Split out url auth with email token

2020-01-20 20:06:32 -05:00 · 2020-01-20 20:06:32 -05:00 · d27a499c07
commit d27a499c07
parent cc7225527e
3 changed files with 23 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -81,7 +81,7 @@ Install steps are for Debian 9 (stretch)
    [For more information on Postal](https://github.com/postalhq/postal)
    ```
    cd ${GOPATH}/src/git.minhas.io/asara/sudoscientist-go-backend
-    for i in settings/*; do source $i; done
+    for i in settings/*.env; do source $i; done
    export DB_HOST=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" sudosci-db)
    PSQL_QUERY_STRING="postgres://${DB_USER}:${DB_PW}@${DB_HOST}:${DB_PORT}/${DB_NAME}?sslmode=${DB_SSL}"
    migrate -path migrations/ -database ${PSQL_QUERY_STRING} up
--- a/packages/auth/auth.go
+++ b/packages/auth/auth.go
@ -34,7 +34,7 @@ func Init() {
 		if postal_api, ok := os.LookupEnv("POSTAL_API"); ok {
 			if email_src, ok := os.LookupEnv("POSTAL_SRC_EMAIL"); ok {
 				if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok {
-					EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil)
+					EmailAuth = jwtauth.New("HS256", []byte(email_auth), nil)
 					PostalKey = postal_key
 					PostalAPI = postal_api
 					PostalEmail = email_src
@ -63,8 +63,8 @@ type UserCredentials struct {

 type Claims struct {
 	Username string `json:"username", db:"username"`
-	Admin    string `json:"admin", db:"admin"`
-	Verified string `json:"verified", db:"verified"`
+	Admin    bool   `json:"admin", db:"admin"`
+	Verified bool   `json:"verified", db:"verified"`
 	jwt.StandardClaims
 }

@ -81,6 +81,11 @@ type ComposedEmail struct {

 func Routes() *chi.Mux {
 	r := chi.NewRouter()
+	r.Group(func(r chi.Router) {
+		r.Use(jwtauth.Verify(EmailAuth, auth_middleware.TokenFromUrl))
+		r.Use(jwtauth.Authenticator)
+		r.Get("/verify/{token}", verify)
+	})
 	r.Post("/signin", signin)
 	r.Post("/register", register)
 	r.Group(func(r chi.Router) {
@ -91,6 +96,11 @@ func Routes() *chi.Mux {
 	return r
 }

+func verify(w http.ResponseWriter, r *http.Request) {
+	token := chi.URLParam(r, "token")
+	fmt.Println(token)
+}
+
 func register(w http.ResponseWriter, r *http.Request) {
 	returnMessage := ReturnMessage{}
 	creds := &SignUpCredentials{}
@ -142,6 +152,8 @@ func register(w http.ResponseWriter, r *http.Request) {
 	expirationTime := time.Now().Add(24 * time.Hour)
 	claims := &Claims{
 		Username: creds.Username,
+		Admin:    false,
+		Verified: false,
 		StandardClaims: jwt.StandardClaims{
 			ExpiresAt: expirationTime.Unix(),
 		},
@ -200,7 +212,7 @@ func refresh(w http.ResponseWriter, r *http.Request) {
 	returnMessage := ReturnMessage{}
 	_, claims, _ := jwtauth.FromContext(r.Context())
 	w.WriteHeader(http.StatusOK)
-	expirationTime := time.Now().Add(5 * time.Hour)
+	expirationTime := time.Now().Add(24 * time.Hour)
 	user_claims := &Claims{}
 	user_claims_query := DB.QueryRow("SELECT username, admin, verified FROM users WHERE username=$1", claims["username"].(string))
 	err := user_claims_query.Scan(&user_claims.Username, &user_claims.Admin, &user_claims.Verified)
--- a/packages/middleware/auth_middleware.go
+++ b/packages/middleware/auth_middleware.go
@ -2,6 +2,7 @@ package auth_middleware

 import (
 	"net/http"
+	"path"
 )

 func TokenFromSplitCookie(r *http.Request) string {
@ -16,3 +17,8 @@ func TokenFromSplitCookie(r *http.Request) string {
 	cookie := dataCookie.Value + "." + signatureCookie.Value
 	return cookie
 }
+
+func TokenFromUrl(r *http.Request) string {
+	_, token := path.Split(r.URL.Path)
+	return token
+}