From d27a499c07e99a0baf66acb22884a6b7dbf794c6 Mon Sep 17 00:00:00 2001 From: Asara Date: Mon, 20 Jan 2020 20:06:32 -0500 Subject: [PATCH] Split out url auth with email token --- README.md | 2 +- packages/auth/auth.go | 20 ++++++++++++++++---- packages/middleware/auth_middleware.go | 6 ++++++ 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index b465e0c..f57882f 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ Install steps are for Debian 9 (stretch) [For more information on Postal](https://github.com/postalhq/postal) ``` cd ${GOPATH}/src/git.minhas.io/asara/sudoscientist-go-backend - for i in settings/*; do source $i; done + for i in settings/*.env; do source $i; done export DB_HOST=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" sudosci-db) PSQL_QUERY_STRING="postgres://${DB_USER}:${DB_PW}@${DB_HOST}:${DB_PORT}/${DB_NAME}?sslmode=${DB_SSL}" migrate -path migrations/ -database ${PSQL_QUERY_STRING} up diff --git a/packages/auth/auth.go b/packages/auth/auth.go index 6955f08..362494a 100644 --- a/packages/auth/auth.go +++ b/packages/auth/auth.go @@ -34,7 +34,7 @@ func Init() { if postal_api, ok := os.LookupEnv("POSTAL_API"); ok { if email_src, ok := os.LookupEnv("POSTAL_SRC_EMAIL"); ok { if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok { - EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil) + EmailAuth = jwtauth.New("HS256", []byte(email_auth), nil) PostalKey = postal_key PostalAPI = postal_api PostalEmail = email_src @@ -63,8 +63,8 @@ type UserCredentials struct { type Claims struct { Username string `json:"username", db:"username"` - Admin string `json:"admin", db:"admin"` - Verified string `json:"verified", db:"verified"` + Admin bool `json:"admin", db:"admin"` + Verified bool `json:"verified", db:"verified"` jwt.StandardClaims } @@ -81,6 +81,11 @@ type ComposedEmail struct { func Routes() *chi.Mux { r := chi.NewRouter() + r.Group(func(r chi.Router) { + r.Use(jwtauth.Verify(EmailAuth, auth_middleware.TokenFromUrl)) + r.Use(jwtauth.Authenticator) + r.Get("/verify/{token}", verify) + }) r.Post("/signin", signin) r.Post("/register", register) r.Group(func(r chi.Router) { @@ -91,6 +96,11 @@ func Routes() *chi.Mux { return r } +func verify(w http.ResponseWriter, r *http.Request) { + token := chi.URLParam(r, "token") + fmt.Println(token) +} + func register(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} creds := &SignUpCredentials{} @@ -142,6 +152,8 @@ func register(w http.ResponseWriter, r *http.Request) { expirationTime := time.Now().Add(24 * time.Hour) claims := &Claims{ Username: creds.Username, + Admin: false, + Verified: false, StandardClaims: jwt.StandardClaims{ ExpiresAt: expirationTime.Unix(), }, @@ -200,7 +212,7 @@ func refresh(w http.ResponseWriter, r *http.Request) { returnMessage := ReturnMessage{} _, claims, _ := jwtauth.FromContext(r.Context()) w.WriteHeader(http.StatusOK) - expirationTime := time.Now().Add(5 * time.Hour) + expirationTime := time.Now().Add(24 * time.Hour) user_claims := &Claims{} user_claims_query := DB.QueryRow("SELECT username, admin, verified FROM users WHERE username=$1", claims["username"].(string)) err := user_claims_query.Scan(&user_claims.Username, &user_claims.Admin, &user_claims.Verified) diff --git a/packages/middleware/auth_middleware.go b/packages/middleware/auth_middleware.go index 8cdfa02..fa601da 100644 --- a/packages/middleware/auth_middleware.go +++ b/packages/middleware/auth_middleware.go @@ -2,6 +2,7 @@ package auth_middleware import ( "net/http" + "path" ) func TokenFromSplitCookie(r *http.Request) string { @@ -16,3 +17,8 @@ func TokenFromSplitCookie(r *http.Request) string { cookie := dataCookie.Value + "." + signatureCookie.Value return cookie } + +func TokenFromUrl(r *http.Request) string { + _, token := path.Split(r.URL.Path) + return token +}