block-accounting/backend/internal/interface/rest/controllers/auth.go

290 lines
8.2 KiB
Go
Raw Normal View History

2024-05-24 17:44:24 +00:00
package controllers
import (
"context"
2024-05-26 00:30:35 +00:00
"crypto/sha256"
"encoding/base64"
2024-05-24 17:44:24 +00:00
"errors"
"fmt"
"log/slog"
"net/http"
2024-05-26 00:30:35 +00:00
"strings"
2024-05-24 17:44:24 +00:00
"time"
"github.com/emochka2007/block-accounting/internal/interface/rest/domain"
"github.com/emochka2007/block-accounting/internal/interface/rest/presenters"
"github.com/emochka2007/block-accounting/internal/pkg/bip39"
2024-05-26 00:30:35 +00:00
"github.com/emochka2007/block-accounting/internal/pkg/ctxmeta"
2024-05-24 17:44:24 +00:00
"github.com/emochka2007/block-accounting/internal/pkg/hdwallet"
"github.com/emochka2007/block-accounting/internal/usecase/interactors/jwt"
2024-05-27 18:08:19 +00:00
"github.com/emochka2007/block-accounting/internal/usecase/interactors/organizations"
2024-05-24 17:44:24 +00:00
"github.com/emochka2007/block-accounting/internal/usecase/interactors/users"
2024-05-26 00:30:35 +00:00
"github.com/emochka2007/block-accounting/internal/usecase/repository/auth"
2024-05-27 18:08:19 +00:00
"github.com/go-chi/chi/v5"
2024-05-24 17:44:24 +00:00
)
var (
ErrorAuthInvalidMnemonic = errors.New("invalid mnemonic")
ErrorTokenRequired = errors.New("token required")
)
type AuthController interface {
Join(w http.ResponseWriter, req *http.Request) ([]byte, error)
JoinWithInvite(w http.ResponseWriter, req *http.Request) ([]byte, error)
Login(w http.ResponseWriter, req *http.Request) ([]byte, error)
Invite(w http.ResponseWriter, req *http.Request) ([]byte, error)
Refresh(w http.ResponseWriter, req *http.Request) ([]byte, error)
2024-05-26 19:39:25 +00:00
InviteGet(w http.ResponseWriter, req *http.Request) ([]byte, error)
2024-05-24 17:44:24 +00:00
}
type authController struct {
log *slog.Logger
presenter presenters.AuthPresenter
usersInteractor users.UsersInteractor
jwtInteractor jwt.JWTInteractor
2024-05-26 00:30:35 +00:00
repo auth.Repository
2024-05-27 18:08:19 +00:00
orgInteractor organizations.OrganizationsInteractor
2024-05-24 17:44:24 +00:00
}
func NewAuthController(
log *slog.Logger,
presenter presenters.AuthPresenter,
usersInteractor users.UsersInteractor,
jwtInteractor jwt.JWTInteractor,
2024-05-26 00:30:35 +00:00
repo auth.Repository,
2024-05-27 18:08:19 +00:00
orgInteractor organizations.OrganizationsInteractor,
2024-05-24 17:44:24 +00:00
) AuthController {
return &authController{
log: log,
presenter: presenter,
usersInteractor: usersInteractor,
jwtInteractor: jwtInteractor,
2024-05-26 00:30:35 +00:00
repo: repo,
2024-05-27 18:08:19 +00:00
orgInteractor: orgInteractor,
2024-05-24 17:44:24 +00:00
}
}
func (c *authController) Join(w http.ResponseWriter, req *http.Request) ([]byte, error) {
request, err := presenters.CreateRequest[domain.JoinRequest](req)
if err != nil {
return nil, fmt.Errorf("error create join request. %w", err)
}
c.log.Debug("join request", slog.String("mnemonic", request.Mnemonic))
if !bip39.IsMnemonicValid(request.Mnemonic) {
return nil, fmt.Errorf("error invalid mnemonic. %w", ErrorAuthInvalidMnemonic)
}
ctx, cancel := context.WithTimeout(req.Context(), 3*time.Second)
defer cancel()
user, err := c.usersInteractor.Create(ctx, users.CreateParams{
Name: request.Name,
Email: request.Credentals.Email,
Phone: request.Credentals.Phone,
Tg: request.Credentals.Telegram,
Mnemonic: request.Mnemonic,
Activate: true,
2024-05-27 18:08:19 +00:00
Owner: true,
Admin: true,
2024-05-24 17:44:24 +00:00
})
if err != nil {
return nil, fmt.Errorf("error create new user. %w", err)
}
c.log.Debug("join request", slog.String("user id", user.ID.String()))
return c.presenter.ResponseJoin(user)
}
// NIT: wrap with idempotent action handler
func (c *authController) Login(w http.ResponseWriter, req *http.Request) ([]byte, error) {
request, err := presenters.CreateRequest[domain.LoginRequest](req)
if err != nil {
return nil, fmt.Errorf("error create login request. %w", err)
}
c.log.Debug("login request", slog.String("mnemonic", request.Mnemonic))
ctx, cancel := context.WithTimeout(req.Context(), 3*time.Second)
defer cancel()
seed, err := hdwallet.NewSeedFromMnemonic(request.Mnemonic)
if err != nil {
return nil, fmt.Errorf("error create seed from mnemonic. %w", err)
}
users, err := c.usersInteractor.Get(ctx, users.GetParams{
Seed: seed,
})
if err != nil {
return nil, fmt.Errorf("error fetch user by seed. %w", err)
}
if len(users) == 0 {
return nil, fmt.Errorf("error empty users set")
}
c.log.Debug("login request", slog.String("user id", users[0].ID.String()))
return c.presenter.ResponseLogin(users[0])
}
func (c *authController) Refresh(w http.ResponseWriter, req *http.Request) ([]byte, error) {
request, err := presenters.CreateRequest[domain.RefreshRequest](req)
if err != nil {
return nil, fmt.Errorf("error create refresh request. %w", err)
}
c.log.Debug(
"refresh request",
slog.String("token", request.Token),
slog.String("refresh_token", request.RefreshToken),
)
ctx, cancel := context.WithTimeout(req.Context(), 3*time.Second)
defer cancel()
newTokens, err := c.jwtInteractor.RefreshToken(ctx, request.Token, request.RefreshToken)
if err != nil {
return nil, fmt.Errorf("error refresh access token. %w", err)
}
return c.presenter.ResponseRefresh(newTokens)
}
// const mnemonicEntropyBitSize int = 256
2024-05-26 00:30:35 +00:00
func (c *authController) Invite(w http.ResponseWriter, r *http.Request) ([]byte, error) {
request, err := presenters.CreateRequest[domain.NewInviteLinkRequest](r)
if err != nil {
return nil, fmt.Errorf("error create refresh request. %w", err)
}
organizationID, err := ctxmeta.OrganizationId(r.Context())
if err != nil {
return nil, fmt.Errorf("error fetch organization id from context. %w", err)
}
user, err := ctxmeta.User(r.Context())
if err != nil {
return nil, fmt.Errorf("error fetch user from context. %w", err)
}
c.log.Debug(
"invite request",
slog.Int("exp at", request.ExpirationDate),
slog.String("org id", organizationID.String()),
slog.String("inviter id", user.Id().String()),
)
ctx, cancel := context.WithTimeout(r.Context(), 3*time.Second)
defer cancel()
linkHash := sha256.New()
linkHash.Write([]byte(
user.Id().String() + organizationID.String() + time.Now().String(),
))
linkHashString := strings.ReplaceAll(
strings.ReplaceAll(
strings.ReplaceAll(
base64.StdEncoding.EncodeToString(linkHash.Sum(nil)),
2024-05-27 18:08:19 +00:00
"/", "$",
2024-05-26 00:30:35 +00:00
),
"?", "@",
),
"&", "#",
)
2024-05-26 19:39:25 +00:00
createdAt := time.Now()
expDate := createdAt.Add(time.Hour * 24 * 7)
if request.ExpirationDate > 0 {
expDate = time.UnixMilli(int64(request.ExpirationDate))
}
2024-05-26 00:30:35 +00:00
c.log.Debug(
"",
slog.String("link", linkHashString),
)
if err := c.repo.AddInvite(ctx, auth.AddInviteParams{
2024-05-26 19:39:25 +00:00
LinkHash: linkHashString,
OrganizationID: organizationID,
CreatedBy: *user,
CreatedAt: createdAt,
ExpiredAt: expDate,
2024-05-26 00:30:35 +00:00
}); err != nil {
return nil, fmt.Errorf("error add new invite link. %w", err)
}
2024-05-24 17:44:24 +00:00
2024-05-26 00:30:35 +00:00
return c.presenter.ResponseNewInvite(ctx, organizationID, linkHashString)
2024-05-24 17:44:24 +00:00
}
2024-05-27 18:08:19 +00:00
func (c *authController) JoinWithInvite(w http.ResponseWriter, r *http.Request) ([]byte, error) {
c.log.Debug("join with link request")
2024-05-26 19:39:25 +00:00
2024-05-27 18:08:19 +00:00
request, err := presenters.CreateRequest[domain.JoinRequest](r)
if err != nil {
return nil, fmt.Errorf("error create join request. %w", err)
}
c.log.Debug("join with invite request", slog.Any("request", request))
if !bip39.IsMnemonicValid(request.Mnemonic) {
return nil, fmt.Errorf("error invalid mnemonic. %w", ErrorAuthInvalidMnemonic)
}
hash := chi.URLParam(r, "hash")
if hash == "" {
return nil, fmt.Errorf("error fetch invite hash from request")
}
usedAt := time.Now()
ctx, cancel := context.WithTimeout(r.Context(), 5*time.Second)
defer cancel()
organizationID, err := c.repo.MarkAsUsedLink(ctx, hash, usedAt)
if err != nil {
return nil, fmt.Errorf("error mark invite link as used. %w", err)
}
user, err := c.usersInteractor.Create(ctx, users.CreateParams{
Name: request.Name,
Email: request.Credentals.Email,
Phone: request.Credentals.Phone,
Tg: request.Credentals.Telegram,
Mnemonic: request.Mnemonic,
Activate: true,
})
if err != nil {
return nil, fmt.Errorf("error create new user with invire link. %w", err)
}
if err = c.orgInteractor.AddUser(ctx, organizations.AddUserParams{
User: user,
OrganizationID: organizationID,
SkipRights: true,
}); err != nil {
c.log.Error(
"error add user into organization",
slog.String("organization id", organizationID.String()),
slog.String("user id", user.Id().String()),
slog.String("invire hash", hash),
)
return nil, fmt.Errorf("error add user into organization. %w", err)
}
return c.presenter.ResponseJoin(user)
2024-05-24 17:44:24 +00:00
}
2024-05-26 19:39:25 +00:00
2024-05-27 18:08:19 +00:00
func (c *authController) InviteGet(w http.ResponseWriter, r *http.Request) ([]byte, error) {
2024-05-26 19:39:25 +00:00
return presenters.ResponseOK()
}