Passport/pkg/grpc/auth.go

package grpc

import (
	"context"
	"fmt"

	"git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"
	"git.solsynth.dev/hydrogen/passport/pkg/services"
	jsoniter "github.com/json-iterator/go"
	"github.com/samber/lo"
	"github.com/spf13/viper"
)

func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.AuthReply, error) {
	ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)
	if err != nil {
		return &proto.AuthReply{
			IsValid: false,
		}, nil
	} else {
		user := ctx.Account
		rawPerms, _ := jsoniter.Marshal(perms)

		userinfo := &proto.Userinfo{
			Id:          uint64(user.ID),
			Name:        user.Name,
			Nick:        user.Nick,
			Email:       user.GetPrimaryEmail().Content,
			Description: &user.Description,
		}

		if user.Avatar != nil {
			userinfo.Avatar = fmt.Sprintf("%s/api/attachments/%d", viper.GetString("paperclip.endpoint"), *user.Avatar)
		}
		if user.Banner != nil {
			userinfo.Banner = fmt.Sprintf("%s/api/attachments/%d", viper.GetString("paperclip.endpoint"), *user.Banner)
		}

		return &proto.AuthReply{
			IsValid:      true,
			AccessToken:  &atk,
			RefreshToken: &rtk,
			Permissions:  rawPerms,
			TicketId:     lo.ToPtr(uint64(ctx.Ticket.ID)),
			Userinfo:     userinfo,
		}, nil
	}
}

func (v *Server) CheckPerm(_ context.Context, in *proto.CheckPermRequest) (*proto.CheckPermReply, error) {
	claims, err := services.DecodeJwt(in.GetToken())
	if err != nil {
		return nil, err
	}
	ctx, err := services.GetAuthContext(claims.ID)
	if err != nil {
		return nil, err
	}

	var heldPerms map[string]any
	rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)
	_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)

	var value any
	_ = jsoniter.Unmarshal(in.GetValue(), &value)
	perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)
	valid := services.HasPermNode(perms, in.GetKey(), value)

	return &proto.CheckPermReply{
		IsValid: valid,
	}, nil
}
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`package grpc`

			`import (`
			`"context"`
			`"fmt"`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00
:truck: Rename package 2024-04-13 05:48:19 +00:00			`"git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"`
			`"git.solsynth.dev/hydrogen/passport/pkg/services"`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`jsoniter "github.com/json-iterator/go"`
			`"github.com/samber/lo"`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`"github.com/spf13/viper"`
			`)`

			`func (v Server) Authenticate(_ context.Context, in proto.AuthRequest) (*proto.AuthReply, error) {`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`if err != nil {`
			`return &proto.AuthReply{`
			`IsValid: false,`
			`}, nil`
			`} else {`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`user := ctx.Account`
:sparkles: Basis perm nodes feature 2024-05-17 09:13:11 +00:00			`rawPerms, _ := jsoniter.Marshal(perms)`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00
			`userinfo := &proto.Userinfo{`
			`Id: uint64(user.ID),`
			`Name: user.Name,`
			`Nick: user.Nick,`
			`Email: user.GetPrimaryEmail().Content,`
			`Description: &user.Description,`
			`}`

			`if user.Avatar != nil {`
			`userinfo.Avatar = fmt.Sprintf("%s/api/attachments/%d", viper.GetString("paperclip.endpoint"), *user.Avatar)`
			`}`
			`if user.Banner != nil {`
			`userinfo.Banner = fmt.Sprintf("%s/api/attachments/%d", viper.GetString("paperclip.endpoint"), *user.Banner)`
			`}`

:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`return &proto.AuthReply{`
			`IsValid: true,`
			`AccessToken: &atk,`
			`RefreshToken: &rtk,`
:sparkles: Basis perm nodes feature 2024-05-17 09:13:11 +00:00			`Permissions: rawPerms,`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`TicketId: lo.ToPtr(uint64(ctx.Ticket.ID)),`
:bug: Bug fixes in grpc unable to get avatar and banner url 2024-05-22 15:21:31 +00:00			`Userinfo: userinfo,`
:zap: Add a cache layer in auth to speed up auth 2024-03-22 16:28:27 +00:00			`}, nil`
			`}`
			`}`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00
			`func (v Server) CheckPerm(_ context.Context, in proto.CheckPermRequest) (*proto.CheckPermReply, error) {`
			`claims, err := services.DecodeJwt(in.GetToken())`
			`if err != nil {`
			`return nil, err`
			`}`
			`ctx, err := services.GetAuthContext(claims.ID)`
			`if err != nil {`
			`return nil, err`
			`}`

:bug: Fix decoding permission nodes from db 2024-05-17 12:34:34 +00:00			`var heldPerms map[string]any`
			`rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)`
			`_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)`

:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`var value any`
			`_ = jsoniter.Unmarshal(in.GetValue(), &value)`
:bug: Fix decoding permission nodes from db 2024-05-17 12:34:34 +00:00			`perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)`
:sparkles: Check permissions GRPC method 2024-05-17 12:14:20 +00:00			`valid := services.HasPermNode(perms, in.GetKey(), value)`

			`return &proto.CheckPermReply{`
			`IsValid: valid,`
			`}, nil`
			`}`