feat: split auth routes in files

2025-06-07 01:32:56 +02:00
parent dd7c51efd8
commit 4071a50a37
3 changed files with 191 additions and 0 deletions
--- a/internal/auth/login.go
+++ b/internal/auth/login.go
@ -0,0 +1,81 @@
+package auth
+
+import (
+	"encoding/json"
+	"log"
+	"net/http"
+
+	"gitea.local/admin/hspguard/internal/util"
+	"gitea.local/admin/hspguard/internal/web"
+)
+
+type LoginParams struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}
+
+func (h *AuthHandler) login(w http.ResponseWriter, r *http.Request) {
+	var params LoginParams
+
+	decoder := json.NewDecoder(r.Body)
+	if err := decoder.Decode(&params); err != nil {
+		web.Error(w, "failed to parse request body", http.StatusBadRequest)
+		return
+	}
+
+	if params.Email == "" || params.Password == "" {
+		web.Error(w, "missing required fields", http.StatusBadRequest)
+		return
+	}
+
+	log.Printf("DEBUG: looking for user with following params: %#v\n", params)
+
+	user, err := h.repo.FindUserEmail(r.Context(), params.Email)
+	if err != nil {
+		web.Error(w, "user with provided email does not exists", http.StatusBadRequest)
+		return
+	}
+
+	if !util.VerifyPassword(params.Password, user.PasswordHash) {
+		web.Error(w, "username or/and password are incorrect", http.StatusBadRequest)
+		return
+	}
+
+	access, refresh, err := h.signTokens(&user)
+	if err != nil {
+		web.Error(w, "failed to generate tokens", http.StatusInternalServerError)
+		return
+	}
+
+	if err := h.repo.UpdateLastLogin(r.Context(), user.ID); err != nil {
+		web.Error(w, "failed to update user's last login", http.StatusInternalServerError)
+		return
+	}
+
+	encoder := json.NewEncoder(w)
+
+	type Response struct {
+		AccessToken  string `json:"access"`
+		RefreshToken string `json:"refresh"`
+		// fields required for UI in account selector, e.g. email, full name and avatar
+		FullName       string  `json:"full_name"`
+		Email          string  `json:"email"`
+		Id             string  `json:"id"`
+		ProfilePicture *string `json:"profile_picture"`
+		// Avatar
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+
+	if err := encoder.Encode(Response{
+		AccessToken:    access,
+		RefreshToken:   refresh,
+		FullName:       user.FullName,
+		Email:          user.Email,
+		Id:             user.ID.String(),
+		ProfilePicture: user.ProfilePicture,
+		// Avatar
+	}); err != nil {
+		web.Error(w, "failed to encode response", http.StatusInternalServerError)
+	}
+}
--- a/internal/auth/profile.go
+++ b/internal/auth/profile.go
@ -0,0 +1,31 @@
+package auth
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"gitea.local/admin/hspguard/internal/types"
+	"gitea.local/admin/hspguard/internal/util"
+	"gitea.local/admin/hspguard/internal/web"
+	"github.com/google/uuid"
+)
+
+func (h *AuthHandler) getProfile(w http.ResponseWriter, r *http.Request) {
+	userId, ok := util.GetRequestUserId(r.Context())
+	if !ok {
+		web.Error(w, "failed to get user id from auth session", http.StatusInternalServerError)
+		return
+	}
+
+	user, err := h.repo.FindUserId(r.Context(), uuid.MustParse(userId))
+	if err != nil {
+		web.Error(w, "user with provided id does not exist", http.StatusUnauthorized)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+
+	if err := json.NewEncoder(w).Encode(types.NewUserDTO(&user)); err != nil {
+		web.Error(w, "failed to encode user profile", http.StatusInternalServerError)
+	}
+}
--- a/internal/auth/refresh.go
+++ b/internal/auth/refresh.go
@ -0,0 +1,79 @@
+package auth
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"gitea.local/admin/hspguard/internal/util"
+	"gitea.local/admin/hspguard/internal/web"
+	"github.com/google/uuid"
+)
+
+func (h *AuthHandler) refreshToken(w http.ResponseWriter, r *http.Request) {
+	authHeader := r.Header.Get("Authorization")
+	if authHeader == "" {
+		web.Error(w, "unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	parts := strings.Split(authHeader, "Bearer ")
+	if len(parts) != 2 {
+		web.Error(w, "invalid auth header format", http.StatusUnauthorized)
+		return
+	}
+
+	tokenStr := parts[1]
+	token, userClaims, err := util.VerifyToken(tokenStr, h.cfg.Jwt.PublicKey)
+	if err != nil || !token.Valid {
+		http.Error(w, fmt.Sprintf("invalid token: %v", err), http.StatusUnauthorized)
+		return
+	}
+
+	expire, err := userClaims.GetExpirationTime()
+	if err != nil {
+		web.Error(w, "failed to retrieve enough info from the token", http.StatusInternalServerError)
+		return
+	}
+
+	if time.Now().After(expire.Time) {
+		web.Error(w, "token is expired", http.StatusUnauthorized)
+		return
+	}
+
+	userId, err := uuid.Parse(userClaims.Subject)
+	if err != nil {
+		web.Error(w, "failed to parsej user id from token", http.StatusInternalServerError)
+		return
+	}
+
+	user, err := h.repo.FindUserId(r.Context(), userId)
+	if err != nil {
+		web.Error(w, "user with provided email does not exists", http.StatusBadRequest)
+		return
+	}
+
+	access, refresh, err := h.signTokens(&user)
+	if err != nil {
+		web.Error(w, "failed to generate tokens", http.StatusInternalServerError)
+		return
+	}
+
+	type Response struct {
+		AccessToken  string `json:"access"`
+		RefreshToken string `json:"refresh"`
+	}
+
+	encoder := json.NewEncoder(w)
+
+	w.Header().Set("Content-Type", "application/json")
+
+	if err := encoder.Encode(Response{
+		AccessToken:  access,
+		RefreshToken: refresh,
+	}); err != nil {
+		web.Error(w, "failed to encode response", http.StatusInternalServerError)
+	}
+}