devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: refactor schema for open id claim standards

Browse Source
This commit is contained in:
Lakhan Samani
2021-12-22 10:51:12 +05:30
parent 8f7582e1ec
commit 508c714932
51 changed files with 1650 additions and 960 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
server/resolvers/deleteUser.go → server/resolvers/delete_user.go
View File

0
server/resolvers/forgotPassword.go → server/resolvers/forgot_password.go
View File

24
server/resolvers/login.go
View File

@@ -32,7 +32,7 @@ func Login(ctx context.Context, params model.LoginInput) (*model.AuthResponse, e
return res, fmt.Errorf(`user with this email not found`)
}
if !strings.Contains(user.SignupMethod, enum.BasicAuth.String()) {
if !strings.Contains(user.SignupMethods, enum.BasicAuth.String()) {
return res, fmt.Errorf(`user has not signed up email & password`)
}
@@ -55,12 +55,11 @@ func Login(ctx context.Context, params model.LoginInput) (*model.AuthResponse, e
roles = params.Roles
}
userIdStr := fmt.Sprintf("%v", user.ID)
refreshToken, _, _ := utils.CreateAuthToken(user, enum.RefreshToken, roles)
accessToken, expiresAt, _ := utils.CreateAuthToken(user, enum.AccessToken, roles)
session.SetToken(userIdStr, accessToken, refreshToken)
session.SetToken(user.ID, accessToken, refreshToken)
go func() {
sessionData := db.Session{
UserID: user.ID,
@@ -72,21 +71,10 @@ func Login(ctx context.Context, params model.LoginInput) (*model.AuthResponse, e
}()
res = &model.AuthResponse{
Message: `Logged in successfully`,
AccessToken: &accessToken,
AccessTokenExpiresAt: &expiresAt,
User: &model.User{
ID: userIdStr,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
SignupMethod: user.SignupMethod,
EmailVerifiedAt: &user.EmailVerifiedAt,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
},
Message: `Logged in successfully`,
AccessToken: &accessToken,
ExpiresAt: &expiresAt,
User: utils.GetResUser(user),
}
utils.SetCookie(gc, accessToken)

10
server/resolvers/magicLogin.go → server/resolvers/magic_link_login.go
View File

@@ -14,10 +14,10 @@ import (
"github.com/authorizerdev/authorizer/server/utils"
)
func MagicLogin(ctx context.Context, params model.MagicLoginInput) (*model.Response, error) {
func MagicLinkLogin(ctx context.Context, params model.MagicLinkLoginInput) (*model.Response, error) {
var res *model.Response
if constants.DISABLE_MAGIC_LOGIN {
if constants.DISABLE_MAGIC_LINK_LOGIN {
return res, fmt.Errorf(`magic link login is disabled for this instance`)
}
@@ -37,7 +37,7 @@ func MagicLogin(ctx context.Context, params model.MagicLoginInput) (*model.Respo
existingUser, err := db.Mgr.GetUserByEmail(params.Email)
if err != nil {
user.SignupMethod = enum.MagicLink.String()
user.SignupMethods = enum.MagicLink.String()
// define roles for new user
if len(params.Roles) > 0 {
// check if roles exists
@@ -86,12 +86,12 @@ func MagicLogin(ctx context.Context, params model.MagicLoginInput) (*model.Respo
user.Roles = existingUser.Roles
}
signupMethod := existingUser.SignupMethod
signupMethod := existingUser.SignupMethods
if !strings.Contains(signupMethod, enum.MagicLink.String()) {
signupMethod = signupMethod + "," + enum.MagicLink.String()
}
user.SignupMethod = signupMethod
user.SignupMethods = signupMethod
user, _ = db.Mgr.UpdateUser(user)
if err != nil {
log.Println("error updating user:", err)

16
server/resolvers/profile.go
View File

@@ -3,7 +3,6 @@ package resolvers
import (
"context"
"fmt"
"strings"
"github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/graph/model"
@@ -41,20 +40,7 @@ func Profile(ctx context.Context) (*model.User, error) {
return res, err
}
userIdStr := fmt.Sprintf("%v", user.ID)
res = &model.User{
ID: userIdStr,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
SignupMethod: user.SignupMethod,
EmailVerifiedAt: &user.EmailVerifiedAt,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
}
res = utils.GetResUser(user)
return res, nil
}

0
server/resolvers/resendVerifyEmail.go → server/resolvers/resend_verify_email.go
View File

4
server/resolvers/resetPassword.go → server/resolvers/reset_password.go
View File

@@ -41,11 +41,11 @@ func ResetPassword(ctx context.Context, params model.ResetPasswordInput) (*model
password, _ := utils.HashPassword(params.Password)
user.Password = password
signupMethod := user.SignupMethod
signupMethod := user.SignupMethods
if !strings.Contains(signupMethod, enum.BasicAuth.String()) {
signupMethod = signupMethod + "," + enum.BasicAuth.String()
}
user.SignupMethod = signupMethod
user.SignupMethods = signupMethod
// delete from verification table
db.Mgr.DeleteVerificationRequest(verificationRequest)

55
server/resolvers/signup.go
View File

@@ -70,15 +70,39 @@ func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse,
password, _ := utils.HashPassword(params.Password)
user.Password = password
if params.FirstName != nil {
user.FirstName = *params.FirstName
if params.GivenName != nil {
user.GivenName = *params.GivenName
}
if params.LastName != nil {
user.LastName = *params.LastName
if params.FamilyName != nil {
user.FamilyName = *params.FamilyName
}
user.SignupMethod = enum.BasicAuth.String()
if params.MiddleName != nil {
user.MiddleName = *params.MiddleName
}
if params.Nickname != nil {
user.Nickname = *params.Nickname
}
if params.Gender != nil {
user.Gender = *params.Gender
}
if params.Birthdate != nil {
user.Birthdate = *params.Birthdate
}
if params.PhoneNumber != nil {
user.PhoneNumber = *params.PhoneNumber
}
if params.Picture != nil {
user.Picture = *params.Picture
}
user.SignupMethods = enum.BasicAuth.String()
if constants.DISABLE_EMAIL_VERIFICATION {
user.EmailVerifiedAt = time.Now().Unix()
}
@@ -88,18 +112,7 @@ func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse,
}
userIdStr := fmt.Sprintf("%v", user.ID)
roles := strings.Split(user.Roles, ",")
userToReturn := &model.User{
ID: userIdStr,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
SignupMethod: user.SignupMethod,
EmailVerifiedAt: &user.EmailVerifiedAt,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
}
userToReturn := utils.GetResUser(user)
if !constants.DISABLE_EMAIL_VERIFICATION {
// insert verification request
@@ -141,10 +154,10 @@ func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse,
db.Mgr.AddSession(sessionData)
}()
res = &model.AuthResponse{
Message: `Signed up successfully.`,
AccessToken: &accessToken,
AccessTokenExpiresAt: &expiresAt,
User: userToReturn,
Message: `Signed up successfully.`,
AccessToken: &accessToken,
ExpiresAt: &expiresAt,
User: userToReturn,
}
utils.SetCookie(gc, accessToken)

20
server/resolvers/token.go
View File

@@ -3,7 +3,6 @@ package resolvers
import (
"context"
"fmt"
"strings"
"time"
"github.com/authorizerdev/authorizer/server/constants"
@@ -80,21 +79,10 @@ func Token(ctx context.Context, roles []string) (*model.AuthResponse, error) {
utils.SetCookie(gc, token)
res = &model.AuthResponse{
Message: `Token verified`,
AccessToken: &token,
AccessTokenExpiresAt: &expiresAt,
User: &model.User{
ID: userIdStr,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
SignupMethod: user.SignupMethod,
EmailVerifiedAt: &user.EmailVerifiedAt,
},
Message: `Token verified`,
AccessToken: &token,
ExpiresAt: &expiresAt,
User: utils.GetResUser(user),
}
return res, nil
}

34
server/resolvers/updateProfile.go → server/resolvers/update_profile.go
View File

@@ -40,7 +40,7 @@ func UpdateProfile(ctx context.Context, params model.UpdateProfileInput) (*model
}
// validate if all params are not empty
if params.FirstName == nil && params.LastName == nil && params.Image == nil && params.OldPassword == nil && params.Email == nil {
if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.OldPassword == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil {
return res, fmt.Errorf("please enter atleast one param to update")
}
@@ -50,16 +50,36 @@ func UpdateProfile(ctx context.Context, params model.UpdateProfileInput) (*model
return res, err
}
if params.FirstName != nil && user.FirstName != *params.FirstName {
user.FirstName = *params.FirstName
if params.GivenName != nil && user.GivenName != *params.GivenName {
user.GivenName = *params.GivenName
}
if params.LastName != nil && user.LastName != *params.LastName {
user.LastName = *params.LastName
if params.FamilyName != nil && user.FamilyName != *params.FamilyName {
user.FamilyName = *params.FamilyName
}
if params.Image != nil && user.Image != *params.Image {
user.Image = *params.Image
if params.MiddleName != nil && user.MiddleName != *params.MiddleName {
user.MiddleName = *params.MiddleName
}
if params.Nickname != nil && user.Nickname != *params.Nickname {
user.Nickname = *params.Nickname
}
if params.Birthdate != nil && user.Birthdate != *params.Birthdate {
user.Birthdate = *params.Birthdate
}
if params.Gender != nil && user.Gender != *params.Gender {
user.Gender = *params.Gender
}
if params.PhoneNumber != nil && user.PhoneNumber != *params.PhoneNumber {
user.PhoneNumber = *params.PhoneNumber
}
if params.Picture != nil && user.Picture != *params.Picture {
user.Picture = *params.Picture
}
if params.OldPassword != nil {

52
server/resolvers/adminUpdateUser.go → server/resolvers/update_user.go
View File

@@ -15,7 +15,7 @@ import (
"github.com/authorizerdev/authorizer/server/utils"
)
func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*model.User, error) {
func UpdateUser(ctx context.Context, params model.UpdateUserInput) (*model.User, error) {
gc, err := utils.GinContextFromContext(ctx)
var res *model.User
if err != nil {
@@ -26,7 +26,7 @@ func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*m
return res, fmt.Errorf("unauthorized")
}
if params.FirstName == nil && params.LastName == nil && params.Image == nil && params.Email == nil && params.Roles == nil {
if params.GivenName == nil && params.FamilyName == nil && params.Picture == nil && params.MiddleName == nil && params.Nickname == nil && params.Email == nil && params.Birthdate == nil && params.Gender == nil && params.PhoneNumber == nil && params.Roles == nil {
return res, fmt.Errorf("please enter atleast one param to update")
}
@@ -35,16 +35,36 @@ func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*m
return res, fmt.Errorf(`User not found`)
}
if params.FirstName != nil && user.FirstName != *params.FirstName {
user.FirstName = *params.FirstName
if params.GivenName != nil && user.GivenName != *params.GivenName {
user.GivenName = *params.GivenName
}
if params.LastName != nil && user.LastName != *params.LastName {
user.LastName = *params.LastName
if params.FamilyName != nil && user.FamilyName != *params.FamilyName {
user.FamilyName = *params.FamilyName
}
if params.Image != nil && user.Image != *params.Image {
user.Image = *params.Image
if params.MiddleName != nil && user.MiddleName != *params.MiddleName {
user.MiddleName = *params.MiddleName
}
if params.Nickname != nil && user.Nickname != *params.Nickname {
user.Nickname = *params.Nickname
}
if params.Birthdate != nil && user.Birthdate != *params.Birthdate {
user.Birthdate = *params.Birthdate
}
if params.Gender != nil && user.Gender != *params.Gender {
user.Gender = *params.Gender
}
if params.PhoneNumber != nil && user.PhoneNumber != *params.PhoneNumber {
user.PhoneNumber = *params.PhoneNumber
}
if params.Picture != nil && user.Picture != *params.Picture {
user.Picture = *params.Picture
}
if params.Email != nil && user.Email != *params.Email {
@@ -115,14 +135,14 @@ func AdminUpdateUser(ctx context.Context, params model.AdminUpdateUserInput) (*m
}
res = &model.User{
ID: params.ID,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
ID: params.ID,
Email: user.Email,
Picture: &user.Picture,
GivenName: &user.GivenName,
FamilyName: &user.FamilyName,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
}
return res, nil
}

13
server/resolvers/users.go
View File

@@ -3,7 +3,6 @@ package resolvers
import (
"context"
"fmt"
"strings"
"github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/graph/model"
@@ -27,17 +26,7 @@ func Users(ctx context.Context) ([]*model.User, error) {
}
for i := 0; i < len(users); i++ {
res = append(res, &model.User{
ID: fmt.Sprintf("%v", users[i].ID),
Email: users[i].Email,
SignupMethod: users[i].SignupMethod,
FirstName: &users[i].FirstName,
LastName: &users[i].LastName,
EmailVerifiedAt: &users[i].EmailVerifiedAt,
Roles: strings.Split(users[i].Roles, ","),
CreatedAt: &users[i].CreatedAt,
UpdatedAt: &users[i].UpdatedAt,
})
res = append(res, utils.GetResUser(users[i]))
}
return res, nil

0
server/resolvers/verificationRequests.go → server/resolvers/verification_requests.go
View File

19
server/resolvers/verifyEmail.go → server/resolvers/verify_email.go
View File

@@ -60,21 +60,10 @@ func VerifyEmail(ctx context.Context, params model.VerifyEmailInput) (*model.Aut
}()
res = &model.AuthResponse{
Message: `Email verified successfully.`,
AccessToken: &accessToken,
AccessTokenExpiresAt: &expiresAt,
User: &model.User{
ID: userIdStr,
Email: user.Email,
Image: &user.Image,
FirstName: &user.FirstName,
LastName: &user.LastName,
SignupMethod: user.SignupMethod,
EmailVerifiedAt: &user.EmailVerifiedAt,
Roles: strings.Split(user.Roles, ","),
CreatedAt: &user.CreatedAt,
UpdatedAt: &user.UpdatedAt,
},
Message: `Email verified successfully.`,
AccessToken: &accessToken,
ExpiresAt: &expiresAt,
User: utils.GetResUser(user),
}
utils.SetCookie(gc, accessToken)