diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 29e883c..0a6e27f 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -4,74 +4,27 @@
-
-
+
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
+
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
@@ -106,34 +59,34 @@
- {
- "keyToString": {
- "DefaultGoTemplateProperty": "Go File",
- "Go Build.Backend.executor": "Debug",
- "Go 构建.Backend.executor": "Run",
- "RunOnceActivity.ShowReadmeOnStart": "true",
- "RunOnceActivity.go.formatter.settings.were.checked": "true",
- "RunOnceActivity.go.migrated.go.modules.settings": "true",
- "RunOnceActivity.go.modules.automatic.dependencies.download": "true",
- "RunOnceActivity.go.modules.go.list.on.any.changes.was.set": "true",
- "git-widget-placeholder": "refactor/nexus",
- "go.import.settings.migrated": "true",
- "go.sdk.automatically.set": "true",
- "last_opened_file_path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/keys",
- "node.js.detected.package.eslint": "true",
- "node.js.selected.package.eslint": "(autodetect)",
- "nodejs_package_manager_path": "npm",
- "run.code.analysis.last.selected.profile": "pProject Default",
- "settings.editor.selected.configurable": "preferences.intentionPowerPack",
- "ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib",
- "vue.rearranger.settings.migration": "true"
+
+}]]>
@@ -205,7 +158,7 @@
-
+
@@ -218,9 +171,7 @@
-
-
-
+
@@ -243,7 +194,11 @@
-
+
+
+
+
+
true
diff --git a/go.mod b/go.mod
index a2e4e82..2495b26 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module git.solsynth.dev/hydrogen/passport
go 1.23.2
require (
- git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027
+ git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297
git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e
github.com/dgraph-io/ristretto v0.1.1
github.com/eko/gocache/lib/v4 v4.1.6
diff --git a/go.sum b/go.sum
index 2424d37..2a83da0 100644
--- a/go.sum
+++ b/go.sum
@@ -43,6 +43,8 @@ git.solsynth.dev/hypernet/nexus v0.0.0-20241030153909-06c5fadb42c7 h1:fftdwNCLtr
git.solsynth.dev/hypernet/nexus v0.0.0-20241030153909-06c5fadb42c7/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI=
git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027 h1:F0mKuUpoRm+Nj0M4xNa2CkrXSmeONpIHwrvzwSKeux4=
git.solsynth.dev/hypernet/nexus v0.0.0-20241030154425-f9b6cd2e2027/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI=
+git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297 h1:g9huTJFUKPESCKWkcGpVm2RRInGkcwkbL8yR8SBjTFo=
+git.solsynth.dev/hypernet/nexus v0.0.0-20241030155904-3f6ea11d2297/go.mod h1:fXQsHXGio+7/0U95IitKF07wS4yTdCMp5ms8wpFBwVI=
git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e h1:DtHhMjgxS/spUt/KEdbRFtaVnepI6Vx8pbHdJaNH1hs=
git.solsynth.dev/hypernet/pusher v0.0.0-20241026153052-cd2c326efa4e/go.mod h1:XHTqFU/vBe4JiuAjl87GUcL8+w/IizSNoqH6n3WkQFc=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
diff --git a/pkg/internal/gap/server.go b/pkg/internal/gap/server.go
index ce830f2..91843e4 100644
--- a/pkg/internal/gap/server.go
+++ b/pkg/internal/gap/server.go
@@ -30,7 +30,7 @@ func InitializeToNexus() error {
Type: nex.ServiceTypeAuth,
Label: "Passport",
GrpcAddr: grpcOutbound,
- HttpAddr: lo.ToPtr("http://" + httpOutbound),
+ HttpAddr: lo.ToPtr("http://" + httpOutbound + "/api"),
})
if err == nil {
go func() {
diff --git a/pkg/internal/http/admin/permissions_api.go b/pkg/internal/http/admin/permissions_api.go
index 927edb4..743d97b 100644
--- a/pkg/internal/http/admin/permissions_api.go
+++ b/pkg/internal/http/admin/permissions_api.go
@@ -3,9 +3,9 @@ package admin
import (
"fmt"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
)
diff --git a/pkg/internal/http/api/accounts_api.go b/pkg/internal/http/api/accounts_api.go
index fcae350..017ae36 100644
--- a/pkg/internal/http/api/accounts_api.go
+++ b/pkg/internal/http/api/accounts_api.go
@@ -2,14 +2,15 @@ package api
import (
"fmt"
+ "git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
"strconv"
"strings"
"time"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
jsoniter "github.com/json-iterator/go"
@@ -59,7 +60,7 @@ func getUserinfo(c *fiber.Ctx) error {
First(&data).Error; err != nil {
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
} else {
- data.PermNodes = c.Locals("permissions").(map[string]any)
+ data.PermNodes = c.Locals("nex_user").(*sec.UserInfo).PermNodes
}
var resp fiber.Map
diff --git a/pkg/internal/http/api/avatar_api.go b/pkg/internal/http/api/avatar_api.go
index 7be6833..94e3971 100644
--- a/pkg/internal/http/api/avatar_api.go
+++ b/pkg/internal/http/api/avatar_api.go
@@ -1,9 +1,9 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"strconv"
diff --git a/pkg/internal/http/api/bots_api.go b/pkg/internal/http/api/bots_api.go
index ea6be10..9bcb88f 100644
--- a/pkg/internal/http/api/bots_api.go
+++ b/pkg/internal/http/api/bots_api.go
@@ -1,9 +1,9 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"github.com/samber/lo"
diff --git a/pkg/internal/http/api/notifications_api.go b/pkg/internal/http/api/notifications_api.go
index b6ddb1c..cf674f8 100644
--- a/pkg/internal/http/api/notifications_api.go
+++ b/pkg/internal/http/api/notifications_api.go
@@ -1,9 +1,9 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"github.com/samber/lo"
diff --git a/pkg/internal/http/api/notify_api.go b/pkg/internal/http/api/notify_api.go
index 03b73c9..23d32a6 100644
--- a/pkg/internal/http/api/notify_api.go
+++ b/pkg/internal/http/api/notify_api.go
@@ -3,8 +3,8 @@ package api
import (
"fmt"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
)
diff --git a/pkg/internal/http/api/oauth_api.go b/pkg/internal/http/api/oauth_api.go
index 04cd938..6fafdd6 100755
--- a/pkg/internal/http/api/oauth_api.go
+++ b/pkg/internal/http/api/oauth_api.go
@@ -6,8 +6,8 @@ import (
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"github.com/samber/lo"
diff --git a/pkg/internal/http/api/relationships_api.go b/pkg/internal/http/api/relationships_api.go
index bc5be5c..6eec600 100644
--- a/pkg/internal/http/api/relationships_api.go
+++ b/pkg/internal/http/api/relationships_api.go
@@ -1,8 +1,8 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"strconv"
diff --git a/pkg/internal/http/api/reports_api.go b/pkg/internal/http/api/reports_api.go
index 1cae138..d6c4172 100644
--- a/pkg/internal/http/api/reports_api.go
+++ b/pkg/internal/http/api/reports_api.go
@@ -1,8 +1,8 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
)
diff --git a/pkg/internal/http/api/security_api.go b/pkg/internal/http/api/security_api.go
index fdb624b..ad3d9de 100644
--- a/pkg/internal/http/api/security_api.go
+++ b/pkg/internal/http/api/security_api.go
@@ -1,9 +1,9 @@
package api
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"github.com/gofiber/fiber/v2"
)
diff --git a/pkg/internal/http/api/statuses_api.go b/pkg/internal/http/api/statuses_api.go
index 2002131..e13296d 100644
--- a/pkg/internal/http/api/statuses_api.go
+++ b/pkg/internal/http/api/statuses_api.go
@@ -5,9 +5,9 @@ import (
"strconv"
"time"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/http/exts"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2"
"github.com/samber/lo"
diff --git a/pkg/internal/http/exts/auth.go b/pkg/internal/http/exts/auth.go
index 26c6c41..81b2fc9 100644
--- a/pkg/internal/http/exts/auth.go
+++ b/pkg/internal/http/exts/auth.go
@@ -2,13 +2,13 @@ package exts
import (
"fmt"
- "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
+ "git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
"github.com/gofiber/fiber/v2"
)
func EnsureAuthenticated(c *fiber.Ctx) error {
- if _, ok := c.Locals("user").(models.Account); !ok {
+ if _, ok := c.Locals("nex_user").(*sec.UserInfo); !ok {
return fiber.NewError(fiber.StatusUnauthorized)
}
@@ -19,7 +19,7 @@ func EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error {
if err := EnsureAuthenticated(c); err != nil {
return err
}
- perms := c.Locals("user").(*sec.UserInfo).PermNodes
+ perms := c.Locals("nex_user").(*sec.UserInfo).PermNodes
if !services.HasPermNode(perms, key, val) {
return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("missing permission: %s", key))
}
diff --git a/pkg/internal/http/server.go b/pkg/internal/http/server.go
index ea53d08..37efba1 100644
--- a/pkg/internal/http/server.go
+++ b/pkg/internal/http/server.go
@@ -1,6 +1,7 @@
package http
import (
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit"
"git.solsynth.dev/hypernet/nexus/pkg/nex/sec"
"strings"
@@ -56,6 +57,7 @@ func NewServer() *App {
}))
app.Use(sec.ContextMiddleware(IReader))
+ app.Use(authkit.ParseAccountMiddleware)
admin.MapAdminAPIs(app, "/api/admin")
api.MapAPIs(app, "/api")
diff --git a/pkg/internal/services/reports.go b/pkg/internal/services/reports.go
index e1de7d6..4043e7b 100644
--- a/pkg/internal/services/reports.go
+++ b/pkg/internal/services/reports.go
@@ -2,6 +2,7 @@ package services
import (
"fmt"
+ "git.solsynth.dev/hydrogen/passport/pkg/authkit/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
)
diff --git a/pkg/main.go b/pkg/main.go
index c246613..7534429 100644
--- a/pkg/main.go
+++ b/pkg/main.go
@@ -58,6 +58,18 @@ func main() {
http.IReader = reader
log.Info().Msg("Internal jwt public key loaded.")
}
+ if reader, err := sec.NewJwtReader(viper.GetString("security.public_key")); err != nil {
+ log.Error().Err(err).Msg("An error occurred when reading public key for jwt. Signing token may not work.")
+ } else {
+ services.EReader = reader
+ log.Info().Msg("Jwt public key loaded.")
+ }
+ if writer, err := sec.NewJwtWriter(viper.GetString("security.private_key")); err != nil {
+ log.Error().Err(err).Msg("An error occurred when reading private key for jwt. Signing token may not work.")
+ } else {
+ services.EWriter = writer
+ log.Info().Msg("Jwt private key loaded.")
+ }
// Connect to database
if err := database.NewGorm(); err != nil {
diff --git a/settings.toml b/settings.toml
index b561e64..5dae74c 100644
--- a/settings.toml
+++ b/settings.toml
@@ -20,9 +20,8 @@ database = false
print_routes = false
[security]
-issuer = "https://solsynth.dev"
-cookie_domain = "localhost"
-cookie_samesite = "Lax"
-access_token_duration = 300
+access_token_duration = 3000
refresh_token_duration = 2592000
+public_key = "keys/public_key.pem"
+private_key = "keys/private_key.pem"
internal_public_key = "keys/internal_public_key.pem"