pakin/Taobin-Recipe-Manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update filemanager navigation

Browse source
This commit is contained in:
Kenta420 2024-02-20 15:01:43 +07:00
parent 11dc6b2132
commit 92b11f7b9d
31 changed files with 363 additions and 305 deletions
Download patch file Download diff file Expand all files Collapse all files

15
server/config/config.go
View file

@ -1,12 +1,11 @@
package config
type ServerConfig struct {
ServerPort int `mapstructure:"SERVER_PORT"`
TusServerPort int `mapstructure:"TUS_SERVER_PORT"`
AllowedOrigins string `mapstructure:"ALLOWED_ORIGINS"`
ClientRedirectURL string `mapstructure:"CLIENT_REDIRECT_URL"`
ClientElectronRedirectURL string `mapstructure:"CLIENT_ELECTRON_REDIRECT_URL"`
ServerDomain string `mapstructure:"SERVER_DOMAIN"`
APIKey string `mapstructure:"API_KEY"`
Debug bool `mapstructure:"DEBUG_MODE"`
ServerPort int `mapstructure:"SERVER_PORT"`
TusServerPort int `mapstructure:"TUS_SERVER_PORT"`
AllowedOrigins string `mapstructure:"ALLOWED_ORIGINS"`
ClientRedirectURL string `mapstructure:"CLIENT_REDIRECT_URL"`
ServerDomain string `mapstructure:"SERVER_DOMAIN"`
APIKey string `mapstructure:"API_KEY"`
Debug bool `mapstructure:"DEBUG_MODE"`
}

9
server/middlewares/authorized.go
View file

@ -4,13 +4,14 @@ import (
"context"
"encoding/json"
"fmt"
"github.com/go-chi/chi/v5"
"golang.org/x/oauth2"
"net/http"
"recipe-manager/enums/permissions"
"recipe-manager/models"
"recipe-manager/services/oauth"
"recipe-manager/services/user"
"github.com/go-chi/chi/v5"
"golang.org/x/oauth2"
)
// ========================== ValidatePermissions =========================================
@ -20,6 +21,8 @@ func Authorize(oauthService oauth.OAuthService, userService user.UserService, ne
if cookie, err := r.Cookie("access_token"); err == nil {
token.AccessToken = cookie.Value
} else {
token.AccessToken = r.Header.Get("X-Access-Token")
}
userInfo, err := oauthService.GetUserInfo(r.Context(), token)
@ -28,6 +31,8 @@ func Authorize(oauthService oauth.OAuthService, userService user.UserService, ne
// if have refresh token, set refresh token to token
if cookie, err := r.Cookie("refresh_token"); err == nil {
token.RefreshToken = cookie.Value
} else {
token.RefreshToken = r.Header.Get("X-Refresh-Token")
}
newToken, err := oauthService.RefreshToken(r.Context(), token)

52
server/routers/auth.go
View file

@ -50,6 +50,7 @@ func (ar *AuthRouter) Route(r chi.Router) {
}
authURL := ar.oauth.AuthURL(state, stateMap)
ar.taoLogger.Log.Info("User Log-In", zap.String("authURL", authURL))
http.Redirect(w, r, authURL, http.StatusTemporaryRedirect)
})
@ -129,12 +130,12 @@ func (ar *AuthRouter) Route(r chi.Router) {
ar.taoLogger.Log.Info("User Log-In Success", zap.String("userInfo", userInfo.Name), zap.String("email", userInfo.Email))
// if kind is electron then add kind to value
if kind == "electron" {
value.Add("kind", kind)
value.Add("access_token", token.AccessToken)
value.Add("max_age", "3600")
value.Add("refresh_token", token.RefreshToken)
http.Redirect(w, r, ar.cfg.ClientElectronRedirectURL+"login?"+value.Encode(), http.StatusTemporaryRedirect)
return
}
// redirect to frontend with token and refresh token
w.Header().Add("set-cookie", "access_token="+token.AccessToken+"; Path=/; HttpOnly; SameSite=None; Secure; Max-Age=3600")
@ -143,15 +144,22 @@ func (ar *AuthRouter) Route(r chi.Router) {
})
r.Get("/me", func(w http.ResponseWriter, r *http.Request) {
// get access token from cookie
// get access token from token
var token string
cookie, err := r.Cookie("access_token")
if err != nil {
http.Error(w, "Access token not found", http.StatusBadRequest)
return
token = r.Header.Get("X-Access-Token")
if token == "" {
http.Error(w, "Access token not found", http.StatusUnauthorized)
return
}
} else {
token = cookie.Value
}
// get userInfo info
userInfo, err := ar.oauth.GetUserInfo(r.Context(), &oauth2.Token{AccessToken: cookie.Value})
userInfo, err := ar.oauth.GetUserInfo(r.Context(), &oauth2.Token{AccessToken: token})
if err != nil {
http.Error(w, "Error getting userInfo info", http.StatusBadRequest)
return
@ -186,26 +194,10 @@ func (ar *AuthRouter) Route(r chi.Router) {
})
r.Post("/refresh", func(w http.ResponseWriter, r *http.Request) {
// get refresh token from query string
refreshToken := r.Header.Get("X-Refresh-Token")
// get refresh token from body and redirect_to from body and mashal it to struct
var refreshToken string
var redirectTo string
err := json.NewDecoder(r.Body).Decode(&struct {
RefreshToken string `json:"refresh_token"`
RedirectTo string `json:"redirect_to"`
}{refreshToken, redirectTo})
if err != nil {
http.Error(w, "Error decoding body", http.StatusBadRequest)
return
}
// refreshToken := r.URL.Query().Get("refresh_token")
// redirectTo := r.URL.Query().Get("redirect_to")
if refreshToken == "" {
http.Error(w, "Refresh token not found", http.StatusBadRequest)
http.Error(w, "Refresh token not found", http.StatusUnauthorized)
return
}
@ -216,8 +208,16 @@ func (ar *AuthRouter) Route(r chi.Router) {
return
}
// redirect to frontend with token and refresh token
http.Redirect(w, r, ar.cfg.ClientRedirectURL+"/?token="+token.AccessToken+"&redirect_to="+redirectTo, http.StatusTemporaryRedirect)
// get userInfo info
w.Header().Add("set-cookie", "access_token="+token.AccessToken+"; Path=/; HttpOnly; SameSite=None; Secure; Max-Age=3600")
w.Header().Add("set-cookie", "refresh_token="+token.RefreshToken+"; Path=/; HttpOnly; SameSite=None; Secure")
if err := json.NewEncoder(w).Encode(&struct {
AccessToken string `json:"access_token"`
MaxAge int `json:"max_age"`
RefreshToken string `json:"refresh_token"`
}{AccessToken: token.AccessToken, MaxAge: 3600, RefreshToken: token.RefreshToken}); err != nil {
http.Error(w, "Error encoding response", http.StatusInternalServerError)
}
})
r.Get("/revoke", func(w http.ResponseWriter, r *http.Request) {