Rename, GraphQL Flutter Cookie Basics, & GraphQL Flutter Model Gen

2021-02-10 00:09:57 -05:00
parent a2d0432147
commit f0aee561ad
41 changed files with 1461 additions and 258 deletions
--- a/internal/api/auth.go
+++ b/internal/api/auth.go
@@ -50,6 +50,9 @@ func (api *API) refreshTokens(refreshToken jwt.Token) (string, string, error) {
 }

 func (api *API) validateTokens(w *http.ResponseWriter, r *http.Request) (jwt.Token, error) {
+	// TODO: Check from X-Imagini-AccessToken
+	// TODO: Check from X-Imagini-RefreshToken
+
 	// Validate Access Token
 	accessCookie, _ := r.Cookie("AccessToken")
 	if accessCookie != nil {
@@ -72,23 +75,29 @@ func (api *API) validateTokens(w *http.ResponseWriter, r *http.Request) (jwt.Tok
 	}

 	// Refresh Access Token & Generate New Refresh Token
-	newAccessCookie, newRefreshCookie, err := api.refreshTokens(refreshToken)
+	newAccessToken, newRefreshToken, err := api.refreshTokens(refreshToken)
 	if err != nil {
 		return nil, err
 	}

 	// TODO: Actually Refresh Refresh Token
-	newRefreshCookie = refreshCookie.Value
+	newRefreshToken = refreshCookie.Value
+
+	// Set appropriate cookies (TODO: Only for web!)

 	// Update Access & Refresh Cookies
 	http.SetCookie(*w, &http.Cookie{
 		Name:  "AccessToken",
-		Value: newAccessCookie,
+		Value: newAccessToken,
 	})
 	http.SetCookie(*w, &http.Cookie{
 		Name:  "RefreshToken",
-		Value: newRefreshCookie,
+		Value: newRefreshToken,
 	})

-	return jwt.ParseBytes([]byte(newAccessCookie))
+	// Only for iOS & Android (TODO: Remove for web! Only cause affected by CORS during development)
+	(*w).Header().Set("X-Imagini-AccessToken", newAccessToken)
+	(*w).Header().Set("X-Imagini-RefreshToken", newRefreshToken)
+
+	return jwt.ParseBytes([]byte(newAccessToken))
 }
--- a/internal/api/middlewares.go
+++ b/internal/api/middlewares.go
@@ -24,8 +24,16 @@ func multipleMiddleware(h http.HandlerFunc, m ...Middleware) http.HandlerFunc {
 * This is used for the graphQL endpoints that may require access to the
 * Request and ResponseWriter variables. These are used to get / set cookies.
 **/
-func (api *API) contextMiddleware(next http.Handler) http.Handler {
+func (api *API) queryMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		// TODO: REMOVE (SOME OF) THIS!! Only for developement due to CORS
+		w.Header().Set("Access-Control-Allow-Credentials", "true")
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+		w.Header().Set("Access-Control-Expose-Headers", "*")
+		w.Header().Set("Access-Control-Allow-Headers", "*")
+		w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
+
 		authContext := &model.AuthContext{
 			AuthResponse: &w,
 			AuthRequest:  r,
--- a/internal/api/routes.go
+++ b/internal/api/routes.go
@@ -26,7 +26,7 @@ func (api *API) registerRoutes() {

 	// Handle GraphQL
 	api.Router.Handle("/playground", playground.Handler("GraphQL playground", "/query"))
-	api.Router.Handle("/query", api.contextMiddleware(srv))
+	api.Router.Handle("/query", api.queryMiddleware(srv))

 	// Handle Resource Route
 	api.Router.HandleFunc("/media/", multipleMiddleware(