From c59fbc0864adf3d1afcc799c19dabd1d54cbda57 Mon Sep 17 00:00:00 2001 From: nquidox Date: Sun, 14 Sep 2025 19:33:23 +0300 Subject: [PATCH] get current session info --- internal/api/user/controller.go | 46 +++++++++++++++++++++------- internal/api/user/service.go | 4 +++ internal/interfaces/auth.go | 1 + internal/provider/auth/repository.go | 21 ++++++++----- internal/provider/auth/service.go | 28 ++++++++++++----- internal/shared/auth.go | 10 +++++- 6 files changed, 84 insertions(+), 26 deletions(-) diff --git a/internal/api/user/controller.go b/internal/api/user/controller.go index d247711..016ded0 100644 --- a/internal/api/user/controller.go +++ b/internal/api/user/controller.go @@ -23,7 +23,7 @@ func newController(service *service, utils interfaces.Utils) *controller { } } -func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) { +func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc, refreshMW gin.HandlerFunc) { userGroup := r.Group("/user") userGroup.POST("/", h.controller.register) @@ -36,8 +36,9 @@ func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) { authGroup := r.Group("/user/auth") authGroup.POST("/login", h.controller.login) - authGroup.POST("/logout", h.controller.logout) - authGroup.POST("/refresh", h.controller.refresh) + authGroup.POST("/logout", refreshMW, h.controller.logout) + authGroup.POST("/refresh", refreshMW, h.controller.refresh) + authGroup.GET("/current-session", authMW, refreshMW, h.controller.getCurrentSession) } // @Summary Регистрация нового пользователя @@ -200,15 +201,13 @@ func (co *controller) login(c *gin.Context) { // @Failure 500 {object} responses.ErrorResponse500 // @Router /user/auth/logout [post] func (co *controller) logout(c *gin.Context) { - cookie, err := c.Request.Cookie("refresh_uuid") + refreshUuid, err := co.utils.GetRefreshUuidFromContext(c) if err != nil { c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) - log.WithError(err).Error("User | Failed to get refresh cookie") + log.WithError(err).Error("User | Failed to get refresh uuid from context on logout") return } - refreshUuid := cookie.Value - if err = co.service.logout(refreshUuid); err != nil { c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) log.WithError(err).Error("User | Failed to logout") @@ -226,15 +225,13 @@ func (co *controller) logout(c *gin.Context) { // @Failure 500 {object} responses.ErrorResponse500 // @Router /user/auth/refresh [post] func (co *controller) refresh(c *gin.Context) { - cookie, err := c.Request.Cookie("refresh_uuid") + refreshUuid, err := co.utils.GetRefreshUuidFromContext(c) if err != nil { c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) - log.WithError(err).Error("User | Failed to get refresh cookie") + log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh") return } - refreshUuid := cookie.Value - response, err := co.service.refresh(refreshUuid) if err != nil { c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) @@ -254,3 +251,30 @@ func (co *controller) refresh(c *gin.Context) { c.JSON(http.StatusOK, LoginResponse{AccessToken: response.AccessToken}) } + +// @Summary Возвращает информацию о текущей сессии пользователя +// @Description Возвращает информацию о текущей сессии пользователя +// @Tags Users +// @Security BearerAuth +// @Success 200 {object} shared.CurrentSession +// @Failure 400 {object} responses.ErrorResponse400 +// @Failure 401 {object} responses.ErrorResponse401 +// @Failure 500 {object} responses.ErrorResponse500 +// @Router /user/auth/current-session [get] +func (co *controller) getCurrentSession(c *gin.Context) { + refreshUuid, err := co.utils.GetRefreshUuidFromContext(c) + if err != nil { + c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()}) + log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh") + return + } + + response, err := co.service.getCurrentSession(refreshUuid) + if err != nil { + c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()}) + log.WithError(err).Error("User | Failed to get user info") + return + } + + c.JSON(http.StatusOK, response) +} diff --git a/internal/api/user/service.go b/internal/api/user/service.go index e5e5a28..fac41b0 100644 --- a/internal/api/user/service.go +++ b/internal/api/user/service.go @@ -127,3 +127,7 @@ func (s *service) logout(refreshUuid string) error { func (s *service) refresh(refreshUuid string) (shared.AuthData, error) { return s.auth.Refresh(refreshUuid) } + +func (s *service) getCurrentSession(refreshUuid string) (shared.CurrentSession, error) { + return s.auth.GetCurrentSession(refreshUuid) +} diff --git a/internal/interfaces/auth.go b/internal/interfaces/auth.go index 46e6f7e..b618af4 100644 --- a/internal/interfaces/auth.go +++ b/internal/interfaces/auth.go @@ -6,4 +6,5 @@ type Auth interface { Login(userUuid string) (shared.AuthData, error) Logout(refreshUuid string) error Refresh(refreshUuid string) (shared.AuthData, error) + GetCurrentSession(refreshUuid string) (shared.CurrentSession, error) } diff --git a/internal/provider/auth/repository.go b/internal/provider/auth/repository.go index 0658206..7a40c2f 100644 --- a/internal/provider/auth/repository.go +++ b/internal/provider/auth/repository.go @@ -5,10 +5,11 @@ import ( "time" ) -type Repository interface { - CreateRefreshToken(token *Session) error - ReadRefreshToken(tokenUuid string) (Session, error) - InvalidateRefreshToken(refreshUuid string) error +type repository interface { + createRefreshToken(token *Session) error + readRefreshToken(tokenUuid string) (Session, error) + invalidateRefreshToken(refreshUuid string) error + getCurrentSession(sessionUuid string) (Session, error) } type repo struct { @@ -19,11 +20,11 @@ func newRepository(db *gorm.DB) *repo { return &repo{db: db} } -func (r *repo) CreateRefreshToken(token *Session) error { +func (r *repo) createRefreshToken(token *Session) error { return r.db.Create(token).Error } -func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) { +func (r *repo) readRefreshToken(tokenUuid string) (Session, error) { var tokenData Session if err := r.db. @@ -36,9 +37,15 @@ func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) { return tokenData, nil } -func (r *repo) InvalidateRefreshToken(refreshUuid string) error { +func (r *repo) invalidateRefreshToken(refreshUuid string) error { return r.db. Model(&Session{}). Where("refresh_uuid = ?", refreshUuid). Update("deleted_at", time.Now().UTC()).Error } + +func (r *repo) getCurrentSession(sessionUuid string) (Session, error) { + var s Session + err := r.db.Where("refresh_uuid = ?", sessionUuid).Where("deleted_at IS NULL").Find(&s).Error + return s, err +} diff --git a/internal/provider/auth/service.go b/internal/provider/auth/service.go index 9e012ec..6e4a90a 100644 --- a/internal/provider/auth/service.go +++ b/internal/provider/auth/service.go @@ -11,11 +11,11 @@ import ( ) type Service struct { - repo Repository + repo repository jwtProvider interfaces.JWTProvider } -func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service { +func newService(repo repository, jwtProvider interfaces.JWTProvider) *Service { return &Service{ repo: repo, jwtProvider: jwtProvider, @@ -29,7 +29,7 @@ func (s *Service) Login(userUuid string) (shared.AuthData, error) { func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) { var err error - tokenData, err := s.repo.ReadRefreshToken(refreshUuid) + tokenData, err := s.repo.readRefreshToken(refreshUuid) if err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist") @@ -38,11 +38,11 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) { } if time.Now().After(tokenData.Expires) { - _ = s.repo.InvalidateRefreshToken(refreshUuid) + _ = s.repo.invalidateRefreshToken(refreshUuid) return shared.AuthData{}, errors.New("token expired") } - err = s.repo.InvalidateRefreshToken(refreshUuid) + err = s.repo.invalidateRefreshToken(refreshUuid) if err != nil { return shared.AuthData{}, err } @@ -51,7 +51,7 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) { } func (s *Service) Logout(refreshUuid string) error { - return s.repo.InvalidateRefreshToken(refreshUuid) + return s.repo.invalidateRefreshToken(refreshUuid) } func (s *Service) newSession(userUuid string) (shared.AuthData, error) { @@ -81,7 +81,7 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData, expires := time.Now().UTC().Add(s.jwtProvider.RefreshExpires()) refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires) - err = s.repo.CreateRefreshToken(&Session{ + err = s.repo.createRefreshToken(&Session{ Expires: expires, UserUuid: userUuid, RefreshUuid: refreshUuid, @@ -93,3 +93,17 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData, RefreshCookie: refreshCookie, }, nil } + +func (s *Service) GetCurrentSession(sessionUuid string) (shared.CurrentSession, error) { + cs, err := s.repo.getCurrentSession(sessionUuid) + if err != nil { + return shared.CurrentSession{}, err + } + + resp := shared.CurrentSession{ + Uuid: cs.SessionUuid, + Expires: cs.Expires, + } + + return resp, nil +} diff --git a/internal/shared/auth.go b/internal/shared/auth.go index 92f5376..e5220f1 100644 --- a/internal/shared/auth.go +++ b/internal/shared/auth.go @@ -1,8 +1,16 @@ package shared -import "net/http" +import ( + "net/http" + "time" +) type AuthData struct { AccessToken string RefreshCookie *http.Cookie } + +type CurrentSession struct { + Uuid string `json:"uuid"` + Expires time.Time `json:"expires"` +}