2024-03-22 16:28:27 +00:00
|
|
|
package grpc
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"fmt"
|
2024-04-13 05:48:19 +00:00
|
|
|
"git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"
|
|
|
|
"git.solsynth.dev/hydrogen/passport/pkg/services"
|
2024-05-17 12:14:20 +00:00
|
|
|
jsoniter "github.com/json-iterator/go"
|
|
|
|
"github.com/samber/lo"
|
2024-03-22 16:28:27 +00:00
|
|
|
"github.com/spf13/viper"
|
|
|
|
)
|
|
|
|
|
|
|
|
func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.AuthReply, error) {
|
2024-05-17 12:14:20 +00:00
|
|
|
ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)
|
2024-03-22 16:28:27 +00:00
|
|
|
if err != nil {
|
|
|
|
return &proto.AuthReply{
|
|
|
|
IsValid: false,
|
|
|
|
}, nil
|
|
|
|
} else {
|
2024-05-17 12:14:20 +00:00
|
|
|
user := ctx.Account
|
2024-05-17 09:13:11 +00:00
|
|
|
rawPerms, _ := jsoniter.Marshal(perms)
|
2024-03-22 16:28:27 +00:00
|
|
|
return &proto.AuthReply{
|
|
|
|
IsValid: true,
|
|
|
|
AccessToken: &atk,
|
|
|
|
RefreshToken: &rtk,
|
2024-05-17 09:13:11 +00:00
|
|
|
Permissions: rawPerms,
|
2024-05-17 12:14:20 +00:00
|
|
|
TicketId: lo.ToPtr(uint64(ctx.Ticket.ID)),
|
2024-03-22 16:28:27 +00:00
|
|
|
Userinfo: &proto.Userinfo{
|
|
|
|
Id: uint64(user.ID),
|
|
|
|
Name: user.Name,
|
|
|
|
Nick: user.Nick,
|
|
|
|
Email: user.GetPrimaryEmail().Content,
|
2024-05-18 09:24:14 +00:00
|
|
|
Avatar: fmt.Sprintf("%s/api/attachments/%s", viper.GetString("paperclip.endpoint"), user.Avatar),
|
|
|
|
Banner: fmt.Sprintf("%s/api/attachments/%s", viper.GetString("paperclip.endpoint"), user.Banner),
|
2024-03-22 16:28:27 +00:00
|
|
|
Description: &user.Description,
|
|
|
|
},
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
}
|
2024-05-17 12:14:20 +00:00
|
|
|
|
|
|
|
func (v *Server) CheckPerm(_ context.Context, in *proto.CheckPermRequest) (*proto.CheckPermReply, error) {
|
|
|
|
claims, err := services.DecodeJwt(in.GetToken())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
ctx, err := services.GetAuthContext(claims.ID)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2024-05-17 12:34:34 +00:00
|
|
|
var heldPerms map[string]any
|
|
|
|
rawHeldPerms, _ := jsoniter.Marshal(ctx.Account.PermNodes)
|
|
|
|
_ = jsoniter.Unmarshal(rawHeldPerms, &heldPerms)
|
|
|
|
|
2024-05-17 12:14:20 +00:00
|
|
|
var value any
|
|
|
|
_ = jsoniter.Unmarshal(in.GetValue(), &value)
|
2024-05-17 12:34:34 +00:00
|
|
|
perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)
|
2024-05-17 12:14:20 +00:00
|
|
|
valid := services.HasPermNode(perms, in.GetKey(), value)
|
|
|
|
|
|
|
|
return &proto.CheckPermReply{
|
|
|
|
IsValid: valid,
|
|
|
|
}, nil
|
|
|
|
}
|