Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: need to update login flow to 302 redirect to PORTAL/api/aut… #28

Merged
merged 1 commit into from
Jul 20, 2024
Merged

refactor: need to update login flow to 302 redirect to PORTAL/api/aut… #28

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 46 additions & 8 deletions dashboard.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ import (
portal_dashboard "go.lumeweb.com/web/go/portal-dashboard"
"go.uber.org/zap"
"net/http"
"net/url"
)

//go:embed swagger.yaml
Expand Down Expand Up @@ -125,14 +126,13 @@ func (a *AccountAPI) login(w http.ResponseWriter, r *http.Request) {
return
}

core.SetAuthCookie(w, a.ctx, jwt)
core.SendJWT(w, jwt)
rootDomain := "https://" + a.ctx.Config().Config().Core.Domain
vals := url.Values{}
vals.Add(a.AuthTokenName(), jwt)

response := &LoginResponse{
Token: jwt,
Otp: user.OTPEnabled && user.OTPVerified,
}
ctx.Encode(response)
redirectURL := rootDomain + "/api/auth/complete?" + vals.Encode()

http.Redirect(w, r, redirectURL, http.StatusFound)
}

func (a *AccountAPI) register(w http.ResponseWriter, r *http.Request) {
Expand Down Expand Up @@ -363,6 +363,35 @@ func (a *AccountAPI) ping(w http.ResponseWriter, r *http.Request) {
ctx.Encode(response)
}

func (a *AccountAPI) rootAuthComplete(w http.ResponseWriter, r *http.Request) {
ctx := httputil.Context(r, w)
userId := middleware.GetUserFromContext(r.Context())
token := middleware.GetAuthTokenFromContext(r.Context())

exists, user, err := a.user.AccountExists(userId)
if err != nil {
a.logger.Error("failed to check if email exists", zap.Error(err))
_ = ctx.Error(err, http.StatusInternalServerError)
return
}

if !exists {
err := core.NewAccountError(core.ErrKeyInvalidLogin, nil)
_ = ctx.Error(err, http.StatusUnauthorized)
return
}

core.SetAuthCookie(w, a.ctx, token)
core.SendJWT(w, token)

response := &LoginResponse{
Token: token,
Otp: user.OTPEnabled && user.OTPVerified,
}

ctx.Encode(response)
}

func (a *AccountAPI) accountInfo(w http.ResponseWriter, r *http.Request) {
ctx := httputil.Context(r, w)
user := middleware.GetUserFromContext(r.Context())
Expand Down Expand Up @@ -447,7 +476,9 @@ func (a *AccountAPI) meta(w http.ResponseWriter, r *http.Request) {
func (a *AccountAPI) Configure(router *mux.Router) error {
// CORS configuration
corsOpts := cors.Options{
AllowedOrigins: []string{"*"},
AllowOriginFunc: func(origin string) bool {
return true
},
AllowedMethods: []string{"GET", "POST", "DELETE", "OPTIONS"},
AllowedHeaders: []string{"Authorization", "Content-Type"},
AllowCredentials: true,
Expand Down Expand Up @@ -511,6 +542,13 @@ func (a *AccountAPI) Configure(router *mux.Router) error {
})
})

rootRouter := core.GetService[core.HTTPService](a.ctx, core.HTTP_SERVICE).Router().Host(a.ctx.Config().Config().Core.Domain).Subrouter()

rootRouter.Use(pingAuthMw)
rootRouter.Use(corsHandler.Handler)

rootRouter.HandleFunc("/api/auth/complete", a.rootAuthComplete).Methods("GET", "OPTIONS")

return nil
}

Expand Down
70 changes: 38 additions & 32 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,35 +8,36 @@ require (
github.com/gorilla/mux v1.8.1
github.com/rs/cors v1.11.0
go.lumeweb.com/httputil v0.0.0-20240616192644-3d270a528d86
go.lumeweb.com/portal v0.1.2-0.20240628081126-b713975f78f4
go.lumeweb.com/portal v0.1.2-0.20240719071030-ed6f8a88a057
go.lumeweb.com/web/go/portal-dashboard v0.0.0-20240628083440-8b3dfcc3e606
go.uber.org/zap v1.27.0
)

require (
filippo.io/edwards25519 v1.1.0 // indirect
github.com/AfterShip/email-verifier v1.4.0 // indirect
github.com/LumeWeb/siacentral-api v0.0.0-20240311114304-4ff40c07bce5 // indirect
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect
github.com/aws/aws-sdk-go-v2 v1.30.0 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.2 // indirect
github.com/aws/aws-sdk-go-v2/config v1.27.21 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.21 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.8 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.12 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.12 // indirect
github.com/aws/aws-sdk-go-v2 v1.30.3 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.3 // indirect
github.com/aws/aws-sdk-go-v2/config v1.27.24 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.26 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.10 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.12 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.14 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.10 // indirect
github.com/aws/aws-sdk-go-v2/service/s3 v1.55.2 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.21.1 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.25.1 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.29.1 // indirect
github.com/aws/smithy-go v1.20.2 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.15 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.17 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.15 // indirect
github.com/aws/aws-sdk-go-v2/service/s3 v1.58.2 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.22.3 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
github.com/aws/smithy-go v1.20.3 // indirect
github.com/boombuler/barcode v1.0.1 // indirect
github.com/casbin/casbin/v2 v2.95.0 // indirect
github.com/casbin/casbin/v2 v2.97.0 // indirect
github.com/casbin/govaluate v1.1.1 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/coreos/go-semver v0.3.1 // indirect
Expand All @@ -47,9 +48,9 @@ require (
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/gabriel-vasile/mimetype v1.4.4 // indirect
github.com/getkin/kin-openapi v0.125.0 // indirect
github.com/getkin/kin-openapi v0.126.0 // indirect
github.com/go-co-op/gocron-redis-lock/v2 v2.0.1 // indirect
github.com/go-co-op/gocron/v2 v2.5.0 // indirect
github.com/go-co-op/gocron/v2 v2.9.0 // indirect
github.com/go-gorm/caches/v4 v4.0.5 // indirect
github.com/go-openapi/jsonpointer v0.21.0 // indirect
github.com/go-openapi/swag v0.23.0 // indirect
Expand Down Expand Up @@ -79,18 +80,23 @@ require (
github.com/knadh/koanf/v2 v2.1.1 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/mattn/go-sqlite3 v1.14.22 // indirect
github.com/minio/sha256-simd v1.0.1 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/montanaflynn/stats v0.7.1 // indirect
github.com/mr-tron/base58 v1.2.0 // indirect
github.com/multiformats/go-multihash v0.2.3 // indirect
github.com/multiformats/go-varint v0.0.6 // indirect
github.com/perimeterx/marshmallow v1.1.5 // indirect
github.com/pquerna/otp v1.4.0 // indirect
github.com/redis/go-redis/v9 v9.5.3 // indirect
github.com/robfig/cron/v3 v3.0.1 // indirect
github.com/samber/lo v1.39.0 // indirect
github.com/samber/lo v1.44.0 // indirect
github.com/shopspring/decimal v1.4.0 // indirect
github.com/ugorji/go/codec v1.2.7 // indirect
github.com/wneessen/go-mail v0.4.1 // indirect
github.com/spaolacci/murmur3 v1.1.0 // indirect
github.com/ugorji/go/codec v1.2.12 // indirect
github.com/wneessen/go-mail v0.4.2 // indirect
gitlab.com/NebulousLabs/bolt v1.4.4 // indirect
gitlab.com/NebulousLabs/encoding v0.0.0-20200604091946-456c3dc907fe // indirect
gitlab.com/NebulousLabs/entropy-mnemonics v0.0.0-20181018051301-7532f67e3500 // indirect
Expand All @@ -106,22 +112,22 @@ require (
go.etcd.io/etcd/api/v3 v3.5.14 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.14 // indirect
go.etcd.io/etcd/client/v3 v3.5.14 // indirect
go.sia.tech/core v0.2.8 // indirect
go.sia.tech/coreutils v0.0.7 // indirect
go.sia.tech/core v0.3.0 // indirect
go.sia.tech/coreutils v0.1.2 // indirect
go.sia.tech/jape v0.11.2-0.20240228204811-29a0f056d231 // indirect
go.sia.tech/mux v1.2.0 // indirect
go.sia.tech/renterd v1.0.7 // indirect
go.sia.tech/siad v1.5.10-0.20230228235644-3059c0b930ca // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.24.0 // indirect
golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8 // indirect
golang.org/x/net v0.26.0 // indirect
golang.org/x/sys v0.21.0 // indirect
golang.org/x/crypto v0.25.0 // indirect
golang.org/x/exp v0.0.0-20240707233637-46b078467d37 // indirect
golang.org/x/net v0.27.0 // indirect
golang.org/x/sys v0.22.0 // indirect
golang.org/x/text v0.16.0 // indirect
golang.org/x/tools v0.22.0 // indirect
golang.org/x/tools v0.23.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240610135401-a8a62080eff3 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240610135401-a8a62080eff3 // indirect
google.golang.org/grpc v1.64.0 // indirect
google.golang.org/grpc v1.64.1 // indirect
google.golang.org/protobuf v1.34.1 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
gorm.io/driver/mysql v1.5.7 // indirect
Expand Down
Loading
Loading