evan/imagini
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

(WIP) Refresh & Access

Browse Source
This commit is contained in:
Evan Reichard
2021-01-17 23:56:56 -05:00
parent cd97b6262f
commit 377903f7a1
14 changed files with 366 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/api/api.go
View File

@@ -15,9 +15,9 @@ type API struct {
func NewApi(db *db.DBManager, auth *auth.AuthManager) *API {
api := &API{
Router: http.NewServeMux(),
DB: db,
Auth: auth,
Router: http.NewServeMux(),
Auth: auth,
DB: db,
}
api.registerRoutes()
return api

44
internal/api/auth.go
View File

@@ -35,22 +35,25 @@ func (api *API) loginHandler(w http.ResponseWriter, r *http.Request) {
return
}
// TODO: Is user already logged in? If so refresh token, if different user, kill session and log in new user?
// Do login
resp := api.Auth.AuthenticateUser(creds)
if resp == true {
// Return Success
cookie := http.Cookie{
Name: "Token",
Value: "testToken",
}
http.SetCookie(w, &cookie)
successJSON(w, "Login success.", http.StatusOK)
}else {
// Return Failure
if !resp {
errorJSON(w, "Invalid credentials.", http.StatusUnauthorized)
return
}
// Create tokens
accessToken := api.Auth.CreateJWTAccessToken()
refreshToken := api.Auth.CreateRefreshToken()
// Set appropriate cookies
accessCookie := http.Cookie{Name: "AccessToken", Value: accessToken}
refreshCookie := http.Cookie{Name: "RefreshToken", Value: refreshToken}
http.SetCookie(w, &accessCookie)
http.SetCookie(w, &refreshCookie)
// Response success
successJSON(w, "Login success.", http.StatusOK)
}
func (api *API) logoutHandler(w http.ResponseWriter, r *http.Request) {
@@ -73,3 +76,20 @@ func (api *API) logoutHandler(w http.ResponseWriter, r *http.Request) {
}
http.SetCookie(w, cookie)
}
func (api *API) refreshLoginHandler(w http.ResponseWriter, r *http.Request) {
ok := api.Auth.ValidateRefreshToken()
if !ok {
// TODO: Clear Access & Refresh Cookies
errorJSON(w, "Invalid credentials.", http.StatusUnauthorized)
return
}
// Update token
accessToken := api.Auth.CreateJWTAccessToken()
accessCookie := http.Cookie{Name: "AccessToken", Value: accessToken}
http.SetCookie(w, &accessCookie)
// Response success
successJSON(w, "Refresh success.", http.StatusOK)
}

45
internal/api/middlewares.go
View File

@@ -2,13 +2,14 @@ package api
import (
"net/http"
"log"
"os"
log "github.com/sirupsen/logrus"
)
type Middleware func(http.Handler) http.Handler
type Middleware func(http.Handler) http.HandlerFunc
func MultipleMiddleware(h http.Handler, m ...Middleware) http.Handler {
func multipleMiddleware(h http.HandlerFunc, m ...Middleware) http.HandlerFunc {
if len(m) < 1 {
return h
}
@@ -19,19 +20,33 @@ func MultipleMiddleware(h http.Handler, m ...Middleware) http.Handler {
return wrapped
}
// func authMiddleware(h http.Handler) http.Handler {
// return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// _, ok := ValidateUserToken(r)
//
// if ok {
// next.ServeHTTP(w, r)
// } else {
// w.WriteHeader(http.StatusUnauthorized)
// }
// })
// }
func (api *API) authMiddleware(next http.Handler) http.HandlerFunc {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("Token")
if err != nil {
log.Warn("[middleware] Cookie not found")
w.WriteHeader(http.StatusUnauthorized)
return
}
func logMiddleware(h http.Handler) http.Handler {
// Validate cookie.Value JWT with
api.Auth.ValidateJWTToken(cookie.Value)
log.Info("[middleware] Cookie Name: ", cookie.Name)
log.Info("[middleware] Cookie Value: ", cookie.Value)
next.ServeHTTP(w, r)
// if true {
// next.ServeHTTP(w, r)
// } else {
// w.WriteHeader(http.StatusUnauthorized)
// }
})
}
func (api *API) logMiddleware(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.SetOutput(os.Stdout)
log.Println(r.Method, r.URL)

41
internal/api/routes.go
View File

@@ -6,15 +6,38 @@ import (
)
func (api *API) registerRoutes() {
api.Router.HandleFunc("/MediaItems", api.mediaItemsHandler)
api.Router.HandleFunc("/Upload", api.uploadHandler)
api.Router.HandleFunc("/Albums", api.albumsHandler)
api.Router.HandleFunc("/Logout", api.logoutHandler)
api.Router.HandleFunc("/Login", api.loginHandler)
api.Router.HandleFunc("/Users", api.usersHandler)
api.Router.HandleFunc("/Tags", api.tagsHandler)
api.Router.HandleFunc("/Info", api.infoHandler)
api.Router.HandleFunc("/Me", api.meHandler)
api.Router.HandleFunc("/MediaItems", multipleMiddleware(
api.mediaItemsHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Upload", multipleMiddleware(
api.uploadHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Albums", multipleMiddleware(
api.albumsHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Users", multipleMiddleware(
api.usersHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Tags", multipleMiddleware(
api.tagsHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Info", multipleMiddleware(
api.infoHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Me", multipleMiddleware(
api.meHandler,
api.authMiddleware,
))
api.Router.HandleFunc("/Logout", api.logoutHandler)
api.Router.HandleFunc("/Login", api.loginHandler)
api.Router.HandleFunc("/RefreshLogin", api.refreshLoginHandler)
}
// https://stackoverflow.com/a/59764037

4
internal/api/users.go
View File

@@ -31,9 +31,9 @@ func (api *API) meHandler(w http.ResponseWriter, r *http.Request) {
// Get Authenticated User & Return Object
authCookie, err := r.Cookie("Token")
if err != nil {
log.Error("[routes] ", err)
log.Error("[api] ", err)
return
}
log.Info("[routes] INFO: ", authCookie)
log.Info("[api] Auth Cookie: ", authCookie)
}