From e6f6389eb0f91683c799bdd27407b0079b49d899 Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Thu, 31 Oct 2024 00:23:53 +0800 Subject: [PATCH] :twisted_rightwards_arrows: Merge rolled back changes --- .idea/workspace.xml | 125 +++++++-------------- go.mod | 2 +- go.sum | 2 + pkg/internal/gap/server.go | 2 +- pkg/internal/http/admin/permissions_api.go | 2 +- pkg/internal/http/api/accounts_api.go | 5 +- pkg/internal/http/api/avatar_api.go | 2 +- pkg/internal/http/api/bots_api.go | 2 +- pkg/internal/http/api/notifications_api.go | 2 +- pkg/internal/http/api/notify_api.go | 2 +- pkg/internal/http/api/oauth_api.go | 2 +- pkg/internal/http/api/relationships_api.go | 2 +- pkg/internal/http/api/reports_api.go | 2 +- pkg/internal/http/api/security_api.go | 2 +- pkg/internal/http/api/statuses_api.go | 2 +- pkg/internal/http/exts/auth.go | 6 +- pkg/internal/http/server.go | 2 + pkg/internal/services/reports.go | 1 + pkg/main.go | 12 ++ settings.toml | 7 +- 20 files changed, 78 insertions(+), 106 deletions(-) diff --git a/.idea/workspace.xml b/.idea/workspace.xml index 29e883c..0a6e27f 100644 --- a/.idea/workspace.xml +++ b/.idea/workspace.xml @@ -4,74 +4,27 @@ - - - + true diff --git a/go.mod b/go.mod index a2e4e82..2495b26 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module git.solsynth.dev/hydrogen/passport go 1.23.2 require ( - git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027 + git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297 git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e github.com/dgraph-io/ristretto v0.1.1 github.com/eko/gocache/lib/v4 v4.1.6 diff --git a/go.sum b/go.sum index 2424d37..2a83da0 100644 --- a/go.sum +++ b/go.sum @@ -43,6 +43,8 @@ git.solsynth.dev/hypernet/nexus v0.0.0-20241030153909-06c5fadb42c7 h1:fftdwNCLtr git.solsynth.dev/hypernet/nexus v0.0.0-20241030153909-06c5fadb42c7/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI= git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027 h1:F0mKuUpoRm+Nj0M4xNa2CkrXSmeONpIHwrvzwSKeux4= git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI= +git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297 h1:g9huTJFUKPESCKWkcGpVm2RRInGkcwkbL8yR8SBjTFo= +git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI= git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e h1:DtHhMjgxS/spUt/KEdbRFtaVnepI6Vx8pbHdJaNH1hs= git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e/go.mod h1:XHTqFU/vBe4JiuAjl87GUcL8+w/IizSNoqH6n3WkQFc= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= diff --git a/pkg/internal/gap/server.go b/pkg/internal/gap/server.go index ce830f2..91843e4 100644 --- a/pkg/internal/gap/server.go +++ b/pkg/internal/gap/server.go @@ -30,7 +30,7 @@ func InitializeToNexus() error { Type: nex.ServiceTypeAuth, Label: "Passport", GrpcAddr: grpcOutbound, - HttpAddr: lo.ToPtr("http://" + httpOutbound), + HttpAddr: lo.ToPtr("http://" + httpOutbound + "/api"), }) if err == nil { go func() { diff --git a/pkg/internal/http/admin/permissions_api.go b/pkg/internal/http/admin/permissions_api.go index 927edb4..743d97b 100644 --- a/pkg/internal/http/admin/permissions_api.go +++ b/pkg/internal/http/admin/permissions_api.go @@ -3,9 +3,9 @@ package admin import ( "fmt" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" ) diff --git a/pkg/internal/http/api/accounts_api.go b/pkg/internal/http/api/accounts_api.go index fcae350..017ae36 100644 --- a/pkg/internal/http/api/accounts_api.go +++ b/pkg/internal/http/api/accounts_api.go @@ -2,14 +2,15 @@ package api import ( "fmt" + "git.solsynth.dev/hypernet/nexus/pkg/nex/sec" "strconv" "strings" "time" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" jsoniter "github.com/json-iterator/go" @@ -59,7 +60,7 @@ func getUserinfo(c *fiber.Ctx) error { First(&data).Error; err != nil { return fiber.NewError(fiber.StatusInternalServerError, err.Error()) } else { - data.PermNodes = c.Locals("permissions").(map[string]any) + data.PermNodes = c.Locals("nex_user").(*sec.UserInfo).PermNodes } var resp fiber.Map diff --git a/pkg/internal/http/api/avatar_api.go b/pkg/internal/http/api/avatar_api.go index 7be6833..94e3971 100644 --- a/pkg/internal/http/api/avatar_api.go +++ b/pkg/internal/http/api/avatar_api.go @@ -1,9 +1,9 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "strconv" diff --git a/pkg/internal/http/api/bots_api.go b/pkg/internal/http/api/bots_api.go index ea6be10..9bcb88f 100644 --- a/pkg/internal/http/api/bots_api.go +++ b/pkg/internal/http/api/bots_api.go @@ -1,9 +1,9 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "github.com/samber/lo" diff --git a/pkg/internal/http/api/notifications_api.go b/pkg/internal/http/api/notifications_api.go index b6ddb1c..cf674f8 100644 --- a/pkg/internal/http/api/notifications_api.go +++ b/pkg/internal/http/api/notifications_api.go @@ -1,9 +1,9 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "github.com/samber/lo" diff --git a/pkg/internal/http/api/notify_api.go b/pkg/internal/http/api/notify_api.go index 03b73c9..23d32a6 100644 --- a/pkg/internal/http/api/notify_api.go +++ b/pkg/internal/http/api/notify_api.go @@ -3,8 +3,8 @@ package api import ( "fmt" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" ) diff --git a/pkg/internal/http/api/oauth_api.go b/pkg/internal/http/api/oauth_api.go index 04cd938..6fafdd6 100755 --- a/pkg/internal/http/api/oauth_api.go +++ b/pkg/internal/http/api/oauth_api.go @@ -6,8 +6,8 @@ import ( "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "github.com/samber/lo" diff --git a/pkg/internal/http/api/relationships_api.go b/pkg/internal/http/api/relationships_api.go index bc5be5c..6eec600 100644 --- a/pkg/internal/http/api/relationships_api.go +++ b/pkg/internal/http/api/relationships_api.go @@ -1,8 +1,8 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "strconv" diff --git a/pkg/internal/http/api/reports_api.go b/pkg/internal/http/api/reports_api.go index 1cae138..d6c4172 100644 --- a/pkg/internal/http/api/reports_api.go +++ b/pkg/internal/http/api/reports_api.go @@ -1,8 +1,8 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" ) diff --git a/pkg/internal/http/api/security_api.go b/pkg/internal/http/api/security_api.go index fdb624b..ad3d9de 100644 --- a/pkg/internal/http/api/security_api.go +++ b/pkg/internal/http/api/security_api.go @@ -1,9 +1,9 @@ package api import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "github.com/gofiber/fiber/v2" ) diff --git a/pkg/internal/http/api/statuses_api.go b/pkg/internal/http/api/statuses_api.go index 2002131..e13296d 100644 --- a/pkg/internal/http/api/statuses_api.go +++ b/pkg/internal/http/api/statuses_api.go @@ -5,9 +5,9 @@ import ( "strconv" "time" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" "github.com/gofiber/fiber/v2" "github.com/samber/lo" diff --git a/pkg/internal/http/exts/auth.go b/pkg/internal/http/exts/auth.go index 26c6c41..81b2fc9 100644 --- a/pkg/internal/http/exts/auth.go +++ b/pkg/internal/http/exts/auth.go @@ -2,13 +2,13 @@ package exts import ( "fmt" - "git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/services" + "git.solsynth.dev/hypernet/nexus/pkg/nex/sec" "github.com/gofiber/fiber/v2" ) func EnsureAuthenticated(c *fiber.Ctx) error { - if _, ok := c.Locals("user").(models.Account); !ok { + if _, ok := c.Locals("nex_user").(*sec.UserInfo); !ok { return fiber.NewError(fiber.StatusUnauthorized) } @@ -19,7 +19,7 @@ func EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error { if err := EnsureAuthenticated(c); err != nil { return err } - perms := c.Locals("user").(*sec.UserInfo).PermNodes + perms := c.Locals("nex_user").(*sec.UserInfo).PermNodes if !services.HasPermNode(perms, key, val) { return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key)) } diff --git a/pkg/internal/http/server.go b/pkg/internal/http/server.go index ea53d08..37efba1 100644 --- a/pkg/internal/http/server.go +++ b/pkg/internal/http/server.go @@ -1,6 +1,7 @@ package http import ( + "git.solsynth.dev/hydrogen/passport/pkg/authkit" "git.solsynth.dev/hypernet/nexus/pkg/nex/sec" "strings" @@ -56,6 +57,7 @@ func NewServer() *App { })) app.Use(sec.ContextMiddleware(IReader)) + app.Use(authkit.ParseAccountMiddleware) admin.MapAdminAPIs(app, "/api/admin") api.MapAPIs(app, "/api") diff --git a/pkg/internal/services/reports.go b/pkg/internal/services/reports.go index e1de7d6..4043e7b 100644 --- a/pkg/internal/services/reports.go +++ b/pkg/internal/services/reports.go @@ -2,6 +2,7 @@ package services import ( "fmt" + "git.solsynth.dev/hydrogen/passport/pkg/authkit/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/database" ) diff --git a/pkg/main.go b/pkg/main.go index c246613..7534429 100644 --- a/pkg/main.go +++ b/pkg/main.go @@ -58,6 +58,18 @@ func main() { http.IReader = reader log.Info().Msg("Internal jwt public key loaded.") } + if reader, err := sec.NewJwtReader(viper.GetString("security.public_key")); err != nil { + log.Error().Err(err).Msg("An error occurred when reading public key for jwt. Signing token may not work.") + } else { + services.EReader = reader + log.Info().Msg("Jwt public key loaded.") + } + if writer, err := sec.NewJwtWriter(viper.GetString("security.private_key")); err != nil { + log.Error().Err(err).Msg("An error occurred when reading private key for jwt. Signing token may not work.") + } else { + services.EWriter = writer + log.Info().Msg("Jwt private key loaded.") + } // Connect to database if err := database.NewGorm(); err != nil { diff --git a/settings.toml b/settings.toml index b561e64..5dae74c 100644 --- a/settings.toml +++ b/settings.toml @@ -20,9 +20,8 @@ database = false print_routes = false [security] -issuer = "https://solsynth.dev" -cookie_domain = "localhost" -cookie_samesite = "Lax" -access_token_duration = 300 +access_token_duration = 3000 refresh_token_duration = 2592000 +public_key = "keys/public_key.pem" +private_key = "keys/private_key.pem" internal_public_key = "keys/internal_public_key.pem"