merch-tracker-v2/api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
api/internal/provider/auth/service.go
nquidox 6d20fc3ed6 session id check by refresh token
2025-09-10 20:19:51 +03:00

86 lines
2.2 KiB
Go
Raw Blame History

package auth
import (
"errors"
"github.com/google/uuid"
"gorm.io/gorm"
"merch-parser-api/internal/interfaces"
"merch-parser-api/internal/shared"
"time"
)
type Service struct {
repo Repository
jwtProvider interfaces.JWTProvider
refreshExpiry time.Duration
}
func newService(repo Repository, jwtProvider interfaces.JWTProvider) *Service {
return &Service{
repo: repo,
jwtProvider: jwtProvider,
}
}
func (s *Service) Login(userUuid string) (shared.AuthData, error) {
return s.newSession(userUuid)
}
func (s *Service) Refresh(userUuid, refreshUuid string) (shared.AuthData, error) {
var err error
tokenData, err := s.repo.ReadRefreshToken(userUuid, refreshUuid)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return shared.AuthData{}, errors.New("refresh token is not valid or doesn't exist")
}
return shared.AuthData{}, err
}
if time.Now().After(tokenData.Expires) {
_ = s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
return shared.AuthData{}, errors.New("token expired")
}
err = s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
if err != nil {
return shared.AuthData{}, err
}
return s.updateSession(userUuid, tokenData.SessionUuid)
}
func (s *Service) Logout(userUuid, refreshUuid string) error {
return s.repo.InvalidateRefreshToken(userUuid, refreshUuid)
}
func (s *Service) newSession(userUuid string) (shared.AuthData, error) {
return s.createSession(userUuid, uuid.NewString())
}
func (s *Service) updateSession(userUuid, sessionUuid string) (shared.AuthData, error) {
return s.createSession(userUuid, sessionUuid)
}
func (s *Service) createSession(userUuid, sessionUuid string) (shared.AuthData, error) {
accessToken, err := s.jwtProvider.CreateAccessToken(userUuid, sessionUuid)
if err != nil {
return shared.AuthData{}, err
}
refreshUuid := uuid.NewString()
expires := time.Now().UTC().Add(s.refreshExpiry)
refreshCookie := s.jwtProvider.CreateRefreshToken(refreshUuid, expires)
err = s.repo.CreateRefreshToken(&Session{
Expires: expires,
UserUuid: userUuid,
RefreshUuid: refreshUuid,
SessionUuid: sessionUuid,
})
return shared.AuthData{
AccessToken: accessToken,
RefreshCookie: refreshCookie,
}, nil
}
Reference in a new issue View git blame Copy permalink