feat: use SetCookie for access and refresh tokens

auth/auth.gen.go

@@ -25,21 +25,12 @@ type PostAuthSignUpJSONBody struct {
 	Pass     string `json:"pass"`
 }
 
-// PostAuthVerifyTokenJSONBody defines parameters for PostAuthVerifyToken.
-type PostAuthVerifyTokenJSONBody struct {
-	// Token JWT token to validate
-	Token string `json:"token"`
-}
-
 // PostAuthSignInJSONRequestBody defines body for PostAuthSignIn for application/json ContentType.
 type PostAuthSignInJSONRequestBody PostAuthSignInJSONBody
 
 // PostAuthSignUpJSONRequestBody defines body for PostAuthSignUp for application/json ContentType.
 type PostAuthSignUpJSONRequestBody PostAuthSignUpJSONBody
 
-// PostAuthVerifyTokenJSONRequestBody defines body for PostAuthVerifyToken for application/json ContentType.
-type PostAuthVerifyTokenJSONRequestBody PostAuthVerifyTokenJSONBody
-
 // ServerInterface represents all server handlers.
 type ServerInterface interface {
 	// Sign in a user and return JWT
@@ -48,9 +39,6 @@ type ServerInterface interface {
 	// Sign up a new user
 	// (POST /auth/sign-up)
 	PostAuthSignUp(c *gin.Context)
-	// Verify JWT validity
-	// (POST /auth/verify-token)
-	PostAuthVerifyToken(c *gin.Context)
 }
 
 // ServerInterfaceWrapper converts contexts to parameters.
@@ -88,19 +76,6 @@ func (siw *ServerInterfaceWrapper) PostAuthSignUp(c *gin.Context) {
 	siw.Handler.PostAuthSignUp(c)
 }
 
-// PostAuthVerifyToken operation middleware
-func (siw *ServerInterfaceWrapper) PostAuthVerifyToken(c *gin.Context) {
-
-	for _, middleware := range siw.HandlerMiddlewares {
-		middleware(c)
-		if c.IsAborted() {
-			return
-		}
-	}
-
-	siw.Handler.PostAuthVerifyToken(c)
-}
-
 // GinServerOptions provides options for the Gin server.
 type GinServerOptions struct {
 	BaseURL      string
@@ -130,7 +105,6 @@ func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options
 
 	router.POST(options.BaseURL+"/auth/sign-in", wrapper.PostAuthSignIn)
 	router.POST(options.BaseURL+"/auth/sign-up", wrapper.PostAuthSignUp)
-	router.POST(options.BaseURL+"/auth/verify-token", wrapper.PostAuthVerifyToken)
 }
 
 type PostAuthSignInRequestObject struct {
@@ -144,10 +118,7 @@ type PostAuthSignInResponseObject interface {
 type PostAuthSignIn200JSONResponse struct {
 	Error   *string `json:"error"`
 	Success *bool   `json:"success,omitempty"`
-
-	// Token JWT token to access protected endpoints
-	Token  *string `json:"token"`
-	UserId *string `json:"user_id"`
+	UserId  *string `json:"user_id"`
 }
 
 func (response PostAuthSignIn200JSONResponse) VisitPostAuthSignInResponse(w http.ResponseWriter) error {
@@ -157,6 +128,17 @@ func (response PostAuthSignIn200JSONResponse) VisitPostAuthSignInResponse(w http
 	return json.NewEncoder(w).Encode(response)
 }
 
+type PostAuthSignIn401JSONResponse struct {
+	Error *string `json:"error,omitempty"`
+}
+
+func (response PostAuthSignIn401JSONResponse) VisitPostAuthSignInResponse(w http.ResponseWriter) error {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(401)
+
+	return json.NewEncoder(w).Encode(response)
+}
+
 type PostAuthSignUpRequestObject struct {
 	Body *PostAuthSignUpJSONRequestBody
 }
@@ -178,32 +160,6 @@ func (response PostAuthSignUp200JSONResponse) VisitPostAuthSignUpResponse(w http
 	return json.NewEncoder(w).Encode(response)
 }
 
-type PostAuthVerifyTokenRequestObject struct {
-	Body *PostAuthVerifyTokenJSONRequestBody
-}
-
-type PostAuthVerifyTokenResponseObject interface {
-	VisitPostAuthVerifyTokenResponse(w http.ResponseWriter) error
-}
-
-type PostAuthVerifyToken200JSONResponse struct {
-	// Error Error message if token is invalid
-	Error *string `json:"error"`
-
-	// UserId User ID extracted from token if valid
-	UserId *string `json:"user_id"`
-
-	// Valid True if token is valid
-	Valid *bool `json:"valid,omitempty"`
-}
-
-func (response PostAuthVerifyToken200JSONResponse) VisitPostAuthVerifyTokenResponse(w http.ResponseWriter) error {
-	w.Header().Set("Content-Type", "application/json")
-	w.WriteHeader(200)
-
-	return json.NewEncoder(w).Encode(response)
-}
-
 // StrictServerInterface represents all server handlers.
 type StrictServerInterface interface {
 	// Sign in a user and return JWT
@@ -212,9 +168,6 @@ type StrictServerInterface interface {
 	// Sign up a new user
 	// (POST /auth/sign-up)
 	PostAuthSignUp(ctx context.Context, request PostAuthSignUpRequestObject) (PostAuthSignUpResponseObject, error)
-	// Verify JWT validity
-	// (POST /auth/verify-token)
-	PostAuthVerifyToken(ctx context.Context, request PostAuthVerifyTokenRequestObject) (PostAuthVerifyTokenResponseObject, error)
 }
 
 type StrictHandlerFunc = strictgin.StrictGinHandlerFunc
@@ -294,36 +247,3 @@ func (sh *strictHandler) PostAuthSignUp(ctx *gin.Context) {
 		ctx.Error(fmt.Errorf("unexpected response type: %T", response))
 	}
 }
-
-// PostAuthVerifyToken operation middleware
-func (sh *strictHandler) PostAuthVerifyToken(ctx *gin.Context) {
-	var request PostAuthVerifyTokenRequestObject
-
-	var body PostAuthVerifyTokenJSONRequestBody
-	if err := ctx.ShouldBindJSON(&body); err != nil {
-		ctx.Status(http.StatusBadRequest)
-		ctx.Error(err)
-		return
-	}
-	request.Body = &body
-
-	handler := func(ctx *gin.Context, request interface{}) (interface{}, error) {
-		return sh.ssi.PostAuthVerifyToken(ctx, request.(PostAuthVerifyTokenRequestObject))
-	}
-	for _, middleware := range sh.middlewares {
-		handler = middleware(handler, "PostAuthVerifyToken")
-	}
-
-	response, err := handler(ctx, request)
-
-	if err != nil {
-		ctx.Error(err)
-		ctx.Status(http.StatusInternalServerError)
-	} else if validResponse, ok := response.(PostAuthVerifyTokenResponseObject); ok {
-		if err := validResponse.VisitPostAuthVerifyTokenResponse(ctx.Writer); err != nil {
-			ctx.Error(err)
-		}
-	} else if response != nil {
-		ctx.Error(fmt.Errorf("unexpected response type: %T", response))
-	}
-}