fix: bug with authorizer url

2022-01-31 11:35:24 +05:30
parent 34a91f3195
commit 4e48320cf1
60 changed files with 156 additions and 148 deletions
--- a/server/resolvers/env.go
+++ b/server/resolvers/env.go
@@ -41,7 +41,6 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	jwtSecret := store.StringEnv[constants.EnvKeyJwtSecret]
 	jwtRoleClaim := store.StringEnv[constants.EnvKeyJwtRoleClaim]
 	allowedOrigins := store.SliceEnv[constants.EnvKeyAllowedOrigins]
-	authorizerURL := store.StringEnv[constants.EnvKeyAuthorizerURL]
 	appURL := store.StringEnv[constants.EnvKeyAppURL]
 	redisURL := store.StringEnv[constants.EnvKeyRedisURL]
 	cookieName := store.StringEnv[constants.EnvKeyCookieName]
@@ -77,7 +76,6 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 		JwtSecret:                  &jwtSecret,
 		JwtRoleClaim:               &jwtRoleClaim,
 		AllowedOrigins:             allowedOrigins,
-		AuthorizerURL:              &authorizerURL,
 		AppURL:                     &appURL,
 		RedisURL:                   &redisURL,
 		CookieName:                 &cookieName,
--- a/server/resolvers/forgot_password.go
+++ b/server/resolvers/forgot_password.go
@@ -27,7 +27,6 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
 	if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
 		return res, fmt.Errorf(`basic authentication is disabled for this instance`)
 	}
-	host := gc.Request.Host
 	params.Email = strings.ToLower(params.Email)

 	if !utils.IsValidEmail(params.Email) {
@@ -39,7 +38,8 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
 		return res, fmt.Errorf(`user with this email not found`)
 	}

-	verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword)
+	hostname := utils.GetHost(gc)
+	verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname)
 	if err != nil {
 		log.Println(`error generating token`, err)
 	}
@@ -52,7 +52,7 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu

 	// exec it as go routin so that we can reduce the api latency
 	go func() {
-		email.SendForgotPasswordMail(params.Email, verificationToken, host)
+		email.SendForgotPasswordMail(params.Email, verificationToken, hostname)
 	}()

 	res = &model.Response{
--- a/server/resolvers/magic_link_login.go
+++ b/server/resolvers/magic_link_login.go
@@ -20,6 +20,10 @@ import (
 // MagicLinkLoginResolver is a resolver for magic link login mutation
 func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInput) (*model.Response, error) {
 	var res *model.Response
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		return res, err
+	}

 	if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin) {
 		return res, fmt.Errorf(`magic link login is disabled for this instance`)
@@ -102,10 +106,11 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
 		}
 	}

+	hostname := utils.GetHost(gc)
 	if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
 		// insert verification request
 		verificationType := constants.VerificationTypeMagicLinkLogin
-		verificationToken, err := token.CreateVerificationToken(params.Email, verificationType)
+		verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname)
 		if err != nil {
 			log.Println(`error generating token`, err)
 		}
@@ -118,7 +123,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu

 		// exec it as go routin so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(params.Email, verificationToken)
+			email.SendVerificationMail(params.Email, verificationToken, hostname)
 		}()
 	}

--- a/server/resolvers/resend_verify_email.go
+++ b/server/resolvers/resend_verify_email.go
@@ -18,6 +18,10 @@ import (
 // ResendVerifyEmailResolver is a resolver for resend verify email mutation
 func ResendVerifyEmailResolver(ctx context.Context, params model.ResendVerifyEmailInput) (*model.Response, error) {
 	var res *model.Response
+	gc, err := utils.GinContextFromContext(ctx)
+	if err != nil {
+		return res, err
+	}
 	params.Email = strings.ToLower(params.Email)

 	if !utils.IsValidEmail(params.Email) {
@@ -39,7 +43,8 @@ func ResendVerifyEmailResolver(ctx context.Context, params model.ResendVerifyEma
 		log.Println("error deleting verification request:", err)
 	}

-	verificationToken, err := token.CreateVerificationToken(params.Email, params.Identifier)
+	hostname := utils.GetHost(gc)
+	verificationToken, err := token.CreateVerificationToken(params.Email, params.Identifier, hostname)
 	if err != nil {
 		log.Println(`error generating token`, err)
 	}
@@ -52,7 +57,7 @@ func ResendVerifyEmailResolver(ctx context.Context, params model.ResendVerifyEma

 	// exec it as go routin so that we can reduce the api latency
 	go func() {
-		email.SendVerificationMail(params.Email, verificationToken)
+		email.SendVerificationMail(params.Email, verificationToken, hostname)
 	}()

 	res = &model.Response{
--- a/server/resolvers/signup.go
+++ b/server/resolvers/signup.go
@@ -119,10 +119,11 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 	roles := strings.Split(user.Roles, ",")
 	userToReturn := user.AsAPIUser()

+	hostname := utils.GetHost(gc)
 	if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
 		// insert verification request
 		verificationType := constants.VerificationTypeBasicAuthSignup
-		verificationToken, err := token.CreateVerificationToken(params.Email, verificationType)
+		verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname)
 		if err != nil {
 			log.Println(`error generating token`, err)
 		}
@@ -135,7 +136,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR

 		// exec it as go routin so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(params.Email, verificationToken)
+			email.SendVerificationMail(params.Email, verificationToken, hostname)
 		}()

 		res = &model.AuthResponse{
--- a/server/resolvers/update_env.go
+++ b/server/resolvers/update_env.go
@@ -13,6 +13,8 @@ import (
 	"github.com/authorizerdev/authorizer/server/db"
 	"github.com/authorizerdev/authorizer/server/envstore"
 	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/oauth"
+	"github.com/authorizerdev/authorizer/server/sessionstore"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 )
@@ -115,6 +117,8 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model

 	// Update local store
 	envstore.EnvInMemoryStoreObj.UpdateEnvStore(updatedData)
+	sessionstore.InitSession()
+	oauth.InitOAuth()

 	// Fetch the current db store and update it
 	env, err := db.Provider.GetEnv()
--- a/server/resolvers/update_profile.go
+++ b/server/resolvers/update_profile.go
@@ -116,12 +116,13 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)
 		sessionstore.DeleteAllUserSession(fmt.Sprintf("%v", user.ID))
 		cookie.DeleteCookie(gc)

+		hostname := utils.GetHost(gc)
 		user.Email = newEmail
 		user.EmailVerifiedAt = nil
 		hasEmailChanged = true
 		// insert verification request
 		verificationType := constants.VerificationTypeUpdateEmail
-		verificationToken, err := token.CreateVerificationToken(newEmail, verificationType)
+		verificationToken, err := token.CreateVerificationToken(newEmail, verificationType, hostname)
 		if err != nil {
 			log.Println(`error generating token`, err)
 		}
@@ -134,7 +135,7 @@ func UpdateProfileResolver(ctx context.Context, params model.UpdateProfileInput)

 		// exec it as go routin so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(newEmail, verificationToken)
+			email.SendVerificationMail(newEmail, verificationToken, hostname)
 		}()
 	}

--- a/server/resolvers/update_user.go
+++ b/server/resolvers/update_user.go
@@ -98,11 +98,12 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
 		sessionstore.DeleteAllUserSession(fmt.Sprintf("%v", user.ID))
 		cookie.DeleteCookie(gc)

+		hostname := utils.GetHost(gc)
 		user.Email = newEmail
 		user.EmailVerifiedAt = nil
 		// insert verification request
 		verificationType := constants.VerificationTypeUpdateEmail
-		verificationToken, err := token.CreateVerificationToken(newEmail, verificationType)
+		verificationToken, err := token.CreateVerificationToken(newEmail, verificationType, hostname)
 		if err != nil {
 			log.Println(`error generating token`, err)
 		}
@@ -115,7 +116,7 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod

 		// exec it as go routin so that we can reduce the api latency
 		go func() {
-			email.SendVerificationMail(newEmail, verificationToken)
+			email.SendVerificationMail(newEmail, verificationToken, hostname)
 		}()
 	}

@@ -127,7 +128,7 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
 			inputRoles = append(inputRoles, *item)
 		}

-		if !utils.IsValidRoles(append([]string{}, append(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), inputRoles) {
+		if !utils.IsValidRoles(inputRoles, append([]string{}, append(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
 			return res, fmt.Errorf("invalid list of roles")
 		}