Passport/pkg/services/auth.go

39 lines
1.2 KiB
Go
Raw Normal View History

2024-02-20 13:46:15 +00:00
package services
import (
"fmt"
2024-03-20 12:56:43 +00:00
"git.solsynth.dev/hydrogen/identity/pkg/models"
"git.solsynth.dev/hydrogen/identity/pkg/security"
2024-02-20 13:46:15 +00:00
"github.com/gofiber/fiber/v2"
)
func Authenticate(access, refresh string, depth int) (models.Account, string, string, error) {
var user models.Account
claims, err := security.DecodeJwt(access)
if err != nil {
if len(refresh) > 0 && depth < 1 {
// Auto refresh and retry
access, refresh, err := security.RefreshToken(refresh)
if err == nil {
return Authenticate(access, refresh, depth+1)
}
}
return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth key: %v", err))
}
session, err := LookupSessionWithToken(claims.ID)
if err != nil {
return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid auth session: %v", err))
} else if err := session.IsAvailable(); err != nil {
return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("unavailable auth session: %v", err))
}
user, err = GetAccount(session.AccountID)
if err != nil {
return user, access, refresh, fiber.NewError(fiber.StatusUnauthorized, fmt.Sprintf("invalid account: %v", err))
}
return user, access, refresh, nil
}