WIP: Start implementing the internal auth

Signed-off-by: Nikolai Rodionov <allanger@badhouseplants.net>
2026-05-05 22:56:56 +02:00
parent 4d73dbfd44
commit c52c3d1046
7 changed files with 51 additions and 63 deletions
--- a/api/v1/accounts_no_auth.go
+++ b/api/v1/accounts_no_auth.go
@@ -4,10 +4,9 @@ import (
 	"context"

 	"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/controllers"
+	"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/tools/logger"
 	accounts "gitea.badhouseplants.net/softplayer/softplayer-go-proto/pkg/accounts/v1"
-	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/golang/protobuf/ptypes/empty"
-	"golang.org/x/oauth2"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/emptypb"
@@ -25,49 +24,20 @@ type AccountsNoAuthServer struct {
 }

 func (a *AccountsNoAuthServer) SignIn(ctx context.Context, in *accounts.SignInRequest) (*empty.Empty, error) {
-	provider, err := oidc.NewProvider(ctx, "https://authentik.badhouseplants.net")
-	if err != nil {
-		return nil, err
-	}
-
-	// Configure an OpenID Connect aware OAuth2 client.
-	oauth2Config := oauth2.Config{
-		ClientID:     "softplayer-localhost",
-		ClientSecret: "pRpe3scGUE2jNH6t5rqI9R4OROeQHs4eO6ku957mYjDumKhQGX8QJcO0BMJ2FG4sUpvFrqccEqWgc3wKMp94tC8LyvTnkPF0Tg0CaldAEHuoQQdNKAzXVxwrHE6kNyBC",
-		RedirectURL:  "http://localhost:8080/#/auth/callback",
-
-		// Discovery returns the OAuth2 endpoints.
-		Endpoint: provider.Endpoint(),
-
-		// "openid" is a required scope for OpenID Connect flows.
-		Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
-	}
-	verifier := provider.Verifier(&oidc.Config{ClientID: "softplayer-localhost"})
-
-	oauth2Token, err := oauth2Config.Exchange(ctx, in.Code)
-	if err != nil {
-		return nil, err
-	}
-
-	// Extract the ID Token from OAuth2 token.
-	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
-	if !ok {
-		return nil, status.Error(codes.Unauthenticated, "Couldn't parse oauth token")
-	}
-
-	// Parse and verify ID Token payload.
-	idToken, err := verifier.Verify(ctx, rawIDToken)
-	if err != nil {
-		return nil, status.Error(codes.Unauthenticated, "Couldn't verify oauth token")
-	}
-
-	// Extract custom claims
-	var claims struct {
-		Email    string `json:"email"`
-		Verified bool   `json:"email_verified"`
-	}
-	if err := idToken.Claims(&claims); err != nil {
-		// handle error
-	}
+	return &emptypb.Empty{}, nil
+}
+
+func (a *AccountsNoAuthServer) SignUp(ctx context.Context, in *accounts.SignUpRequest) (*empty.Empty, error) {
+	log := logger.FromContext(ctx)
+	data := &controllers.AccountData{
+		Password: in.GetPassword(),
+		Email:    in.GetEmail(),
+	}
+	id, err := a.ctrl.Create(ctx, data)
+	if err != nil {
+		return nil, status.Error(codes.Aborted, "Couldn't create a user")
+	}
+
+	log.Info(id)
 	return &emptypb.Empty{}, nil
 }