Token authorization is ready for MVP

Reviewed-on: #8

cmd/server.go

@@ -13,6 +13,7 @@ import (
 	"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/helpers/logger"
 	accounts "gitea.badhouseplants.net/softplayer/softplayer-go-proto/pkg/accounts/v1"
 	test "gitea.badhouseplants.net/softplayer/softplayer-go-proto/pkg/test/v1"
+	tokens "gitea.badhouseplants.net/softplayer/softplayer-go-proto/pkg/tokens/v1"
 	grpc_zap "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap"
 	"github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors"
 	"github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/auth"
@@ -66,7 +67,7 @@ func (cmd *Server) Run(ctx context.Context) error {
 		Addr: cmd.RedisHost,
 	})
 
-	authInterceptor := controllers.NewAuthController(
+	authController := controllers.NewAuthController(
 		[]byte(cmd.JWTSecret),
 		cmd.AccessTokenTTL,
 		cmd.RefrestTokenTTL,
@@ -78,17 +79,29 @@ func (cmd *Server) Run(ctx context.Context) error {
 			grpc_zap.UnaryServerInterceptor(logger.SetupLogger("info")),
 			// jwtVerifier.JWTAuthInterceptor,
 			selector.UnaryServerInterceptor(
-				auth.UnaryServerInterceptor(authInterceptor.AuthInterceptorFN),
+				auth.UnaryServerInterceptor(authController.AuthInterceptorFN),
+				selector.MatchFunc(selectorRequireAuth),
+			),
+		),
+		grpc.ChainStreamInterceptor(
+			grpc_zap.StreamServerInterceptor(logger.SetupLogger("info")),
+			selector.StreamServerInterceptor(
+				auth.StreamServerInterceptor(authController.AuthInterceptorFN),
 				selector.MatchFunc(selectorRequireAuth),
 			),
 		),
-		grpc.StreamInterceptor(grpc_zap.StreamServerInterceptor(logger.SetupLogger("info"))),
 	)
 
 	if cmd.Reflection {
 		reflection.Register(grpcServer)
 	}
 
+	tokenCtrl := &controllers.TokenController{
+		DB:       db,
+		HashCost: cmd.HashCost,
+		Redis:    rdb,
+	}
+
 	accountCtrl := &controllers.AccountController{
 		HashCost:        cmd.HashCost,
 		DB:              db,
@@ -99,10 +112,18 @@ func (cmd *Server) Run(ctx context.Context) error {
 		Redis:           rdb,
 	}
 
-	accounts.RegisterPublicAccountsServiceServer(grpcServer, v1.NewPublicAccountServer(accountCtrl, authInterceptor))
-	accounts.RegisterAccountsServiceServer(grpcServer, v1.NewAccountServer(accountCtrl, authInterceptor))
+	// Services that should be accessible for tokens should go here
+	accounts.RegisterAccountsServiceServer(grpcServer, v1.NewAccountServer(accountCtrl, authController))
 	test.RegisterTestServiceServer(grpcServer, v1.NewTestServer())
 	test.RegisterPublicTestServiceServer(grpcServer, v1.NewPublicTestServer())
+	tokens.RegisterTokensServiceServer(grpcServer, v1.NewTokensServer(tokenCtrl, authController))
+	tokens.RegisterPublicTokensServiceServer(grpcServer, v1.NewPublicTokensServer(tokenCtrl, authController))
+	accounts.RegisterPublicAccountsServiceServer(grpcServer, v1.NewPublicAccountServer(accountCtrl, authController))
+
+	info := grpcServer.GetServiceInfo()
+	tokenCtrl.SetGRPCInfo(info)
+	tokenCtrl.SetRules()
+
 	if err := grpcServer.Serve(lis); err != nil {
 		return err
 	}
@@ -116,8 +137,20 @@ func selectorRequireAuth(ctx context.Context, callMeta interceptors.CallMeta) bo
 	if len(serviceParts) == 0 {
 		return false
 	}
-
 	serviceName := serviceParts[len(serviceParts)-1]
 	fmt.Println(serviceName)
-	return !strings.HasPrefix(serviceName, "Public")
+
+	if strings.HasPrefix(serviceName, "Public") {
+		return false
+	}
+
+	if strings.Contains(serviceName, "ServerReflection") {
+		return false
+	}
+
+	if strings.Contains(callMeta.Method, "AuthenticateWithToken") {
+		return false
+	}
+
+	return true
 }