fix(GIST-18): auth flow with redirection to frontend

Courtcircuits · web-flow · commit 139050291210 · 2024-08-14T14:13:39.000+02:00
* wip(GIST-18): added registration + login on github and google

* wip(GIST-18): added local auth

* fix(GIST-18): set redirection and cookie storage for auth

* fix(GIST-18): redirection to frontend
diff --git a/auth/controller.go b/auth/controller.go
@@ -1,6 +1,7 @@
 package auth
 
 import (
+	"github.com/gistapp/api/utils"
 	"github.com/gofiber/fiber/v2"
 )
 
@@ -17,7 +18,16 @@ type AuthLocalVerificationValidator struct {
 
 func (a *AuthControllerImpl) Callback() fiber.Handler {
 	return func(c *fiber.Ctx) error {
-		return AuthService.Callback(c)
+		token, err := AuthService.Callback(c)
+		if err != nil {
+			return c.Status(400).SendString(err.Error())
+		}
+		token_cookie := new(fiber.Cookie)
+		token_cookie.Name = "gists.access_token"
+		token_cookie.HTTPOnly = false
+		token_cookie.Value = token
+		c.Cookie(token_cookie)
+		return c.Redirect(utils.Get("FRONTEND_URL"))
 	}
 }
 
@@ -59,7 +69,12 @@ func (a *AuthControllerImpl) VerifyAuthToken() fiber.Handler {
 			return c.Status(400).SendString(err.Error())
 		}
 
-		return c.JSON(fiber.Map{"token": jwt_token})
+		token_cookie := new(fiber.Cookie)
+		token_cookie.Name = "gists.access_token"
+		token_cookie.HTTPOnly = true
+		token_cookie.Value = jwt_token
+		c.Cookie(token_cookie)
+		return c.Status(200).JSON(fiber.Map{"message": "You are now logged in"})
 	}
 }
 
diff --git a/auth/service.go b/auth/service.go
@@ -90,39 +90,35 @@ func (a *AuthServiceImpl) VerifyLocalAuthToken(token string, email string) (stri
 	return jwt_token, err
 }
 
-func (a *AuthServiceImpl) Callback(c *fiber.Ctx) error {
+func (a *AuthServiceImpl) Callback(c *fiber.Ctx) (string, error) {
 	auth_user, err := goth_fiber.CompleteUserAuth(c)
 	if err != nil {
 		log.Error(err)
-		return ErrCantCompleteAuth
+		return "", ErrCantCompleteAuth
 	}
 
 	user_md, _, err := a.GetUser(auth_user)
 
 	if err == nil {
 		token, err := utils.CreateToken(user_md.Email, user_md.ID)
 		if err != nil {
-			return err
+			return "", err
 		}
-		return c.JSON(fiber.Map{
-			"token": token,
-		})
+		return token, nil
 	}
 
 	user_md, err = a.Register(auth_user)
 
 	if err != nil {
-		return err
+		return "", err
 	}
 
 	jwt, err := utils.CreateToken(user_md.Email, user_md.ID)
 	if err != nil {
-		return err
+		return "", err
 	}
 
-	return c.JSON(fiber.Map{
-		"token": jwt,
-	})
+	return jwt, nil
 }
 
 func (a *AuthServiceImpl) GetUser(auth_user goth.User) (*user.User, *AuthIdentity, error) {
diff --git a/server/server.go b/server/server.go
@@ -2,6 +2,7 @@ package server
 
 import (
 	"github.com/MarceloPetrucio/go-scalar-api-reference"
+	"github.com/gistapp/api/utils"
 	"github.com/gofiber/fiber/v2"
 	"github.com/gofiber/fiber/v2/log"
 	"github.com/gofiber/fiber/v2/middleware/cors"
@@ -44,7 +45,8 @@ func (s *Server) Ignite(routers ...DomainRouter) {
 	})
 
 	s.app.Use(cors.New(cors.Config{
-		AllowOrigins: "*",
+		AllowCredentials: true,
+		AllowOrigins:     utils.Get("FRONTEND_URL"),
 	}))
 
 	s.app.Use(logger.New())

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`package auth`
`2`	`2`
`3`	`3`	`import (`
	`4`	`+ "github.com/gistapp/api/utils"`
`4`	`5`	`"github.com/gofiber/fiber/v2"`
`5`	`6`	`)`
`6`	`7`
`@@ -17,7 +18,16 @@ type AuthLocalVerificationValidator struct {`
`17`	`18`
`18`	`19`	`func (a *AuthControllerImpl) Callback() fiber.Handler {`
`19`	`20`	`return func(c *fiber.Ctx) error {`
`20`		`- return AuthService.Callback(c)`
	`21`	`+ token, err := AuthService.Callback(c)`
	`22`	`+ if err != nil {`
	`23`	`+ return c.Status(400).SendString(err.Error())`
	`24`	`+ }`
	`25`	`+ token_cookie := new(fiber.Cookie)`
	`26`	`+ token_cookie.Name = "gists.access_token"`
	`27`	`+ token_cookie.HTTPOnly = false`
	`28`	`+ token_cookie.Value = token`
	`29`	`+ c.Cookie(token_cookie)`
	`30`	`+ return c.Redirect(utils.Get("FRONTEND_URL"))`
`21`	`31`	`}`
`22`	`32`	`}`
`23`	`33`
`@@ -59,7 +69,12 @@ func (a *AuthControllerImpl) VerifyAuthToken() fiber.Handler {`
`59`	`69`	`return c.Status(400).SendString(err.Error())`
`60`	`70`	`}`
`61`	`71`
`62`		`- return c.JSON(fiber.Map{"token": jwt_token})`
	`72`	`+ token_cookie := new(fiber.Cookie)`
	`73`	`+ token_cookie.Name = "gists.access_token"`
	`74`	`+ token_cookie.HTTPOnly = true`
	`75`	`+ token_cookie.Value = jwt_token`
	`76`	`+ c.Cookie(token_cookie)`
	`77`	`+ return c.Status(200).JSON(fiber.Map{"message": "You are now logged in"})`
`63`	`78`	`}`
`64`	`79`	`}`
`65`	`80`
Original file line number	Diff line number	Diff line change
`@@ -90,39 +90,35 @@ func (a *AuthServiceImpl) VerifyLocalAuthToken(token string, email string) (stri`
`90`	`90`	`return jwt_token, err`
`91`	`91`	`}`
`92`	`92`
`93`		`-func (a AuthServiceImpl) Callback(c fiber.Ctx) error {`
	`93`	`+func (a AuthServiceImpl) Callback(c fiber.Ctx) (string, error) {`
`94`	`94`	`auth_user, err := goth_fiber.CompleteUserAuth(c)`
`95`	`95`	`if err != nil {`
`96`	`96`	`log.Error(err)`
`97`		`- return ErrCantCompleteAuth`
	`97`	`+ return "", ErrCantCompleteAuth`
`98`	`98`	`}`
`99`	`99`
`100`	`100`	`user_md, _, err := a.GetUser(auth_user)`
`101`	`101`
`102`	`102`	`if err == nil {`
`103`	`103`	`token, err := utils.CreateToken(user_md.Email, user_md.ID)`
`104`	`104`	`if err != nil {`
`105`		`- return err`
	`105`	`+ return "", err`
`106`	`106`	`}`
`107`		`- return c.JSON(fiber.Map{`
`108`		`- "token": token,`
`109`		`- })`
	`107`	`+ return token, nil`
`110`	`108`	`}`
`111`	`109`
`112`	`110`	`user_md, err = a.Register(auth_user)`
`113`	`111`
`114`	`112`	`if err != nil {`
`115`		`- return err`
	`113`	`+ return "", err`
`116`	`114`	`}`
`117`	`115`
`118`	`116`	`jwt, err := utils.CreateToken(user_md.Email, user_md.ID)`
`119`	`117`	`if err != nil {`
`120`		`- return err`
	`118`	`+ return "", err`
`121`	`119`	`}`
`122`	`120`
`123`		`- return c.JSON(fiber.Map{`
`124`		`- "token": jwt,`
`125`		`- })`
	`121`	`+ return jwt, nil`
`126`	`122`	`}`
`127`	`123`
`128`	`124`	`func (a AuthServiceImpl) GetUser(auth_user goth.User) (user.User, *AuthIdentity, error) {`