github.com/pavlo67/common@v0.5.3/common/auth/auth_server_http/endpoints.go (about)

     1  package auth_server_http
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"io/ioutil"
     7  	"net/http"
     8  
     9  	"github.com/pavlo67/common/common"
    10  	"github.com/pavlo67/common/common/auth"
    11  	"github.com/pavlo67/common/common/errors"
    12  	"github.com/pavlo67/common/common/server_http"
    13  )
    14  
    15  var Endpoints = server_http.Endpoints{
    16  	authenticateEndpoint,
    17  	setCredsEndpoint,
    18  }
    19  
    20  //var bodyParams = json.RawMessage(`{
    21  //   "in": "body",
    22  //	"name": "credentials",
    23  //	"description": "user's email/login & password'",
    24  //	"schema": {
    25  //		"type": "object",
    26  //		"required":"password",
    27  //		"properties": {
    28  //			"email":    {"type": "string"},
    29  //			"nickname": {"type": "string"},
    30  //			"password": {"type": "string"}
    31  //          ...
    32  //		}
    33  //	}
    34  //
    35  //}`)
    36  
    37  var authenticateEndpoint = server_http.Endpoint{
    38  	EndpointDescription: server_http.EndpointDescription{
    39  		InternalKey: auth.IntefaceKeyAuthenticate,
    40  		Method:      "POST",
    41  	},
    42  
    43  	//BodyParams: bodyParams,
    44  	WorkerHTTP: func(serverOp server_http.Operator, req *http.Request, _ server_http.PathParams, _ *auth.Identity) (server_http.Response, error) {
    45  
    46  		credsJSON, err := ioutil.ReadAll(req.Body)
    47  		if err != nil {
    48  			return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongBodyKey, common.Map{"error": errors.Wrap(err, "can't read body")}), req)
    49  		}
    50  
    51  		var toAuth auth.Creds
    52  		if err = json.Unmarshal(credsJSON, &toAuth); err != nil {
    53  			return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongJSONKey, common.Map{"error": errors.Wrapf(err, "can't unmarshal body: %s", credsJSON)}), req)
    54  		}
    55  		toAuth[auth.CredsIP] = req.RemoteAddr
    56  
    57  		actor, err := authOp.Authenticate(toAuth)
    58  		if err != nil {
    59  			return server_http.ResponseRESTError(0, err, req)
    60  		} else if actor == nil || actor.Identity == nil {
    61  			return server_http.ResponseRESTError(0, auth.ErrNotAuthenticated, req)
    62  		}
    63  
    64  		toSet := auth.Creds{
    65  			auth.CredsNickname: actor.Nickname,
    66  			auth.CredsID:       string(actor.ID),
    67  		}
    68  
    69  		if len(actor.Roles) > 0 {
    70  			rolesJSON, err := json.Marshal(actor.Roles)
    71  			if err != nil {
    72  				return server_http.ResponseRESTError(0, err, req)
    73  			}
    74  			toSet[auth.CredsRolesJSON] = string(rolesJSON)
    75  		}
    76  
    77  		jwtCreds, err := authJWTOp.SetCreds(auth.Actor{}, toSet)
    78  		if err != nil || jwtCreds == nil {
    79  			return server_http.ResponseRESTError(0, fmt.Errorf("got %#v / %s", jwtCreds, err), req)
    80  		}
    81  		actor.Creds = *jwtCreds
    82  
    83  		return server_http.ResponseRESTOk(http.StatusOK, actor, req)
    84  	},
    85  }
    86  
    87  var setCredsEndpoint = server_http.Endpoint{
    88  	EndpointDescription: server_http.EndpointDescription{
    89  		InternalKey: auth.IntefaceKeySetCreds,
    90  		Method:      "POST",
    91  	},
    92  
    93  	WorkerHTTP: func(serverOp server_http.Operator, req *http.Request, _ server_http.PathParams, identity *auth.Identity) (server_http.Response, error) {
    94  
    95  		credsJSON, err := ioutil.ReadAll(req.Body)
    96  		if err != nil {
    97  			return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongBodyKey, common.Map{"error": errors.Wrap(err, "can't read body")}), req)
    98  		}
    99  
   100  		var toSet auth.Creds
   101  		if err = json.Unmarshal(credsJSON, &toSet); err != nil {
   102  			return server_http.ResponseRESTError(http.StatusBadRequest, errors.CommonError(common.WrongJSONKey, common.Map{"error": errors.Wrapf(err, "can't unmarshal body: %s", credsJSON)}), req)
   103  		}
   104  		toSet[auth.CredsIP] = req.RemoteAddr
   105  
   106  		creds, err := authOp.SetCreds(auth.Actor{Identity: identity}, toSet)
   107  		if err != nil {
   108  			return server_http.ResponseRESTError(0, err, req)
   109  		}
   110  
   111  		return server_http.ResponseRESTOk(http.StatusOK, creds, req)
   112  	},
   113  }