get current session info
This commit is contained in:
nquidox
parent
476e5edf38
commit
c59fbc0864
6 changed files with 84 additions and 26 deletions
|
|
@ -23,7 +23,7 @@ func newController(service *service, utils interfaces.Utils) *controller {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) {
|
func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc, refreshMW gin.HandlerFunc) {
|
||||||
userGroup := r.Group("/user")
|
userGroup := r.Group("/user")
|
||||||
|
|
||||||
userGroup.POST("/", h.controller.register)
|
userGroup.POST("/", h.controller.register)
|
||||||
|
|
@ -36,8 +36,9 @@ func (h *Handler) RegisterRoutes(r *gin.RouterGroup, authMW gin.HandlerFunc) {
|
||||||
authGroup := r.Group("/user/auth")
|
authGroup := r.Group("/user/auth")
|
||||||
|
|
||||||
authGroup.POST("/login", h.controller.login)
|
authGroup.POST("/login", h.controller.login)
|
||||||
authGroup.POST("/logout", h.controller.logout)
|
authGroup.POST("/logout", refreshMW, h.controller.logout)
|
||||||
authGroup.POST("/refresh", h.controller.refresh)
|
authGroup.POST("/refresh", refreshMW, h.controller.refresh)
|
||||||
|
authGroup.GET("/current-session", authMW, refreshMW, h.controller.getCurrentSession)
|
||||||
}
|
}
|
||||||
|
|
||||||
// @Summary Регистрация нового пользователя
|
// @Summary Регистрация нового пользователя
|
||||||
|
|
@ -200,15 +201,13 @@ func (co *controller) login(c *gin.Context) {
|
||||||
// @Failure 500 {object} responses.ErrorResponse500
|
// @Failure 500 {object} responses.ErrorResponse500
|
||||||
// @Router /user/auth/logout [post]
|
// @Router /user/auth/logout [post]
|
||||||
func (co *controller) logout(c *gin.Context) {
|
func (co *controller) logout(c *gin.Context) {
|
||||||
cookie, err := c.Request.Cookie("refresh_uuid")
|
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||||
log.WithError(err).Error("User | Failed to get refresh cookie")
|
log.WithError(err).Error("User | Failed to get refresh uuid from context on logout")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
refreshUuid := cookie.Value
|
|
||||||
|
|
||||||
if err = co.service.logout(refreshUuid); err != nil {
|
if err = co.service.logout(refreshUuid); err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||||
log.WithError(err).Error("User | Failed to logout")
|
log.WithError(err).Error("User | Failed to logout")
|
||||||
|
|
@ -226,15 +225,13 @@ func (co *controller) logout(c *gin.Context) {
|
||||||
// @Failure 500 {object} responses.ErrorResponse500
|
// @Failure 500 {object} responses.ErrorResponse500
|
||||||
// @Router /user/auth/refresh [post]
|
// @Router /user/auth/refresh [post]
|
||||||
func (co *controller) refresh(c *gin.Context) {
|
func (co *controller) refresh(c *gin.Context) {
|
||||||
cookie, err := c.Request.Cookie("refresh_uuid")
|
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||||
log.WithError(err).Error("User | Failed to get refresh cookie")
|
log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
refreshUuid := cookie.Value
|
|
||||||
|
|
||||||
response, err := co.service.refresh(refreshUuid)
|
response, err := co.service.refresh(refreshUuid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||||
|
|
@ -254,3 +251,30 @@ func (co *controller) refresh(c *gin.Context) {
|
||||||
|
|
||||||
c.JSON(http.StatusOK, LoginResponse{AccessToken: response.AccessToken})
|
c.JSON(http.StatusOK, LoginResponse{AccessToken: response.AccessToken})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// @Summary Возвращает информацию о текущей сессии пользователя
|
||||||
|
// @Description Возвращает информацию о текущей сессии пользователя
|
||||||
|
// @Tags Users
|
||||||
|
// @Security BearerAuth
|
||||||
|
// @Success 200 {object} shared.CurrentSession
|
||||||
|
// @Failure 400 {object} responses.ErrorResponse400
|
||||||
|
// @Failure 401 {object} responses.ErrorResponse401
|
||||||
|
// @Failure 500 {object} responses.ErrorResponse500
|
||||||
|
// @Router /user/auth/current-session [get]
|
||||||
|
func (co *controller) getCurrentSession(c *gin.Context) {
|
||||||
|
refreshUuid, err := co.utils.GetRefreshUuidFromContext(c)
|
||||||
|
if err != nil {
|
||||||
|
c.JSON(http.StatusBadRequest, responses.ErrorResponse400{Error: err.Error()})
|
||||||
|
log.WithError(err).Error("User | Failed to get refresh uuid from context on refresh")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
response, err := co.service.getCurrentSession(refreshUuid)
|
||||||
|
if err != nil {
|
||||||
|
c.JSON(http.StatusInternalServerError, responses.ErrorResponse500{Error: err.Error()})
|
||||||
|
log.WithError(err).Error("User | Failed to get user info")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
c.JSON(http.StatusOK, response)
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -127,3 +127,7 @@ func (s *service) logout(refreshUuid string) error {
|
||||||
func (s *service) refresh(refreshUuid string) (shared.AuthData, error) {
|
func (s *service) refresh(refreshUuid string) (shared.AuthData, error) {
|
||||||
return s.auth.Refresh(refreshUuid)
|
return s.auth.Refresh(refreshUuid)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *service) getCurrentSession(refreshUuid string) (shared.CurrentSession, error) {
|
||||||
|
return s.auth.GetCurrentSession(refreshUuid)
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -6,4 +6,5 @@ type Auth interface {
|
||||||
Login(userUuid string) (shared.AuthData, error)
|
Login(userUuid string) (shared.AuthData, error)
|
||||||
Logout(refreshUuid string) error
|
Logout(refreshUuid string) error
|
||||||
Refresh(refreshUuid string) (shared.AuthData, error)
|
Refresh(refreshUuid string) (shared.AuthData, error)
|
||||||
|
GetCurrentSession(refreshUuid string) (shared.CurrentSession, error)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,11 @@ import (
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Repository interface {
|
type repository interface {
|
||||||
CreateRefreshToken(token *Session) error
|
createRefreshToken(token *Session) error
|
||||||
ReadRefreshToken(tokenUuid string) (Session, error)
|
readRefreshToken(tokenUuid string) (Session, error)
|
||||||
InvalidateRefreshToken(refreshUuid string) error
|
invalidateRefreshToken(refreshUuid string) error
|
||||||
|
getCurrentSession(sessionUuid string) (Session, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type repo struct {
|
type repo struct {
|
||||||
|
|
@ -19,11 +20,11 @@ func newRepository(db *gorm.DB) *repo {
|
||||||
return &repo{db: db}
|
return &repo{db: db}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *repo) CreateRefreshToken(token *Session) error {
|
func (r *repo) createRefreshToken(token *Session) error {
|
||||||
return r.db.Create(token).Error
|
return r.db.Create(token).Error
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) {
|
func (r *repo) readRefreshToken(tokenUuid string) (Session, error) {
|
||||||
var tokenData Session
|
var tokenData Session
|
||||||
|
|
||||||
if err := r.db.
|
if err := r.db.
|
||||||
|
|
@ -36,9 +37,15 @@ func (r *repo) ReadRefreshToken(tokenUuid string) (Session, error) {
|
||||||
return tokenData, nil
|
return tokenData, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *repo) InvalidateRefreshToken(refreshUuid string) error {
|
func (r *repo) invalidateRefreshToken(refreshUuid string) error {
|
||||||
return r.db.
|
return r.db.
|
||||||
Model(&Session{}).
|
Model(&Session{}).
|
||||||
Where("refresh_uuid = ?", refreshUuid).
|
Where("refresh_uuid = ?", refreshUuid).
|
||||||
Update("deleted_at", time.Now().UTC()).Error
|
Update("deleted_at", time.Now().UTC()).Error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (r *repo) getCurrentSession(sessionUuid string) (Session, error) {
|
||||||
|
var s Session
|
||||||
|
err := r.db.Where("refresh_uuid = ?", sessionUuid).Where("deleted_at IS NULL").Find(&s).Error
|
||||||
|
return s, err
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,11 +11,11 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type Service struct {
|
type Service struct {
|
||||||
repo Repository
|
repo repository
|
||||||
jwtProvider interfaces.JWTProvider
|
jwtProvider interfaces.JWTProvider
|
||||||
}
|
}
|
||||||
|
|
||||||
func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service {
|
func newService(repo repository, jwtProvider interfaces.JWTProvider) *Service {
|
||||||
return &Service{
|
return &Service{
|
||||||
repo: repo,
|
repo: repo,
|
||||||
jwtProvider: jwtProvider,
|
jwtProvider: jwtProvider,
|
||||||
|
|
@ -29,7 +29,7 @@ func (s *Service) Login(userUuid string) (shared.AuthData, error) {
|
||||||
func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
tokenData, err := s.repo.ReadRefreshToken(refreshUuid)
|
tokenData, err := s.repo.readRefreshToken(refreshUuid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||||
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
|
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
|
||||||
|
|
@ -38,11 +38,11 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if time.Now().After(tokenData.Expires) {
|
if time.Now().After(tokenData.Expires) {
|
||||||
_ = s.repo.InvalidateRefreshToken(refreshUuid)
|
_ = s.repo.invalidateRefreshToken(refreshUuid)
|
||||||
return shared.AuthData{}, errors.New("token expired")
|
return shared.AuthData{}, errors.New("token expired")
|
||||||
}
|
}
|
||||||
|
|
||||||
err = s.repo.InvalidateRefreshToken(refreshUuid)
|
err = s.repo.invalidateRefreshToken(refreshUuid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return shared.AuthData{}, err
|
return shared.AuthData{}, err
|
||||||
}
|
}
|
||||||
|
|
@ -51,7 +51,7 @@ func (s *Service) Refresh(refreshUuid string) (shared.AuthData, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) Logout(refreshUuid string) error {
|
func (s *Service) Logout(refreshUuid string) error {
|
||||||
return s.repo.InvalidateRefreshToken(refreshUuid)
|
return s.repo.invalidateRefreshToken(refreshUuid)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {
|
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {
|
||||||
|
|
@ -81,7 +81,7 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData,
|
||||||
expires := time.Now().UTC().Add(s.jwtProvider.RefreshExpires())
|
expires := time.Now().UTC().Add(s.jwtProvider.RefreshExpires())
|
||||||
refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires)
|
refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires)
|
||||||
|
|
||||||
err = s.repo.CreateRefreshToken(&Session{
|
err = s.repo.createRefreshToken(&Session{
|
||||||
Expires: expires,
|
Expires: expires,
|
||||||
UserUuid: userUuid,
|
UserUuid: userUuid,
|
||||||
RefreshUuid: refreshUuid,
|
RefreshUuid: refreshUuid,
|
||||||
|
|
@ -93,3 +93,17 @@ func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData,
|
||||||
RefreshCookie: refreshCookie,
|
RefreshCookie: refreshCookie,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Service) GetCurrentSession(sessionUuid string) (shared.CurrentSession, error) {
|
||||||
|
cs, err := s.repo.getCurrentSession(sessionUuid)
|
||||||
|
if err != nil {
|
||||||
|
return shared.CurrentSession{}, err
|
||||||
|
}
|
||||||
|
|
||||||
|
resp := shared.CurrentSession{
|
||||||
|
Uuid: cs.SessionUuid,
|
||||||
|
Expires: cs.Expires,
|
||||||
|
}
|
||||||
|
|
||||||
|
return resp, nil
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,16 @@
|
||||||
package shared
|
package shared
|
||||||
|
|
||||||
import "net/http"
|
import (
|
||||||
|
"net/http"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
type AuthData struct {
|
type AuthData struct {
|
||||||
AccessToken string
|
AccessToken string
|
||||||
RefreshCookie *http.Cookie
|
RefreshCookie *http.Cookie
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type CurrentSession struct {
|
||||||
|
Uuid string `json:"uuid"`
|
||||||
|
Expires time.Time `json:"expires"`
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue