chore(Easyauth): add checkuser function for smaler interface

This commit is contained in:
kekskurse 2024-11-19 23:04:07 +01:00
parent 1e61d9dd15
commit a14596c55a
2 changed files with 22 additions and 6 deletions

View file

@ -12,7 +12,8 @@ import (
type EasyAuth struct { type EasyAuth struct {
client Auth client Auth
jwtSecret []byte JwtSecret []byte
TimeUntilJWTExpired time.Duration
} }
type UserClaims struct { type UserClaims struct {
@ -23,10 +24,24 @@ type UserClaims struct {
func NewEasyAuth(client Auth) (EasyAuth, error) { func NewEasyAuth(client Auth) (EasyAuth, error) {
e := EasyAuth{} e := EasyAuth{}
e.client = client e.client = client
e.jwtSecret = []byte("hsajedogö") e.JwtSecret = []byte("hsajedogö")
e.TimeUntilJWTExpired = 120 * time.Minute
return e, nil return e, nil
} }
func (e EasyAuth) CheckUser(w http.ResponseWriter, r *http.Request) (AuthentikUser, error) {
user, con, err := e.GetUser(w, r)
if err != nil {
return AuthentikUser{}, err
}
if !con {
return AuthentikUser{}, ErrUserNeedRedirect
}
return user, nil
}
func (e EasyAuth) GetUser(w http.ResponseWriter, r *http.Request) (AuthentikUser, bool, error) { func (e EasyAuth) GetUser(w http.ResponseWriter, r *http.Request) (AuthentikUser, bool, error) {
store, err := session.Start(context.Background(), w, r) store, err := session.Start(context.Background(), w, r)
if err != nil { if err != nil {
@ -48,7 +63,7 @@ func (e EasyAuth) GetUser(w http.ResponseWriter, r *http.Request) (AuthentikUser
jwtString := fmt.Sprintf("%s", jwtData) jwtString := fmt.Sprintf("%s", jwtData)
parsedAccessToken, _ := jwt.ParseWithClaims(jwtString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) { parsedAccessToken, _ := jwt.ParseWithClaims(jwtString, &UserClaims{}, func(token *jwt.Token) (interface{}, error) {
return e.jwtSecret, nil return e.JwtSecret, nil
}) })
if !parsedAccessToken.Valid { if !parsedAccessToken.Valid {
@ -83,7 +98,7 @@ func (e EasyAuth) AuthHTTPHandler(w http.ResponseWriter, r *http.Request) {
panic(err) // TODO: Deal with error panic(err) // TODO: Deal with error
} }
expired := time.Now().Add(5 * time.Minute) expired := time.Now().Add(e.TimeUntilJWTExpired)
claims := UserClaims{} claims := UserClaims{}
claims.Issuer = "EasyAuth" claims.Issuer = "EasyAuth"
@ -94,7 +109,7 @@ func (e EasyAuth) AuthHTTPHandler(w http.ResponseWriter, r *http.Request) {
claims.User = user claims.User = user
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS512, claims) jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS512, claims)
jwtString, err := jwtToken.SignedString(e.jwtSecret) jwtString, err := jwtToken.SignedString(e.JwtSecret)
if err != nil { if err != nil {
panic(err) // TODO: Deal with error panic(err) // TODO: Deal with error
} }

View file

@ -11,4 +11,5 @@ var (
ErrWrongResponseFromServer = errors.New("cant get access token from server") ErrWrongResponseFromServer = errors.New("cant get access token from server")
ErrCantGetUserInfo = errors.New("cant get user info") ErrCantGetUserInfo = errors.New("cant get user info")
ErrCreateRequestForUserInfo = errors.New("cant create request for get user") ErrCreateRequestForUserInfo = errors.New("cant create request for get user")
ErrUserNeedRedirect = errors.New("user need to login at oauth server")
) )