Passport/pkg/internal/services/auth.go

110 lines
2.9 KiB
Go
Raw Normal View History

2024-02-20 13:46:15 +00:00
package services
import (
2024-09-22 05:13:05 +00:00
"context"
2024-02-20 13:46:15 +00:00
"fmt"
"git.solsynth.dev/hypernet/passport/pkg/authkit/models"
"git.solsynth.dev/hypernet/passport/pkg/internal/database"
"time"
2024-03-20 12:56:43 +00:00
2024-09-22 05:13:05 +00:00
"github.com/eko/gocache/lib/v4/cache"
"github.com/eko/gocache/lib/v4/marshaler"
"github.com/eko/gocache/lib/v4/store"
jsoniter "github.com/json-iterator/go"
localCache "git.solsynth.dev/hypernet/passport/pkg/internal/cache"
2024-02-20 13:46:15 +00:00
"github.com/gofiber/fiber/v2"
"github.com/rs/zerolog/log"
2024-02-20 13:46:15 +00:00
)
func Authenticate(sessionId uint) (ctx models.AuthTicket, perms map[string]any, err error) {
if ctx, err = GetAuthContext(sessionId); err == nil {
var heldPerms map[string]any
rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)
_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)
perms = FilterPermNodes(heldPerms, ctx.Claims)
return
}
err = fiber.NewError(fiber.StatusUnauthorized, err.Error())
return
}
func GetAuthContextCacheKey(sessionId uint) string {
return fmt.Sprintf("auth-context#%d", sessionId)
2024-09-22 05:13:05 +00:00
}
func GetAuthContext(sessionId uint) (models.AuthTicket, error) {
var err error
var ctx models.AuthTicket
2024-09-22 05:13:05 +00:00
cacheManager := cache.New[any](localCache.S)
marshal := marshaler.New(cacheManager)
contx := context.Background()
if val, err := marshal.Get(contx, GetAuthContextCacheKey(sessionId), new(models.AuthTicket)); err == nil {
ctx = *val.(*models.AuthTicket)
2024-05-17 11:37:58 +00:00
} else {
ctx, err = CacheAuthContext(sessionId)
log.Debug().Uint("session", sessionId).Msg("Created a new auth context cache")
}
return ctx, err
}
func CacheAuthContext(sessionId uint) (models.AuthTicket, error) {
// Query data from primary database
var ticket models.AuthTicket
if err := database.C.
Where("id = ?", sessionId).
Preload("Account").
First(&ticket).Error; err != nil {
return ticket, fmt.Errorf("invalid auth ticket: %v", err)
2024-04-21 04:20:06 +00:00
} else if err := ticket.IsAvailable(); err != nil {
return ticket, fmt.Errorf("unavailable auth ticket: %v", err)
2024-02-20 13:46:15 +00:00
}
2024-04-21 04:20:06 +00:00
user, err := GetAccount(ticket.AccountID)
2024-02-20 13:46:15 +00:00
if err != nil {
return ticket, fmt.Errorf("invalid account: %v", err)
}
2024-07-24 09:23:44 +00:00
groups, err := GetUserAccountGroup(user)
if err != nil {
return ticket, fmt.Errorf("unable to get account groups: %v", err)
2024-07-24 09:23:44 +00:00
}
for _, group := range groups {
for k, v := range group.PermNodes {
if _, ok := user.PermNodes[k]; !ok {
user.PermNodes[k] = v
}
}
}
// Put the data into the cache
2024-09-22 05:13:05 +00:00
cacheManager := cache.New[any](localCache.S)
marshal := marshaler.New(cacheManager)
ctx := context.Background()
_ = marshal.Set(
2024-09-22 05:13:05 +00:00
ctx,
GetAuthContextCacheKey(sessionId),
ticket,
2024-09-22 05:13:05 +00:00
store.WithExpiration(3*time.Minute),
store.WithTags([]string{"auth-context", fmt.Sprintf("user#%d", user.ID)}),
)
return ticket, nil
2024-05-17 11:37:58 +00:00
}
2024-05-17 11:37:58 +00:00
func InvalidAuthCacheWithUser(userId uint) {
2024-09-22 05:13:05 +00:00
cacheManager := cache.New[any](localCache.S)
ctx := context.Background()
2024-09-22 05:13:05 +00:00
cacheManager.Invalidate(
ctx,
2024-09-22 05:13:05 +00:00
store.WithInvalidateTags([]string{"auth-context", fmt.Sprintf("user#%d", userId)}),
)
2024-02-20 13:46:15 +00:00
}