Passport/pkg/internal/grpc/auth.go

package grpc

import (
	"context"
	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"

	"git.solsynth.dev/hydrogen/dealer/pkg/proto"
	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
	jsoniter "github.com/json-iterator/go"
)

func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.AuthReply, error) {
	ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)
	if err != nil {
		return &proto.AuthReply{
			IsValid: false,
		}, nil
	} else {
		user := ctx.Account
		rawPerms, _ := jsoniter.Marshal(perms)

		userinfo := &proto.UserInfo{
			Id:          uint64(user.ID),
			Name:        user.Name,
			Nick:        user.Nick,
			Email:       user.GetPrimaryEmail().Content,
			Description: &user.Description,
		}

		if user.Avatar != nil {
			userinfo.Avatar = *user.GetAvatar()
		}
		if user.Banner != nil {
			userinfo.Banner = *user.GetBanner()
		}

		return &proto.AuthReply{
			IsValid: true,
			Info: &proto.AuthInfo{
				NewAccessToken:  &atk,
				NewRefreshToken: &rtk,
				Permissions:     rawPerms,
				TicketId:        uint64(ctx.Ticket.ID),
				Info:            userinfo,
			},
		}, nil
	}
}

func (v *Server) EnsurePermGranted(_ context.Context, in *proto.CheckPermRequest) (*proto.CheckPermResponse, error) {
	claims, err := services.DecodeJwt(in.GetToken())
	if err != nil {
		return nil, err
	}
	ctx, err := services.GetAuthContext(claims.ID)
	if err != nil {
		return nil, err
	}

	var heldPerms map[string]any
	rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)
	_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)

	var value any
	_ = jsoniter.Unmarshal(in.GetValue(), &value)
	perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)
	valid := services.HasPermNode(perms, in.GetKey(), value)

	return &proto.CheckPermResponse{
		IsValid: valid,
	}, nil
}

func (v *Server) EnsureUserPermGranted(_ context.Context, in *proto.CheckUserPermRequest) (*proto.CheckUserPermResponse, error) {
	relation, err := services.GetRelationWithTwoNode(uint(in.GetUserId()), uint(in.GetOtherId()))
	if err != nil {
		return &proto.CheckUserPermResponse{
			IsValid: false,
		}, nil
	}

	defaultPerm := relation.Status == models.RelationshipFriend

	var value any
	_ = jsoniter.Unmarshal(in.GetValue(), &value)
	valid := services.HasPermNodeWithDefault(relation.PermNodes, in.GetKey(), value, defaultPerm)

	return &proto.CheckUserPermResponse{
		IsValid: valid,
	}, nil
}
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`package grpc`

			`import (`
			`"context"`
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`"git.solsynth.dev/hydrogen/passport/pkg/internal/models"`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`"git.solsynth.dev/hydrogen/dealer/pkg/proto"`
:bug: Bug fixes on connection and package naming 2024-06-17 14:21:34 +00:00			`"git.solsynth.dev/hydrogen/passport/pkg/internal/services"`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`jsoniter "github.com/json-iterator/go"`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`)`

:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`func (v Server) Authenticate(_ context.Context, in proto.AuthRequest) (*proto.AuthReply, error) {`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`if err != nil {`
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`return &proto.AuthReply{`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`IsValid: false,`
			`}, nil`
			`} else {`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`user := ctx.Account`
:sparkles: Basis perm nodes feature 2024-05-17 09:13:11 +00:00			`rawPerms, _ := jsoniter.Marshal(perms)`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`userinfo := &proto.UserInfo{`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00			`Id: uint64(user.ID),`
			`Name: user.Name,`
			`Nick: user.Nick,`
			`Email: user.GetPrimaryEmail().Content,`
			`Description: &user.Description,`
			`}`

			`if user.Avatar != nil {`
:bug: Bug fixes in unable get accurate avatar & banner url 2024-05-22 15:45:43 +00:00			`userinfo.Avatar = *user.GetAvatar()`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00			`}`
			`if user.Banner != nil {`
:bug: Bug fixes in unable get accurate avatar & banner url 2024-05-22 15:45:43 +00:00			`userinfo.Banner = *user.GetBanner()`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00			`}`

:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`return &proto.AuthReply{`
:recycle: Basiclly moved to Dealer from Consul 2024-07-14 16:01:17 +00:00			`IsValid: true,`
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`Info: &proto.AuthInfo{`
:recycle: Basiclly moved to Dealer from Consul 2024-07-14 16:01:17 +00:00			`NewAccessToken: &atk,`
			`NewRefreshToken: &rtk,`
			`Permissions: rawPerms,`
			`TicketId: uint64(ctx.Ticket.ID),`
			`Info: userinfo,`
			`},`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`}, nil`
			`}`
			`}`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00
:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`func (v Server) EnsurePermGranted(_ context.Context, in proto.CheckPermRequest) (*proto.CheckPermResponse, error) {`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`claims, err := services.DecodeJwt(in.GetToken())`
			`if err != nil {`
			`return nil, err`
			`}`
			`ctx, err := services.GetAuthContext(claims.ID)`
			`if err != nil {`
			`return nil, err`
			`}`

:bug: Fix decoding permission nodes from db 2024-05-17 12:34:34 +00:00			`var heldPerms map[string]any`
			`rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)`
			`_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)`

:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`var value any`
			`_ = jsoniter.Unmarshal(in.GetValue(), &value)`
:bug: Fix decoding permission nodes from db 2024-05-17 12:34:34 +00:00			`perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`valid := services.HasPermNode(perms, in.GetKey(), value)`

:recycle: Refactored relation system :arrow_up: Support new realm & relation api 2024-07-15 16:02:28 +00:00			`return &proto.CheckPermResponse{`
			`IsValid: valid,`
			`}, nil`
			`}`

			`func (v Server) EnsureUserPermGranted(_ context.Context, in proto.CheckUserPermRequest) (*proto.CheckUserPermResponse, error) {`
			`relation, err := services.GetRelationWithTwoNode(uint(in.GetUserId()), uint(in.GetOtherId()))`
			`if err != nil {`
			`return &proto.CheckUserPermResponse{`
			`IsValid: false,`
			`}, nil`
			`}`

			`defaultPerm := relation.Status == models.RelationshipFriend`

			`var value any`
			`_ = jsoniter.Unmarshal(in.GetValue(), &value)`
			`valid := services.HasPermNodeWithDefault(relation.PermNodes, in.GetKey(), value, defaultPerm)`

			`return &proto.CheckUserPermResponse{`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`IsValid: valid,`
			`}, nil`
			`}`