repo) ReadRefreshToken(userUuid string, tokenUuid string) (RefreshToken, error) {
|
||||
func (r *repo) ReadRefreshToken(userUuid, tokenUuid, sessionUuid string) (RefreshToken, error) {
|
||||
var tokenData RefreshToken
|
||||
|
||||
if err := r.db.
|
||||
Where("token_uuid = ?", tokenUuid).
|
||||
Where("user_uuid = ?", userUuid).
|
||||
Where("refresh_uuid = ?", tokenUuid).
|
||||
Where("session_uuid = ?", sessionUuid).
|
||||
Where("deleted_at IS NULL").
|
||||
First(&tokenData).Error; err != nil {
|
||||
return RefreshToken{}, err
|
||||
|
|
@ -37,10 +38,11 @@ func (r *repo) ReadRefreshToken(userUuid string, tokenUuid string) (RefreshToken
|
|||
return tokenData, nil
|
||||
}
|
||||
|
||||
func (r *repo) InvalidateRefreshToken(userUuid string, tokenUuid string) error {
|
||||
func (r *repo) InvalidateRefreshToken(userUuid, refreshUuid, sessionUuid string) error {
|
||||
return r.db.
|
||||
Model(&RefreshToken{}).
|
||||
Where("user_uuid = ?", userUuid).
|
||||
Where("token_uuid = ?", tokenUuid).
|
||||
Where("refresh_uuid = ?", refreshUuid).
|
||||
Where("session_uuid = ?", sessionUuid).
|
||||
Update("deleted_at", time.Now().UTC()).Error
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,8 +10,9 @@ import (
|
|||
)
|
||||
|
||||
type Service struct {
|
||||
repo Repository
|
||||
jwtProvider interfaces.JWTProvider
|
||||
repo Repository
|
||||
jwtProvider interfaces.JWTProvider
|
||||
refreshExpiry time.Duration
|
||||
}
|
||||
|
||||
func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service {
|
||||
|
|
@ -22,12 +23,13 @@ func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service {
|
|||
}
|
||||
|
||||
func (s *Service) Login(userUuid string) (shared.AuthData, error) {
|
||||
return s.generateTokens(userUuid)
|
||||
return s.newSession(userUuid)
|
||||
}
|
||||
|
||||
func (s *Service) Refresh(userUuid string, refreshUuid string) (shared.AuthData, error) {
|
||||
func (s *Service) Refresh(userUuid, refreshUuid, sessionUuid string) (shared.AuthData, error) {
|
||||
var err error
|
||||
tokenData, err := s.repo.ReadRefreshToken(userUuid, refreshUuid)
|
||||
|
||||
tokenData, err := s.repo.ReadRefreshToken(userUuid, refreshUuid, sessionUuid)
|
||||
if err != nil {
|
||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
|
||||
|
|
@ -35,42 +37,49 @@ func (s *Service) Refresh(userUuid string, refreshUuid string) (shared.AuthData,
|
|||
return shared.AuthData{}, err
|
||||
}
|
||||
|
||||
if tokenData.Expires < time.Now().UTC().Unix() {
|
||||
if time.Now().After(tokenData.Expires) {
|
||||
return shared.AuthData{}, errors.New("token expired")
|
||||
}
|
||||
|
||||
err = s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
|
||||
err = s.repo.InvalidateRefreshToken(userUuid, refreshUuid, sessionUuid)
|
||||
if err != nil {
|
||||
return shared.AuthData{}, err
|
||||
}
|
||||
|
||||
return s.generateTokens(userUuid)
|
||||
return s.updateSession(userUuid, sessionUuid)
|
||||
}
|
||||
|
||||
func (s *Service) Logout(userUuid string, refreshUuid string) error {
|
||||
return s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
|
||||
func (s *Service) Logout(userUuid, refreshUuid, sessionUuid string) error {
|
||||
return s.repo.InvalidateRefreshToken(userUuid, refreshUuid, sessionUuid)
|
||||
}
|
||||
|
||||
func (s *Service) generateTokens(userUuid string) (shared.AuthData, error) {
|
||||
accessToken, err := s.jwtProvider.CreateAccessToken(userUuid)
|
||||
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {
|
||||
return s.createSession(userUuid, uuid.NewString())
|
||||
}
|
||||
|
||||
func (s *Service) updateSession(userUuid, sessionUuid string) (shared.AuthData, error) {
|
||||
return s.createSession(userUuid, sessionUuid)
|
||||
}
|
||||
|
||||
func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData, error) {
|
||||
accessToken, err := s.jwtProvider.CreateAccessToken(userUuid, sessionUuid)
|
||||
if err != nil {
|
||||
return shared.AuthData{}, err
|
||||
}
|
||||
|
||||
refreshTokenUuid := uuid.NewString()
|
||||
refreshToken, exp, err := s.jwtProvider.CreateRefreshToken(userUuid, refreshTokenUuid)
|
||||
if err != nil {
|
||||
return shared.AuthData{}, err
|
||||
}
|
||||
refreshUuid := uuid.NewString()
|
||||
expires := time.Now().UTC().Add(s.refreshExpiry)
|
||||
refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires)
|
||||
|
||||
err = s.repo.CreateRefreshToken(&RefreshToken{
|
||||
Expires: exp,
|
||||
UserUuid: userUuid,
|
||||
TokenUuid: refreshTokenUuid,
|
||||
Expires: expires,
|
||||
UserUuid: userUuid,
|
||||
RefreshUuid: refreshUuid,
|
||||
SessionUuid: sessionUuid,
|
||||
})
|
||||
|
||||
return shared.AuthData{
|
||||
AccessToken: accessToken,
|
||||
RefreshToken: refreshToken,
|
||||
AccessToken: accessToken,
|
||||
RefreshCookie: refreshCookie,
|
||||
}, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue