116 lines
3.4 KiB
Go
116 lines
3.4 KiB
Go
// MIT License
|
|
//
|
|
// Copyright (c) 2024 vinchent <vinchent@vinchent.xyz>
|
|
//
|
|
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
// of this software and associated documentation files (the "Software"), to deal
|
|
// in the Software without restriction, including without limitation the rights
|
|
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
// copies of the Software, and to permit persons to whom the Software is
|
|
// furnished to do so, subject to the following conditions:
|
|
//
|
|
// The above copyright notice and this permission notice shall be included in all
|
|
// copies or substantial portions of the Software.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
// SOFTWARE.
|
|
|
|
package controller
|
|
|
|
import (
|
|
"fmt"
|
|
"time"
|
|
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/model"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/howmuch/usecase/usecase"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/pkg/core"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/pkg/errno"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/pkg/log"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/pkg/middleware/authn"
|
|
"git.vinchent.xyz/vinchent/howmuch/internal/pkg/token"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type Session interface {
|
|
Create(*gin.Context)
|
|
Delete(*gin.Context)
|
|
}
|
|
|
|
type SessionController struct {
|
|
userUsecase usecase.User
|
|
cache core.Cache
|
|
}
|
|
|
|
func NewSessionController(u usecase.User, cache core.Cache) Session {
|
|
return &SessionController{u, cache}
|
|
}
|
|
|
|
type Token struct {
|
|
Token string `json:"token"`
|
|
}
|
|
|
|
type createParams struct {
|
|
Email string `json:"email" binding:"required,email"`
|
|
Password string `json:"password" binding:"required"`
|
|
}
|
|
|
|
// Create creates a session for a user and returns a token
|
|
//
|
|
// Since we use JWT method, this token is not stored anywhere. Thus it
|
|
// stops at the controller level.
|
|
func (sc *SessionController) Create(ctx *gin.Context) {
|
|
var user model.UserExistDTO
|
|
|
|
if err := ctx.Bind(&user); err != nil {
|
|
log.ErrorLog("param error", "err", err)
|
|
core.WriteResponse(ctx, UserParamsErr, nil)
|
|
return
|
|
}
|
|
|
|
err := sc.userUsecase.Exist(ctx, &user)
|
|
if err != nil {
|
|
core.WriteResponse(ctx, err, nil)
|
|
return
|
|
}
|
|
|
|
// user exists. Generate the token for the user
|
|
tokenString, err := token.Sign(user.Email)
|
|
if err != nil {
|
|
core.WriteResponse(ctx, errno.InternalServerErr, nil)
|
|
return
|
|
}
|
|
|
|
core.WriteResponse(ctx, nil, Token{
|
|
Token: tokenString,
|
|
})
|
|
}
|
|
|
|
// Delete deletes a session by putting the jwt token into the cache
|
|
func (sc *SessionController) Delete(ctx *gin.Context) {
|
|
tk, err := token.ParseRequest(ctx)
|
|
if err != nil || tk == nil {
|
|
// Unlikely
|
|
core.WriteResponse(ctx, authn.ErrTokenInvalid, nil)
|
|
return
|
|
}
|
|
|
|
exp := time.Until(tk.Expiry)
|
|
key := fmt.Sprintf("jwt:%s", tk.Identity)
|
|
|
|
log.DebugLog("session delete", "key", key, "exp", exp.String())
|
|
err = sc.cache.Set(ctx, key, tk.Raw, exp)
|
|
if err != nil {
|
|
// unexpected
|
|
log.ErrorLog("error writing logged out jwt into cache", "err", err)
|
|
core.WriteResponse(ctx, errno.InternalServerErr, nil)
|
|
return
|
|
}
|
|
|
|
core.WriteResponse(ctx, nil, "logged out")
|
|
}
|