Nikolai Rodionov
cfa666e0a2
All checks were successful
ci/woodpecker/push/build Pipeline was successful
Reviewed-on: #8
84 lines
2.5 KiB
Go
84 lines
2.5 KiB
Go
package v1
|
|
|
|
import (
|
|
"context"
|
|
|
|
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/controllers"
|
|
accounts "gitea.badhouseplants.net/softplayer/softplayer-go-proto/pkg/accounts/v1"
|
|
"github.com/golang/protobuf/ptypes/empty"
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/metadata"
|
|
"google.golang.org/grpc/status"
|
|
"google.golang.org/protobuf/types/known/emptypb"
|
|
)
|
|
|
|
func NewAccountServer(
|
|
accountsCtrl *controllers.AccountController,
|
|
authorizationCtrl *controllers.AuthController,
|
|
) *AccountsServer {
|
|
return &AccountsServer{
|
|
accountsCtrl: accountsCtrl,
|
|
authorizationCtrl: authorizationCtrl,
|
|
}
|
|
}
|
|
|
|
type AccountsServer struct {
|
|
accounts.UnimplementedAccountsServiceServer
|
|
accountsCtrl *controllers.AccountController
|
|
authorizationCtrl *controllers.AuthController
|
|
}
|
|
|
|
func (a *AccountsServer) RefreshToken(ctx context.Context, in *empty.Empty) (*empty.Empty, error) {
|
|
claims, err := a.authorizationCtrl.ClaimsFromContext(ctx)
|
|
if err != nil {
|
|
return nil, status.Error(codes.Aborted, "Context is invalid")
|
|
}
|
|
|
|
if claims.TokenType != controllers.TokenTypeRefresh {
|
|
return nil, status.Error(codes.Unauthenticated, "Invalid token")
|
|
}
|
|
|
|
session, err := a.authorizationCtrl.GetSession(ctx, claims.TokenID)
|
|
if err != nil {
|
|
return nil, status.Error(codes.Unauthenticated, "Session doesn't exists")
|
|
}
|
|
|
|
if session.UserID != claims.UserID {
|
|
return nil, status.Error(codes.Unauthenticated, "Invalid session")
|
|
}
|
|
|
|
accessToken, _, err := a.authorizationCtrl.GenerateToken(&controllers.JWTData{
|
|
UserID: claims.UserID,
|
|
TokenType: controllers.TokenTypeAccess,
|
|
TokenAud: controllers.TokenAudWeb,
|
|
})
|
|
if err != nil {
|
|
return nil, status.Error(codes.Aborted, "Couldn't generate an access token")
|
|
}
|
|
|
|
refreshToken, tokenID, err := a.authorizationCtrl.GenerateToken(&controllers.JWTData{
|
|
UserID: claims.UserID,
|
|
TokenType: controllers.TokenTypeRefresh,
|
|
TokenAud: controllers.TokenAudWeb,
|
|
})
|
|
if err != nil {
|
|
return nil, status.Error(codes.Aborted, "Couldn't generate an access token")
|
|
}
|
|
newSession := &controllers.Session{UserID: session.UserID}
|
|
|
|
if err := a.authorizationCtrl.SaveSession(ctx, tokenID, newSession); err != nil {
|
|
return nil, status.Error(codes.Aborted, "Couldn't store session")
|
|
}
|
|
|
|
header := metadata.New(map[string]string{
|
|
"X-Access-Token": accessToken,
|
|
"X-Refresh-Token": refreshToken,
|
|
})
|
|
if err := grpc.SetHeader(ctx, header); err != nil {
|
|
return nil, status.Error(codes.Aborted, "Couldn't set metadata")
|
|
}
|
|
|
|
return &emptypb.Empty{}, nil
|
|
}
|