Documentation, Basic Login Workflow
This commit is contained in:
@@ -41,35 +41,46 @@ func (api *API) refreshTokens(refreshToken jwt.Token) (string, string, error) {
|
||||
}
|
||||
|
||||
// Update Access Token
|
||||
accessTokenCookie, err := api.Auth.CreateJWTAccessToken(user, device)
|
||||
accessToken, err := api.Auth.CreateJWTAccessToken(user, device)
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
|
||||
return accessTokenCookie, "", err
|
||||
return accessToken, "", err
|
||||
}
|
||||
|
||||
func (api *API) validateTokens(w *http.ResponseWriter, r *http.Request) (jwt.Token, error) {
|
||||
// TODO: Check from X-Imagini-AccessToken
|
||||
// TODO: Check from X-Imagini-RefreshToken
|
||||
|
||||
// Validate Access Token
|
||||
accessCookie, _ := r.Cookie("AccessToken")
|
||||
if accessCookie != nil {
|
||||
accessToken, err := api.Auth.ValidateJWTAccessToken(accessCookie.Value)
|
||||
accessTokenHeader := r.Header.Get("X-Imagini-AccessToken")
|
||||
if accessTokenHeader != "" {
|
||||
accessToken, err := api.Auth.ValidateJWTAccessToken(accessTokenHeader)
|
||||
if err == nil {
|
||||
return accessToken, nil
|
||||
}
|
||||
}
|
||||
|
||||
// Validate Refresh Cookie Exists
|
||||
refreshCookie, _ := r.Cookie("RefreshToken")
|
||||
if refreshCookie == nil {
|
||||
refreshTokenHeader := r.Header.Get("X-Imagini-RefreshToken")
|
||||
if refreshTokenHeader == "" {
|
||||
return nil, errors.New("Tokens Invalid")
|
||||
}
|
||||
|
||||
// Validate Access Token
|
||||
// accessCookie, _ := r.Cookie("AccessToken")
|
||||
// if accessCookie != nil {
|
||||
// accessToken, err := api.Auth.ValidateJWTAccessToken(accessCookie.Value)
|
||||
// if err == nil {
|
||||
// return accessToken, nil
|
||||
// }
|
||||
// }
|
||||
|
||||
// Validate Refresh Cookie Exists
|
||||
// refreshCookie, _ := r.Cookie("RefreshToken")
|
||||
// if refreshCookie == nil {
|
||||
// return nil, errors.New("Tokens Invalid")
|
||||
// }
|
||||
|
||||
// Validate Refresh Token
|
||||
refreshToken, err := api.Auth.ValidateJWTRefreshToken(refreshCookie.Value)
|
||||
// refreshToken, err := api.Auth.ValidateJWTRefreshToken(refreshCookie.Value)
|
||||
refreshToken, err := api.Auth.ValidateJWTRefreshToken(refreshTokenHeader)
|
||||
if err != nil {
|
||||
return nil, errors.New("Tokens Invalid")
|
||||
}
|
||||
@@ -81,21 +92,21 @@ func (api *API) validateTokens(w *http.ResponseWriter, r *http.Request) (jwt.Tok
|
||||
}
|
||||
|
||||
// TODO: Actually Refresh Refresh Token
|
||||
newRefreshToken = refreshCookie.Value
|
||||
// newRefreshToken = refreshCookie.Value
|
||||
newRefreshToken = refreshTokenHeader
|
||||
|
||||
// Set appropriate cookies (TODO: Only for web!)
|
||||
|
||||
// Update Access & Refresh Cookies
|
||||
http.SetCookie(*w, &http.Cookie{
|
||||
Name: "AccessToken",
|
||||
Value: newAccessToken,
|
||||
})
|
||||
http.SetCookie(*w, &http.Cookie{
|
||||
Name: "RefreshToken",
|
||||
Value: newRefreshToken,
|
||||
})
|
||||
// http.SetCookie(*w, &http.Cookie{
|
||||
// Name: "AccessToken",
|
||||
// Value: newAccessToken,
|
||||
// })
|
||||
// http.SetCookie(*w, &http.Cookie{
|
||||
// Name: "RefreshToken",
|
||||
// Value: newRefreshToken,
|
||||
// })
|
||||
|
||||
// Only for iOS & Android (TODO: Remove for web! Only cause affected by CORS during development)
|
||||
(*w).Header().Set("X-Imagini-AccessToken", newAccessToken)
|
||||
(*w).Header().Set("X-Imagini-RefreshToken", newRefreshToken)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user