✨ Auth impl

pkg/server/auth.go

@@ -0,0 +1,32 @@
+package server
+
+import (
+	"code.smartsheep.studio/hydrogen/bus/pkg/kit/adaptor"
+	"code.smartsheep.studio/hydrogen/bus/pkg/kit/publisher"
+	"code.smartsheep.studio/hydrogen/bus/pkg/wire"
+	"code.smartsheep.studio/hydrogen/passport/pkg/security"
+	"code.smartsheep.studio/hydrogen/passport/pkg/services"
+)
+
+func doAuth(c *publisher.RequestCtx) error {
+	token := adaptor.ParseAnyToStruct[string](c.Parameters)
+
+	claims, err := security.DecodeJwt(token)
+	if err != nil {
+		return c.SendError(wire.Unauthorized, err)
+	}
+
+	session, err := services.LookupSessionWithToken(claims.ID)
+	if err != nil {
+		return c.SendError(wire.Unauthorized, err)
+	} else if err := session.IsAvailable(); err != nil {
+		return c.SendError(wire.Unauthorized, err)
+	}
+
+	user, err := services.GetAccount(session.AccountID)
+	if err != nil {
+		return c.SendError(wire.Unauthorized, err)
+	}
+
+	return c.SendResponse(user.Permissions.Data())
+}

pkg/server/index.go

@@ -42,4 +42,25 @@ var Commands = map[string]publisher.CommandManifest{
 		Requirements: wire.CommandRequirements{},
 		Handle:       refreshToken,
 	},
+	"passport.auth": {
+		Name:         "Auth with access token.",
+		Description:  "Auth gateway request with access token.",
+		Requirements: wire.CommandRequirements{},
+		Providers: []wire.CommandProvider{
+			{
+				ID:             "passport.auth",
+				Implementation: "gateway.auth",
+				Weight:         1000,
+			},
+		},
+		Handle: doAuth,
+	},
+	"passport.test": {
+		Name:         "Test secured resource.",
+		Description:  "Test secured resource connectivity.",
+		Requirements: wire.CommandRequirements{Authorized: true},
+		Handle: func(c *publisher.RequestCtx) error {
+			return c.SendResponse("You got me!")
+		},
+	},
 }