♻️ Improve code structure and much easier to read

🐛 Fix auth middleware
2024-06-22 13:04:21 +08:00
parent c37a55b88b
commit 7007cda8f2
34 changed files with 451 additions and 337 deletions
--- a/pkg/internal/server/ui/accounts.go
+++ b/pkg/internal/server/ui/accounts.go
@@ -2,6 +2,7 @@ package ui

 import (
 	"fmt"
+	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"html/template"
 	"time"

@@ -15,7 +16,10 @@ import (
 )

 func selfUserinfoPage(c *fiber.Ctx) error {
-	user := c.Locals("principal").(models.Account)
+	if err := exts.EnsureAuthenticated(c); err != nil {
+		return DoAuthRedirect(c)
+	}
+	user := c.Locals("user").(models.Account)

 	var data models.Account
 	if err := database.C.
--- a/pkg/internal/server/ui/index.go
+++ b/pkg/internal/server/ui/index.go
@@ -3,28 +3,15 @@ package ui
 import (
 	"fmt"

-	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
-	"git.solsynth.dev/hydrogen/passport/pkg/internal/utils"
 	"github.com/gofiber/fiber/v2"
 )

-func MapUserInterface(A *fiber.App, authFunc utils.AuthFunc) {
-	authCheckWare := func(c *fiber.Ctx) error {
-		var token string
-		if cookie := c.Cookies(services.CookieAccessKey); len(cookie) > 0 {
-			token = cookie
-		}
-
-		c.Locals("token", token)
-
-		if err := authFunc(c); err != nil {
-			uri := c.Request().URI().FullURI()
-			return c.Redirect(fmt.Sprintf("/sign-in?redirect_uri=%s", string(uri)))
-		} else {
-			return c.Next()
-		}
-	}
+func DoAuthRedirect(c *fiber.Ctx) error {
+	uri := c.Request().URI().FullURI()
+	return c.Redirect(fmt.Sprintf("/sign-in?redirect_uri=%s", string(uri)))
+}

+func MapUserInterface(A *fiber.App) {
 	pages := A.Group("/").Name("Pages")

 	pages.Get("/", func(c *fiber.Ctx) error {
@@ -35,13 +22,13 @@ func MapUserInterface(A *fiber.App, authFunc utils.AuthFunc) {
 	pages.Get("/sign-in", signinPage)
 	pages.Get("/mfa", mfaRequestPage)
 	pages.Get("/mfa/apply", mfaApplyPage)
-	pages.Get("/authorize", authCheckWare, authorizePage)
+	pages.Get("/authorize", authorizePage)

 	pages.Post("/sign-up", signupAction)
 	pages.Post("/sign-in", signinAction)
 	pages.Post("/mfa", mfaRequestAction)
 	pages.Post("/mfa/apply", mfaApplyAction)
-	pages.Post("/authorize", authCheckWare, authorizeAction)
+	pages.Post("/authorize", authorizeAction)

-	pages.Get("/users/me", authCheckWare, selfUserinfoPage)
+	pages.Get("/users/me", selfUserinfoPage)
 }
--- a/pkg/internal/server/ui/mfa.go
+++ b/pkg/internal/server/ui/mfa.go
@@ -3,8 +3,8 @@ package ui
 import (
 	"fmt"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
+	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
-	"git.solsynth.dev/hydrogen/passport/pkg/internal/utils"
 	"github.com/gofiber/fiber/v2"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/samber/lo"
@@ -68,7 +68,7 @@ func mfaRequestAction(c *fiber.Ctx) error {
 	}

 	redirectBackUri := "/sign-in"
-	err := utils.BindAndValidate(c, &data)
+	err := exts.BindAndValidate(c, &data)

 	if data.TicketID > 0 {
 		redirectBackUri = fmt.Sprintf("/mfa?ticket=%d", data.TicketID)
@@ -95,7 +95,7 @@ func mfaRequestAction(c *fiber.Ctx) error {
 	}

 	return flash.WithData(c, fiber.Map{
-		"redirect_uri": utils.GetRedirectUri(c),
+		"redirect_uri": exts.GetRedirectUri(c),
 	}).Redirect(fmt.Sprintf("/mfa/apply?ticket=%d&factor=%d", data.TicketID, factor.ID))
 }

@@ -145,7 +145,7 @@ func mfaApplyAction(c *fiber.Ctx) error {
 	}

 	redirectBackUri := "/sign-in"
-	err := utils.BindAndValidate(c, &data)
+	err := exts.BindAndValidate(c, &data)

 	if data.TicketID > 0 {
 		redirectBackUri = fmt.Sprintf("/mfa/apply?ticket=%d&factor=%d", data.TicketID, data.FactorID)
@@ -187,8 +187,8 @@ func mfaApplyAction(c *fiber.Ctx) error {
 			"message": fmt.Sprintf("failed to exchange token: %v", err.Error()),
 		}).Redirect("/sign-in")
 	} else {
-		services.SetJwtCookieSet(c, access, refresh)
+		exts.SetAuthCookies(c, access, refresh)
 	}

-	return c.Redirect(lo.FromPtr(utils.GetRedirectUri(c, "/users/me")))
+	return c.Redirect(lo.FromPtr(exts.GetRedirectUri(c, "/users/me")))
 }
--- a/pkg/internal/server/ui/oauth.go
+++ b/pkg/internal/server/ui/oauth.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
+	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
 	"github.com/gofiber/fiber/v2"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
@@ -16,7 +17,11 @@ import (

 func authorizePage(c *fiber.Ctx) error {
 	localizer := c.Locals("localizer").(*i18n.Localizer)
-	user := c.Locals("principal").(models.Account)
+
+	if err := exts.EnsureAuthenticated(c); err != nil {
+		return DoAuthRedirect(c)
+	}
+	user := c.Locals("user").(models.Account)

 	id := c.Query("client_id")
 	redirect := c.Query("redirect_uri")
@@ -81,12 +86,19 @@ func authorizePage(c *fiber.Ctx) error {
 }

 func authorizeAction(c *fiber.Ctx) error {
-	user := c.Locals("principal").(models.Account)
+	if err := exts.EnsureAuthenticated(c); err != nil {
+		return err
+	}
+	user := c.Locals("user").(models.Account)
 	id := c.Query("client_id")
 	response := c.Query("response_type")
 	redirect := c.Query("redirect_uri")
 	scope := c.Query("scope")

+	if err := exts.EnsureAuthenticated(c); err != nil {
+		return DoAuthRedirect(c)
+	}
+
 	redirectBackUri := "/authorize?" + string(c.Request().URI().QueryString())

 	if len(scope) <= 0 {
--- a/pkg/internal/server/ui/signin.go
+++ b/pkg/internal/server/ui/signin.go
@@ -2,8 +2,8 @@ package ui

 import (
 	"fmt"
+	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
-	"git.solsynth.dev/hydrogen/passport/pkg/internal/utils"
 	"github.com/gofiber/fiber/v2"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/samber/lo"
@@ -47,7 +47,7 @@ func signinAction(c *fiber.Ctx) error {
 		Password string `form:"password" validate:"required"`
 	}

-	if err := utils.BindAndValidate(c, &data); err != nil {
+	if err := exts.BindAndValidate(c, &data); err != nil {
 		return flash.WithInfo(c, fiber.Map{
 			"message": err.Error(),
 		}).Redirect("/sign-in")
@@ -76,7 +76,7 @@ func signinAction(c *fiber.Ctx) error {

 	if ticket.IsAvailable() != nil {
 		return flash.WithData(c, fiber.Map{
-			"redirect_uri": utils.GetRedirectUri(c),
+			"redirect_uri": exts.GetRedirectUri(c),
 		}).Redirect(fmt.Sprintf("/mfa?ticket=%d", ticket.ID))
 	}

@@ -86,8 +86,8 @@ func signinAction(c *fiber.Ctx) error {
 			"message": fmt.Sprintf("failed to exchange token: %v", err.Error()),
 		}).Redirect("/sign-in")
 	} else {
-		services.SetJwtCookieSet(c, access, refresh)
+		exts.SetAuthCookies(c, access, refresh)
 	}

-	return c.Redirect(lo.FromPtr(utils.GetRedirectUri(c, "/users/me")))
+	return c.Redirect(lo.FromPtr(exts.GetRedirectUri(c, "/users/me")))
 }
--- a/pkg/internal/server/ui/signup.go
+++ b/pkg/internal/server/ui/signup.go
@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
+	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
-	"git.solsynth.dev/hydrogen/passport/pkg/internal/utils"
 	"github.com/gofiber/fiber/v2"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/samber/lo"
@@ -52,7 +52,7 @@ func signupAction(c *fiber.Ctx) error {
 		MagicToken string `form:"magic_token"`
 	}

-	if err := utils.BindAndValidate(c, &data); err != nil {
+	if err := exts.BindAndValidate(c, &data); err != nil {
 		return flash.WithInfo(c, fiber.Map{
 			"message": err.Error(),
 		}).Redirect("/sign-up")
@@ -82,6 +82,6 @@ func signupAction(c *fiber.Ctx) error {
 	} else {
 		return flash.WithInfo(c, fiber.Map{
 			"message": "account has been created. now you can sign in!",
-		}).Redirect(lo.FromPtr(utils.GetRedirectUri(c, "/sign-in")))
+		}).Redirect(lo.FromPtr(exts.GetRedirectUri(c, "/sign-in")))
 	}
 }