nihonium/nyanimedb
1
0
Fork 1
Code Issues 12 Pull requests Releases Packages 3 Activity Actions

Merge branch 'auth' into front

Browse source
This commit is contained in:
nihonium 2025-11-23 03:35:04 +03:00
commit 034487e26a
Signed by: nihonium
GPG key ID: 0251623741027CFC
10 changed files with 1001 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Dockerfiles/Dockerfile_auth Normal file
View file

@ -0,0 +1,6 @@
FROM ubuntu:22.04
WORKDIR /app
COPY --chmod=755 modules/auth/auth /app
EXPOSE 8082
ENTRYPOINT ["/app/auth"]

249
auth/auth.gen.go Normal file
View file

@ -0,0 +1,249 @@
// Package auth provides primitives to interact with the openapi HTTP API.
//
// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.5.0 DO NOT EDIT.
package auth
import (
"context"
"encoding/json"
"fmt"
"net/http"
"github.com/gin-gonic/gin"
strictgin "github.com/oapi-codegen/runtime/strictmiddleware/gin"
)
// PostAuthSignInJSONBody defines parameters for PostAuthSignIn.
type PostAuthSignInJSONBody struct {
Nickname string `json:"nickname"`
Pass string `json:"pass"`
}
// PostAuthSignUpJSONBody defines parameters for PostAuthSignUp.
type PostAuthSignUpJSONBody struct {
Nickname string `json:"nickname"`
Pass string `json:"pass"`
}
// PostAuthSignInJSONRequestBody defines body for PostAuthSignIn for application/json ContentType.
type PostAuthSignInJSONRequestBody PostAuthSignInJSONBody
// PostAuthSignUpJSONRequestBody defines body for PostAuthSignUp for application/json ContentType.
type PostAuthSignUpJSONRequestBody PostAuthSignUpJSONBody
// ServerInterface represents all server handlers.
type ServerInterface interface {
// Sign in a user and return JWT
// (POST /auth/sign-in)
PostAuthSignIn(c *gin.Context)
// Sign up a new user
// (POST /auth/sign-up)
PostAuthSignUp(c *gin.Context)
}
// ServerInterfaceWrapper converts contexts to parameters.
type ServerInterfaceWrapper struct {
Handler ServerInterface
HandlerMiddlewares []MiddlewareFunc
ErrorHandler func(*gin.Context, error, int)
}
type MiddlewareFunc func(c *gin.Context)
// PostAuthSignIn operation middleware
func (siw *ServerInterfaceWrapper) PostAuthSignIn(c *gin.Context) {
for _, middleware := range siw.HandlerMiddlewares {
middleware(c)
if c.IsAborted() {
return
}
}
siw.Handler.PostAuthSignIn(c)
}
// PostAuthSignUp operation middleware
func (siw *ServerInterfaceWrapper) PostAuthSignUp(c *gin.Context) {
for _, middleware := range siw.HandlerMiddlewares {
middleware(c)
if c.IsAborted() {
return
}
}
siw.Handler.PostAuthSignUp(c)
}
// GinServerOptions provides options for the Gin server.
type GinServerOptions struct {
BaseURL string
Middlewares []MiddlewareFunc
ErrorHandler func(*gin.Context, error, int)
}
// RegisterHandlers creates http.Handler with routing matching OpenAPI spec.
func RegisterHandlers(router gin.IRouter, si ServerInterface) {
RegisterHandlersWithOptions(router, si, GinServerOptions{})
}
// RegisterHandlersWithOptions creates http.Handler with additional options
func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options GinServerOptions) {
errorHandler := options.ErrorHandler
if errorHandler == nil {
errorHandler = func(c *gin.Context, err error, statusCode int) {
c.JSON(statusCode, gin.H{"msg": err.Error()})
}
}
wrapper := ServerInterfaceWrapper{
Handler: si,
HandlerMiddlewares: options.Middlewares,
ErrorHandler: errorHandler,
}
router.POST(options.BaseURL+"/auth/sign-in", wrapper.PostAuthSignIn)
router.POST(options.BaseURL+"/auth/sign-up", wrapper.PostAuthSignUp)
}
type PostAuthSignInRequestObject struct {
Body *PostAuthSignInJSONRequestBody
}
type PostAuthSignInResponseObject interface {
VisitPostAuthSignInResponse(w http.ResponseWriter) error
}
type PostAuthSignIn200JSONResponse struct {
Error *string `json:"error"`
Success *bool `json:"success,omitempty"`
UserId *string `json:"user_id"`
}
func (response PostAuthSignIn200JSONResponse) VisitPostAuthSignInResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(200)
return json.NewEncoder(w).Encode(response)
}
type PostAuthSignIn401JSONResponse struct {
Error *string `json:"error,omitempty"`
}
func (response PostAuthSignIn401JSONResponse) VisitPostAuthSignInResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(401)
return json.NewEncoder(w).Encode(response)
}
type PostAuthSignUpRequestObject struct {
Body *PostAuthSignUpJSONRequestBody
}
type PostAuthSignUpResponseObject interface {
VisitPostAuthSignUpResponse(w http.ResponseWriter) error
}
type PostAuthSignUp200JSONResponse struct {
Error *string `json:"error"`
Success *bool `json:"success,omitempty"`
UserId *string `json:"user_id"`
}
func (response PostAuthSignUp200JSONResponse) VisitPostAuthSignUpResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(200)
return json.NewEncoder(w).Encode(response)
}
// StrictServerInterface represents all server handlers.
type StrictServerInterface interface {
// Sign in a user and return JWT
// (POST /auth/sign-in)
PostAuthSignIn(ctx context.Context, request PostAuthSignInRequestObject) (PostAuthSignInResponseObject, error)
// Sign up a new user
// (POST /auth/sign-up)
PostAuthSignUp(ctx context.Context, request PostAuthSignUpRequestObject) (PostAuthSignUpResponseObject, error)
}
type StrictHandlerFunc = strictgin.StrictGinHandlerFunc
type StrictMiddlewareFunc = strictgin.StrictGinMiddlewareFunc
func NewStrictHandler(ssi StrictServerInterface, middlewares []StrictMiddlewareFunc) ServerInterface {
return &strictHandler{ssi: ssi, middlewares: middlewares}
}
type strictHandler struct {
ssi StrictServerInterface
middlewares []StrictMiddlewareFunc
}
// PostAuthSignIn operation middleware
func (sh *strictHandler) PostAuthSignIn(ctx *gin.Context) {
var request PostAuthSignInRequestObject
var body PostAuthSignInJSONRequestBody
if err := ctx.ShouldBindJSON(&body); err != nil {
ctx.Status(http.StatusBadRequest)
ctx.Error(err)
return
}
request.Body = &body
handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
return sh.ssi.PostAuthSignIn(ctx, request.(PostAuthSignInRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "PostAuthSignIn")
}
response, err := handler(ctx, request)
if err != nil {
ctx.Error(err)
ctx.Status(http.StatusInternalServerError)
} else if validResponse, ok := response.(PostAuthSignInResponseObject); ok {
if err := validResponse.VisitPostAuthSignInResponse(ctx.Writer); err != nil {
ctx.Error(err)
}
} else if response != nil {
ctx.Error(fmt.Errorf("unexpected response type: %T", response))
}
}
// PostAuthSignUp operation middleware
func (sh *strictHandler) PostAuthSignUp(ctx *gin.Context) {
var request PostAuthSignUpRequestObject
var body PostAuthSignUpJSONRequestBody
if err := ctx.ShouldBindJSON(&body); err != nil {
ctx.Status(http.StatusBadRequest)
ctx.Error(err)
return
}
request.Body = &body
handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
return sh.ssi.PostAuthSignUp(ctx, request.(PostAuthSignUpRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "PostAuthSignUp")
}
response, err := handler(ctx, request)
if err != nil {
ctx.Error(err)
ctx.Status(http.StatusInternalServerError)
} else if validResponse, ok := response.(PostAuthSignUpResponseObject); ok {
if err := validResponse.VisitPostAuthSignUpResponse(ctx.Writer); err != nil {
ctx.Error(err)
}
} else if response != nil {
ctx.Error(fmt.Errorf("unexpected response type: %T", response))
}
}

329
auth/auth/auth.gen.go Normal file
View file

@ -0,0 +1,329 @@
// Package oapi_auth provides primitives to interact with the openapi HTTP API.
//
// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.5.0 DO NOT EDIT.
package oapi_auth
import (
"context"
"encoding/json"
"fmt"
"net/http"
"github.com/gin-gonic/gin"
strictgin "github.com/oapi-codegen/runtime/strictmiddleware/gin"
)
// PostAuthSignInJSONBody defines parameters for PostAuthSignIn.
type PostAuthSignInJSONBody struct {
Nickname string `json:"nickname"`
Pass string `json:"pass"`
}
// PostAuthSignUpJSONBody defines parameters for PostAuthSignUp.
type PostAuthSignUpJSONBody struct {
Nickname string `json:"nickname"`
Pass string `json:"pass"`
}
// PostAuthVerifyTokenJSONBody defines parameters for PostAuthVerifyToken.
type PostAuthVerifyTokenJSONBody struct {
// Token JWT token to validate
Token string `json:"token"`
}
// PostAuthSignInJSONRequestBody defines body for PostAuthSignIn for application/json ContentType.
type PostAuthSignInJSONRequestBody PostAuthSignInJSONBody
// PostAuthSignUpJSONRequestBody defines body for PostAuthSignUp for application/json ContentType.
type PostAuthSignUpJSONRequestBody PostAuthSignUpJSONBody
// PostAuthVerifyTokenJSONRequestBody defines body for PostAuthVerifyToken for application/json ContentType.
type PostAuthVerifyTokenJSONRequestBody PostAuthVerifyTokenJSONBody
// ServerInterface represents all server handlers.
type ServerInterface interface {
// Sign in a user and return JWT
// (POST /auth/sign-in)
PostAuthSignIn(c *gin.Context)
// Sign up a new user
// (POST /auth/sign-up)
PostAuthSignUp(c *gin.Context)
// Verify JWT validity
// (POST /auth/verify-token)
PostAuthVerifyToken(c *gin.Context)
}
// ServerInterfaceWrapper converts contexts to parameters.
type ServerInterfaceWrapper struct {
Handler ServerInterface
HandlerMiddlewares []MiddlewareFunc
ErrorHandler func(*gin.Context, error, int)
}
type MiddlewareFunc func(c *gin.Context)
// PostAuthSignIn operation middleware
func (siw *ServerInterfaceWrapper) PostAuthSignIn(c *gin.Context) {
for _, middleware := range siw.HandlerMiddlewares {
middleware(c)
if c.IsAborted() {
return
}
}
siw.Handler.PostAuthSignIn(c)
}
// PostAuthSignUp operation middleware
func (siw *ServerInterfaceWrapper) PostAuthSignUp(c *gin.Context) {
for _, middleware := range siw.HandlerMiddlewares {
middleware(c)
if c.IsAborted() {
return
}
}
siw.Handler.PostAuthSignUp(c)
}
// PostAuthVerifyToken operation middleware
func (siw *ServerInterfaceWrapper) PostAuthVerifyToken(c *gin.Context) {
for _, middleware := range siw.HandlerMiddlewares {
middleware(c)
if c.IsAborted() {
return
}
}
siw.Handler.PostAuthVerifyToken(c)
}
// GinServerOptions provides options for the Gin server.
type GinServerOptions struct {
BaseURL string
Middlewares []MiddlewareFunc
ErrorHandler func(*gin.Context, error, int)
}
// RegisterHandlers creates http.Handler with routing matching OpenAPI spec.
func RegisterHandlers(router gin.IRouter, si ServerInterface) {
RegisterHandlersWithOptions(router, si, GinServerOptions{})
}
// RegisterHandlersWithOptions creates http.Handler with additional options
func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options GinServerOptions) {
errorHandler := options.ErrorHandler
if errorHandler == nil {
errorHandler = func(c *gin.Context, err error, statusCode int) {
c.JSON(statusCode, gin.H{"msg": err.Error()})
}
}
wrapper := ServerInterfaceWrapper{
Handler: si,
HandlerMiddlewares: options.Middlewares,
ErrorHandler: errorHandler,
}
router.POST(options.BaseURL+"/auth/sign-in", wrapper.PostAuthSignIn)
router.POST(options.BaseURL+"/auth/sign-up", wrapper.PostAuthSignUp)
router.POST(options.BaseURL+"/auth/verify-token", wrapper.PostAuthVerifyToken)
}
type PostAuthSignInRequestObject struct {
Body *PostAuthSignInJSONRequestBody
}
type PostAuthSignInResponseObject interface {
VisitPostAuthSignInResponse(w http.ResponseWriter) error
}
type PostAuthSignIn200JSONResponse struct {
Error *string `json:"error"`
Success *bool `json:"success,omitempty"`
// Token JWT token to access protected endpoints
Token *string `json:"token"`
UserId *string `json:"user_id"`
}
func (response PostAuthSignIn200JSONResponse) VisitPostAuthSignInResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(200)
return json.NewEncoder(w).Encode(response)
}
type PostAuthSignUpRequestObject struct {
Body *PostAuthSignUpJSONRequestBody
}
type PostAuthSignUpResponseObject interface {
VisitPostAuthSignUpResponse(w http.ResponseWriter) error
}
type PostAuthSignUp200JSONResponse struct {
Error *string `json:"error"`
Success *bool `json:"success,omitempty"`
UserId *string `json:"user_id"`
}
func (response PostAuthSignUp200JSONResponse) VisitPostAuthSignUpResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(200)
return json.NewEncoder(w).Encode(response)
}
type PostAuthVerifyTokenRequestObject struct {
Body *PostAuthVerifyTokenJSONRequestBody
}
type PostAuthVerifyTokenResponseObject interface {
VisitPostAuthVerifyTokenResponse(w http.ResponseWriter) error
}
type PostAuthVerifyToken200JSONResponse struct {
// Error Error message if token is invalid
Error *string `json:"error"`
// UserId User ID extracted from token if valid
UserId *string `json:"user_id"`
// Valid True if token is valid
Valid *bool `json:"valid,omitempty"`
}
func (response PostAuthVerifyToken200JSONResponse) VisitPostAuthVerifyTokenResponse(w http.ResponseWriter) error {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(200)
return json.NewEncoder(w).Encode(response)
}
// StrictServerInterface represents all server handlers.
type StrictServerInterface interface {
// Sign in a user and return JWT
// (POST /auth/sign-in)
PostAuthSignIn(ctx context.Context, request PostAuthSignInRequestObject) (PostAuthSignInResponseObject, error)
// Sign up a new user
// (POST /auth/sign-up)
PostAuthSignUp(ctx context.Context, request PostAuthSignUpRequestObject) (PostAuthSignUpResponseObject, error)
// Verify JWT validity
// (POST /auth/verify-token)
PostAuthVerifyToken(ctx context.Context, request PostAuthVerifyTokenRequestObject) (PostAuthVerifyTokenResponseObject, error)
}
type StrictHandlerFunc = strictgin.StrictGinHandlerFunc
type StrictMiddlewareFunc = strictgin.StrictGinMiddlewareFunc
func NewStrictHandler(ssi StrictServerInterface, middlewares []StrictMiddlewareFunc) ServerInterface {
return &strictHandler{ssi: ssi, middlewares: middlewares}
}
type strictHandler struct {
ssi StrictServerInterface
middlewares []StrictMiddlewareFunc
}
// PostAuthSignIn operation middleware
func (sh *strictHandler) PostAuthSignIn(ctx *gin.Context) {
var request PostAuthSignInRequestObject
var body PostAuthSignInJSONRequestBody
if err := ctx.ShouldBindJSON(&body); err != nil {
ctx.Status(http.StatusBadRequest)
ctx.Error(err)
return
}
request.Body = &body
handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
return sh.ssi.PostAuthSignIn(ctx, request.(PostAuthSignInRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "PostAuthSignIn")
}
response, err := handler(ctx, request)
if err != nil {
ctx.Error(err)
ctx.Status(http.StatusInternalServerError)
} else if validResponse, ok := response.(PostAuthSignInResponseObject); ok {
if err := validResponse.VisitPostAuthSignInResponse(ctx.Writer); err != nil {
ctx.Error(err)
}
} else if response != nil {
ctx.Error(fmt.Errorf("unexpected response type: %T", response))
}
}
// PostAuthSignUp operation middleware
func (sh *strictHandler) PostAuthSignUp(ctx *gin.Context) {
var request PostAuthSignUpRequestObject
var body PostAuthSignUpJSONRequestBody
if err := ctx.ShouldBindJSON(&body); err != nil {
ctx.Status(http.StatusBadRequest)
ctx.Error(err)
return
}
request.Body = &body
handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
return sh.ssi.PostAuthSignUp(ctx, request.(PostAuthSignUpRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "PostAuthSignUp")
}
response, err := handler(ctx, request)
if err != nil {
ctx.Error(err)
ctx.Status(http.StatusInternalServerError)
} else if validResponse, ok := response.(PostAuthSignUpResponseObject); ok {
if err := validResponse.VisitPostAuthSignUpResponse(ctx.Writer); err != nil {
ctx.Error(err)
}
} else if response != nil {
ctx.Error(fmt.Errorf("unexpected response type: %T", response))
}
}
// PostAuthVerifyToken operation middleware
func (sh *strictHandler) PostAuthVerifyToken(ctx *gin.Context) {
var request PostAuthVerifyTokenRequestObject
var body PostAuthVerifyTokenJSONRequestBody
if err := ctx.ShouldBindJSON(&body); err != nil {
ctx.Status(http.StatusBadRequest)
ctx.Error(err)
return
}
request.Body = &body
handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
return sh.ssi.PostAuthVerifyToken(ctx, request.(PostAuthVerifyTokenRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "PostAuthVerifyToken")
}
response, err := handler(ctx, request)
if err != nil {
ctx.Error(err)
ctx.Status(http.StatusInternalServerError)
} else if validResponse, ok := response.(PostAuthVerifyTokenResponseObject); ok {
if err := validResponse.VisitPostAuthVerifyTokenResponse(ctx.Writer); err != nil {
ctx.Error(err)
}
} else if response != nil {
ctx.Error(fmt.Errorf("unexpected response type: %T", response))
}
}

6
auth/oapi-auth-codegen.yaml Normal file
View file

@ -0,0 +1,6 @@
package: auth
generate:
strict-server: true
gin-server: true
models: true
output: auth/auth.gen.go

167
auth/openapi-auth.yaml Normal file
View file

@ -0,0 +1,167 @@
openapi: 3.1.1
info:
title: Auth Service
version: 1.0.0
paths:
/auth/sign-up:
post:
summary: Sign up a new user
tags: [Auth]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [nickname, pass]
properties:
nickname:
type: string
pass:
type: string
format: password
responses:
"200":
description: Sign-up result
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
error:
type: string
nullable: true
user_id:
type: string
nullable: true
/auth/sign-in:
post:
summary: Sign in a user and return JWT
tags: [Auth]
requestBody:
required: true
content:
application/json:
schema:
type: object
required: [nickname, pass]
properties:
nickname:
type: string
pass:
type: string
format: password
responses:
"200":
description: Sign-in result with JWT
# headers:
# Set-Cookie:
# schema:
# type: array
# items:
# type: string
# explode: true
# style: simple
content:
application/json:
schema:
type: object
properties:
success:
type: boolean
error:
type: string
nullable: true
user_id:
type: string
nullable: true
"401":
description: Access denied due to invalid credentials
content:
application/json:
schema:
type: object
properties:
error:
type: string
example: "Access denied"
# /auth/verify-token:
# post:
# summary: Verify JWT validity
# tags: [Auth]
# requestBody:
# required: true
# content:
# application/json:
# schema:
# type: object
# required: [token]
# properties:
# token:
# type: string
# description: JWT token to validate
# responses:
# "200":
# description: Token validation result
# content:
# application/json:
# schema:
# type: object
# properties:
# valid:
# type: boolean
# description: True if token is valid
# user_id:
# type: string
# nullable: true
# description: User ID extracted from token if valid
# error:
# type: string
# nullable: true
# description: Error message if token is invalid
# /auth/refresh-token:
# post:
# summary: Refresh JWT using a refresh token
# tags: [Auth]
# requestBody:
# required: true
# content:
# application/json:
# schema:
# type: object
# required: [refresh_token]
# properties:
# refresh_token:
# type: string
# description: JWT refresh token obtained from sign-in
# responses:
# "200":
# description: New access (and optionally refresh) token
# content:
# application/json:
# schema:
# type: object
# properties:
# valid:
# type: boolean
# description: True if refresh token was valid
# user_id:
# type: string
# nullable: true
# description: User ID extracted from refresh token
# access_token:
# type: string
# description: New access token
# nullable: true
# refresh_token:
# type: string
# description: New refresh token (optional)
# nullable: true
# error:
# type: string
# nullable: true
# description: Error message if refresh token is invalid

1
go.mod
View file

@ -5,6 +5,7 @@ go 1.25.0
require ( require (
github.com/gin-contrib/cors v1.7.6 github.com/gin-contrib/cors v1.7.6
github.com/gin-gonic/gin v1.11.0 github.com/gin-gonic/gin v1.11.0
github.com/golang-jwt/jwt/v5 v5.3.0
github.com/jackc/pgx/v5 v5.7.6 github.com/jackc/pgx/v5 v5.7.6
github.com/oapi-codegen/runtime v1.1.2 github.com/oapi-codegen/runtime v1.1.2
github.com/pelletier/go-toml/v2 v2.2.4 github.com/pelletier/go-toml/v2 v2.2.4

2
go.sum
View file

@ -31,6 +31,8 @@ github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw= github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA= github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=

197
modules/auth/handlers/handlers.go Normal file
View file

@ -0,0 +1,197 @@
package handlers
import (
"context"
"fmt"
"log"
"net/http"
auth "nyanimedb/auth"
sqlc "nyanimedb/sql"
"strconv"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
)
var accessSecret = []byte("my_access_secret_key")
var refreshSecret = []byte("my_refresh_secret_key")
var UserDb = make(map[string]string) // TEMP: stores passwords
type Server struct {
db *sqlc.Queries
}
func NewServer(db *sqlc.Queries) Server {
return Server{db: db}
}
func parseInt64(s string) (int32, error) {
i, err := strconv.ParseInt(s, 10, 64)
return int32(i), err
}
func generateTokens(userID string) (accessToken string, refreshToken string, err error) {
accessClaims := jwt.MapClaims{
"user_id": userID,
"exp": time.Now().Add(15 * time.Minute).Unix(),
}
at := jwt.NewWithClaims(jwt.SigningMethodHS256, accessClaims)
accessToken, err = at.SignedString(accessSecret)
if err != nil {
return "", "", err
}
refreshClaims := jwt.MapClaims{
"user_id": userID,
"exp": time.Now().Add(7 * 24 * time.Hour).Unix(),
}
rt := jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims)
refreshToken, err = rt.SignedString(refreshSecret)
if err != nil {
return "", "", err
}
return accessToken, refreshToken, nil
}
func (s Server) PostAuthSignUp(ctx context.Context, req auth.PostAuthSignUpRequestObject) (auth.PostAuthSignUpResponseObject, error) {
err := ""
success := true
UserDb[req.Body.Nickname] = req.Body.Pass
return auth.PostAuthSignUp200JSONResponse{
Error: &err,
Success: &success,
UserId: &req.Body.Nickname,
}, nil
}
func (s Server) PostAuthSignIn(ctx context.Context, req auth.PostAuthSignInRequestObject) (auth.PostAuthSignInResponseObject, error) {
// ctx.SetCookie("122")
ginCtx, ok := ctx.Value(gin.ContextKey).(*gin.Context)
if !ok {
log.Print("failed to get gin context")
// TODO: change to 500
return auth.PostAuthSignIn200JSONResponse{}, fmt.Errorf("failed to get gin.Context from context.Context")
}
err := ""
success := true
pass, ok := UserDb[req.Body.Nickname]
if !ok || pass != req.Body.Pass {
e := "invalid credentials"
return auth.PostAuthSignIn401JSONResponse{
Error: &e,
}, nil
}
accessToken, refreshToken, _ := generateTokens(req.Body.Nickname)
ginCtx.SetSameSite(http.SameSiteStrictMode)
ginCtx.SetCookie("access_token", accessToken, 604800, "/auth", "", true, true)
ginCtx.SetCookie("refresh_token", refreshToken, 604800, "/api", "", true, true)
// Return access token; refresh token can be returned in response or HttpOnly cookie
result := auth.PostAuthSignIn200JSONResponse{
Error: &err,
Success: &success,
UserId: &req.Body.Nickname,
}
return result, nil
}
// func (s Server) PostAuthVerifyToken(ctx context.Context, req auth.PostAuthVerifyTokenRequestObject) (auth.PostAuthVerifyTokenResponseObject, error) {
// valid := false
// var userID *string
// var errStr *string
// token, err := jwt.Parse(req.Body.Token, func(t *jwt.Token) (interface{}, error) {
// if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
// return nil, fmt.Errorf("unexpected signing method")
// }
// return accessSecret, nil
// })
// if err != nil {
// e := err.Error()
// errStr = &e
// return auth.PostAuthVerifyToken200JSONResponse{
// Valid: &valid,
// UserId: userID,
// Error: errStr,
// }, nil
// }
// if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
// if uid, ok := claims["user_id"].(string); ok {
// valid = true
// userID = &uid
// } else {
// e := "user_id not found in token"
// errStr = &e
// }
// } else {
// e := "invalid token claims"
// errStr = &e
// }
// return auth.PostAuthVerifyToken200JSONResponse{
// Valid: &valid,
// UserId: userID,
// Error: errStr,
// }, nil
// }
// func (s Server) PostAuthRefreshToken(ctx context.Context, req auth.PostAuthRefreshTokenRequestObject) (auth.PostAuthRefreshTokenResponseObject, error) {
// valid := false
// var userID *string
// var errStr *string
// token, err := jwt.Parse(req.Body.Token, func(t *jwt.Token) (interface{}, error) {
// if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
// return nil, fmt.Errorf("unexpected signing method")
// }
// return refreshSecret, nil
// })
// if err != nil {
// e := err.Error()
// errStr = &e
// return auth.PostAuthVerifyToken200JSONResponse{
// Valid: &valid,
// UserId: userID,
// Error: errStr,
// }, nil
// }
// if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
// if uid, ok := claims["user_id"].(string); ok {
// // Refresh token is valid, generate new tokens
// newAccessToken, newRefreshToken, _ := generateTokens(uid)
// valid = true
// userID = &uid
// return auth.PostAuthVerifyToken200JSONResponse{
// Valid: &valid,
// UserId: userID,
// Error: nil,
// Token: &newAccessToken, // return new access token
// // optionally return newRefreshToken as well
// }, nil
// } else {
// e := "user_id not found in refresh token"
// errStr = &e
// }
// } else {
// e := "invalid refresh token claims"
// errStr = &e
// }
// return auth.PostAuthVerifyToken200JSONResponse{
// Valid: &valid,
// UserId: userID,
// Error: errStr,
// }, nil
// }

38
modules/auth/main.go Normal file
View file

@ -0,0 +1,38 @@
package main
import (
"time"
auth "nyanimedb/auth"
handlers "nyanimedb/modules/auth/handlers"
sqlc "nyanimedb/sql"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
)
var AppConfig Config
func main() {
r := gin.Default()
var queries *sqlc.Queries = nil
server := handlers.NewServer(queries)
r.Use(cors.New(cors.Config{
AllowOrigins: []string{"*"}, // allow all origins, change to specific domains in production
AllowMethods: []string{"GET", "POST", "PUT", "DELETE"},
AllowHeaders: []string{"Origin", "Content-Type", "Accept"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
MaxAge: 12 * time.Hour,
}))
auth.RegisterHandlers(r, auth.NewStrictHandler(
server,
[]auth.StrictMiddlewareFunc{},
))
r.Run(":8082")
}

6
modules/auth/types.go Normal file
View file

@ -0,0 +1,6 @@
package main
type Config struct {
JwtPrivateKey string
LogLevel string `toml:"LogLevel" env:"LOG_LEVEL"`
}