get current session info
This commit is contained in:
nquidox
parent
476e5edf38
commit
c59fbc0864
6 changed files with 84 additions and 26 deletions
|
|
@ -23,7 +23,7 @@ func newController(service *service, utils interfaces.Utils) *controller {
|
|||
}
|
||||
}
|
||||
|
||||
func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) {
|
||||
func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc, refreshMW gin.HandlerFunc) {
|
||||
userGroup := r.Group("/user")
|
||||
|
||||
userGroup.POST("/", h.controller.register)
|
||||
|
|
@ -36,8 +36,9 @@ func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) {
|
|||
authGroup := r.Group("/user/auth")
|
||||
|
||||
authGroup.POST("/login", h.controller.login)
|
||||
authGroup.POST("/logout", h.controller.logout)
|
||||
authGroup.POST("/refresh", h.controller.refresh)
|
||||
authGroup.POST("/logout", refreshMW, h.controller.logout)
|
||||
authGroup.POST("/refresh", refreshMW, h.controller.refresh)
|
||||
authGroup.GET("/current-session", authMW, refreshMW, h.controller.getCurrentSession)
|
||||
}
|
||||
|
||||
// @Summary Регистрация нового пользователя
|
||||
|
|
@ -200,15 +201,13 @@ func (co *controller) login(c *gin.Context) {
|
|||
// @Failure 500 {object} responses.ErrorResponse500
|
||||
// @Router /user/auth/logout [post]
|
||||
func (co *controller) logout(c *gin.Context) {
|
||||
cookie, err := c.Request.Cookie("refresh_uuid")
|
||||
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get refresh cookie")
|
||||
log.WithError(err).Error("User | Failed to get refresh uuid from context on logout")
|
||||
return
|
||||
}
|
||||
|
||||
refreshUuid := cookie.Value
|
||||
|
||||
if err = co.service.logout(refreshUuid); err != nil {
|
||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to logout")
|
||||
|
|
@ -226,15 +225,13 @@ func (co *controller) logout(c *gin.Context) {
|
|||
// @Failure 500 {object} responses.ErrorResponse500
|
||||
// @Router /user/auth/refresh [post]
|
||||
func (co *controller) refresh(c *gin.Context) {
|
||||
cookie, err := c.Request.Cookie("refresh_uuid")
|
||||
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get refresh cookie")
|
||||
log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh")
|
||||
return
|
||||
}
|
||||
|
||||
refreshUuid := cookie.Value
|
||||
|
||||
response, err := co.service.refresh(refreshUuid)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||
|
|
@ -254,3 +251,30 @@ func (co *controller) refresh(c *gin.Context) {
|
|||
|
||||
c.JSON(http.StatusOK, LoginResponse{AccessToken: response.AccessToken})
|
||||
}
|
||||
|
||||
// @Summary Возвращает информацию о текущей сессии пользователя
|
||||
// @Description Возвращает информацию о текущей сессии пользователя
|
||||
// @Tags Users
|
||||
// @Security BearerAuth
|
||||
// @Success 200 {object} shared.CurrentSession
|
||||
// @Failure 400 {object} responses.ErrorResponse400
|
||||
// @Failure 401 {object} responses.ErrorResponse401
|
||||
// @Failure 500 {object} responses.ErrorResponse500
|
||||
// @Router /user/auth/current-session [get]
|
||||
func (co *controller) getCurrentSession(c *gin.Context) {
|
||||
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh")
|
||||
return
|
||||
}
|
||||
|
||||
response, err := co.service.getCurrentSession(refreshUuid)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||
log.WithError(err).Error("User | Failed to get user info")
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, response)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -127,3 +127,7 @@ func (s *service) logout(refreshUuid string) error {
|
|||
func (s *service) refresh(refreshUuid string) (shared.AuthData, error) {
|
||||
return s.auth.Refresh(refreshUuid)
|
||||
}
|
||||
|
||||
func (s *service) getCurrentSession(refreshUuid string) (shared.CurrentSession, error) {
|
||||
return s.auth.GetCurrentSession(refreshUuid)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,4 +6,5 @@ type Auth interface {
|
|||
Login(userUuid string) (shared.AuthData, error)
|
||||
Logout(refreshUuid string) error
|
||||
Refresh(refreshUuid string) (shared.AuthData, error)
|
||||
GetCurrentSession(refreshUuid string) (shared.CurrentSession, error)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,10 +5,11 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
type Repository interface {
|
||||
CreateRefreshToken(token *Session) error
|
||||
ReadRefreshToken(tokenUuid string) (Session, error)
|
||||
InvalidateRefreshToken(refreshUuid string) error
|
||||
type repository interface {
|
||||
createRefreshToken(token *Session) error
|
||||
readRefreshToken(tokenUuid string) (Session, error)
|
||||
invalidateRefreshToken(refreshUuid string) error
|
||||
getCurrentSession(sessionUuid string) (Session, error)
|
||||
}
|
||||
|
||||
type repo struct {
|
||||
|
|
@ -19,11 +20,11 @@ func newRepository(db *gorm.DB) *repo {
|
|||
return &repo{db: db}
|
||||
}
|
||||
|
||||
func (r *repo) CreateRefreshToken(token *Session) error {
|
||||
func (r *repo) createRefreshToken(token *Session) error {
|
||||
return r.db.Create(token).Error
|
||||
}
|
||||
|
||||
func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) {
|
||||
func (r *repo) readRefreshToken(tokenUuid string) (Session, error) {
|
||||
var tokenData Session
|
||||
|
||||
if err := r.db.
|
||||
|
|
@ -36,9 +37,15 @@ func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) {
|
|||
return tokenData, nil
|
||||
}
|
||||
|
||||
func (r *repo) InvalidateRefreshToken(refreshUuid string) error {
|
||||
func (r *repo) invalidateRefreshToken(refreshUuid string) error {
|
||||
return r.db.
|
||||
Model(&Session{}).
|
||||
Where("refresh_uuid = ?", refreshUuid).
|
||||
Update("deleted_at", time.Now().UTC()).Error
|
||||
}
|
||||
|
||||
func (r *repo) getCurrentSession(sessionUuid string) (Session, error) {
|
||||
var s Session
|
||||
err := r.db.Where("refresh_uuid = ?", sessionUuid).Where("deleted_at IS NULL").Find(&s).Error
|
||||
return s, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,11 +11,11 @@ import (
|
|||
)
|
||||
|
||||
type Service struct {
|
||||
repo Repository
|
||||
repo repository
|
||||
jwtProvider interfaces.JWTProvider
|
||||
}
|
||||
|
||||
func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service {
|
||||
func newService(repo repository, jwtProvider interfaces.JWTProvider) *Service {
|
||||
return &Service{
|
||||
repo: repo,
|
||||
jwtProvider: jwtProvider,
|
||||
|
|
@ -29,7 +29,7 @@ func (s *Service) Login(userUuid string) (shared.AuthData, error) {
|
|||
func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
||||
var err error
|
||||
|
||||
tokenData, err := s.repo.ReadRefreshToken(refreshUuid)
|
||||
tokenData, err := s.repo.readRefreshToken(refreshUuid)
|
||||
if err != nil {
|
||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
|
||||
|
|
@ -38,11 +38,11 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
|||
}
|
||||
|
||||
if time.Now().After(tokenData.Expires) {
|
||||
_ = s.repo.InvalidateRefreshToken(refreshUuid)
|
||||
_ = s.repo.invalidateRefreshToken(refreshUuid)
|
||||
return shared.AuthData{}, errors.New("token expired")
|
||||
}
|
||||
|
||||
err = s.repo.InvalidateRefreshToken(refreshUuid)
|
||||
err = s.repo.invalidateRefreshToken(refreshUuid)
|
||||
if err != nil {
|
||||
return shared.AuthData{}, err
|
||||
}
|
||||
|
|
@ -51,7 +51,7 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
|||
}
|
||||
|
||||
func (s *Service) Logout(refreshUuid string) error {
|
||||
return s.repo.InvalidateRefreshToken(refreshUuid)
|
||||
return s.repo.invalidateRefreshToken(refreshUuid)
|
||||
}
|
||||
|
||||
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {
|
||||
|
|
@ -81,7 +81,7 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData,
|
|||
expires := time.Now().UTC().Add(s.jwtProvider.RefreshExpires())
|
||||
refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires)
|
||||
|
||||
err = s.repo.CreateRefreshToken(&Session{
|
||||
err = s.repo.createRefreshToken(&Session{
|
||||
Expires: expires,
|
||||
UserUuid: userUuid,
|
||||
RefreshUuid: refreshUuid,
|
||||
|
|
@ -93,3 +93,17 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData,
|
|||
RefreshCookie: refreshCookie,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Service) GetCurrentSession(sessionUuid string) (shared.CurrentSession, error) {
|
||||
cs, err := s.repo.getCurrentSession(sessionUuid)
|
||||
if err != nil {
|
||||
return shared.CurrentSession{}, err
|
||||
}
|
||||
|
||||
resp := shared.CurrentSession{
|
||||
Uuid: cs.SessionUuid,
|
||||
Expires: cs.Expires,
|
||||
}
|
||||
|
||||
return resp, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,16 @@
|
|||
package shared
|
||||
|
||||
import "net/http"
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
type AuthData struct {
|
||||
AccessToken string
|
||||
RefreshCookie *http.Cookie
|
||||
}
|
||||
|
||||
type CurrentSession struct {
|
||||
Uuid string `json:"uuid"`
|
||||
Expires time.Time `json:"expires"`
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue