chore(Easyauth): add checkuser function for smaler interface
This commit is contained in:
kekskurse
parent
1e61d9dd15
commit
a14596c55a
2 changed files with 22 additions and 6 deletions
27
easyauth.go
27
easyauth.go
|
|
@ -11,8 +11,9 @@ import (
|
|||
)
|
||||
|
||||
type EasyAuth struct {
|
||||
client Auth
|
||||
jwtSecret []byte
|
||||
client Auth
|
||||
JwtSecret []byte
|
||||
TimeUntilJWTExpired time.Duration
|
||||
}
|
||||
|
||||
type UserClaims struct {
|
||||
|
|
@ -23,10 +24,24 @@ type UserClaims struct {
|
|||
func NewEasyAuth(client Auth) (EasyAuth, error) {
|
||||
e := EasyAuth{}
|
||||
e.client = client
|
||||
e.jwtSecret = []byte("hsajedogö")
|
||||
e.JwtSecret = []byte("hsajedogö")
|
||||
e.TimeUntilJWTExpired = 120 * time.Minute
|
||||
return e, nil
|
||||
}
|
||||
|
||||
func (e EasyAuth) CheckUser(w http.ResponseWriter, r *http.Request) (AuthentikUser, error) {
|
||||
user, con, err := e.GetUser(w, r)
|
||||
if err != nil {
|
||||
return AuthentikUser{}, err
|
||||
}
|
||||
|
||||
if !con {
|
||||
return AuthentikUser{}, ErrUserNeedRedirect
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func (e EasyAuth) GetUser(w http.ResponseWriter, r *http.Request) (AuthentikUser, bool, error) {
|
||||
store, err := session.Start(context.Background(), w, r)
|
||||
if err != nil {
|
||||
|
|
@ -48,7 +63,7 @@ func (e EasyAuth) GetUser(w http.ResponseWriter, r *http.Request) (AuthentikUser
|
|||
jwtString := fmt.Sprintf("%s", jwtData)
|
||||
|
||||
parsedAccessToken, _ := jwt.ParseWithClaims(jwtString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
|
||||
return e.jwtSecret, nil
|
||||
return e.JwtSecret, nil
|
||||
})
|
||||
|
||||
if !parsedAccessToken.Valid {
|
||||
|
|
@ -83,7 +98,7 @@ func (e EasyAuth) AuthHTTPHandler(w http.ResponseWriter, r *http.Request) {
|
|||
panic(err) // TODO: Deal with error
|
||||
}
|
||||
|
||||
expired := time.Now().Add(5 * time.Minute)
|
||||
expired := time.Now().Add(e.TimeUntilJWTExpired)
|
||||
|
||||
claims := UserClaims{}
|
||||
claims.Issuer = "EasyAuth"
|
||||
|
|
@ -94,7 +109,7 @@ func (e EasyAuth) AuthHTTPHandler(w http.ResponseWriter, r *http.Request) {
|
|||
claims.User = user
|
||||
|
||||
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS512, claims)
|
||||
jwtString, err := jwtToken.SignedString(e.jwtSecret)
|
||||
jwtString, err := jwtToken.SignedString(e.JwtSecret)
|
||||
if err != nil {
|
||||
panic(err) // TODO: Deal with error
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,4 +11,5 @@ var (
|
|||
ErrWrongResponseFromServer = errors.New("cant get access token from server")
|
||||
ErrCantGetUserInfo = errors.New("cant get user info")
|
||||
ErrCreateRequestForUserInfo = errors.New("cant create request for get user")
|
||||
ErrUserNeedRedirect = errors.New("user need to login at oauth server")
|
||||
)
|
||||
|
|
|
|||
Loading…
Reference in a new issue