From 3302de4ff7b705fb065833bb4b93cd999130b402 Mon Sep 17 00:00:00 2001 From: Igor Polyakov Date: Wed, 19 Jun 2024 22:06:30 +0300 Subject: [PATCH] update UI, add /api/v1/auth/session #16 --- api/openapi.yaml | 28 ++++++++++++++++++++++++++++ html/assets/js/api.js | 3 ++- html/assets/js/index.js | 4 ++-- internal/app/handlers/interface.go | 4 ++++ internal/app/handlers/sessions.go | 5 +++++ internal/app/server/server.gen.go | 27 +++++++++++++++++++++++++++ 6 files changed, 68 insertions(+), 3 deletions(-) diff --git a/api/openapi.yaml b/api/openapi.yaml index 3d94606..3ecd644 100644 --- a/api/openapi.yaml +++ b/api/openapi.yaml @@ -94,6 +94,34 @@ paths: '500': description: Internal Server Error parameters: [] + /api/v1/auth/session: + get: + summary: Validate current session and return user role + description: Check if the current session is valid and return the user's role. + operationId: validateSession + tags: + - Sessions + responses: + '200': + description: Session validation result + content: + application/json: + schema: + type: object + properties: + valid: + type: boolean + description: Indicates if the current session is valid + role: + type: string + example: "admin" + description: The role of the current user + nullable: true + name: + type: string + example: "r00t" + description: The name of the current user + nullable: true /api/v1/users: get: tags: diff --git a/html/assets/js/api.js b/html/assets/js/api.js index 48778b9..0b4a1fa 100644 --- a/html/assets/js/api.js +++ b/html/assets/js/api.js @@ -33,10 +33,11 @@ window.ctf01d_tp_api.auth_signin = function(auth_data) { }); } -window.ctf01d_tp_api.auth_session = function() { +window.ctf01d_tp_api.auth_session = function (auth_data) { return $.ajax({ url: '/api/v1/auth/session', method: 'GET', contentType: 'application/json', + data: JSON.stringify(auth_data), }); } diff --git a/html/assets/js/index.js b/html/assets/js/index.js index 56e030d..89ef4cd 100644 --- a/html/assets/js/index.js +++ b/html/assets/js/index.js @@ -228,6 +228,6 @@ $(document).ready(function () { $('#btn_signin').css({"display": "none"}); $('#btn_signout').css({"display": "inline-block"}); $('#btn_profile').css({"display": "inline-block"}); - $('#btn_profile').html(res.username + "(" + res.userrole + ")"); + $('#btn_profile').html(res.name + " (" + res.role + ")"); }) -}) \ No newline at end of file +}) diff --git a/internal/app/handlers/interface.go b/internal/app/handlers/interface.go index 8b8d2a9..6a04b5e 100644 --- a/internal/app/handlers/interface.go +++ b/internal/app/handlers/interface.go @@ -42,6 +42,10 @@ func (siw *ServerInterfaceWrapper) PostApiV1AuthSignout(w http.ResponseWriter, r siw.handlers.PostApiV1AuthSignout(w, r) } +func (siw *ServerInterfaceWrapper) ValidateSession(w http.ResponseWriter, r *http.Request) { + siw.handlers.ValidateSession(w, r) +} + func (siw *ServerInterfaceWrapper) ListResults(w http.ResponseWriter, r *http.Request) { siw.handlers.ListResults(w, r) } diff --git a/internal/app/handlers/sessions.go b/internal/app/handlers/sessions.go index f2a8375..3c0301d 100644 --- a/internal/app/handlers/sessions.go +++ b/internal/app/handlers/sessions.go @@ -66,3 +66,8 @@ func (h *Handlers) PostApiV1AuthSignout(w http.ResponseWriter, r *http.Request) }) api_helpers.RespondWithJSON(w, http.StatusOK, map[string]string{"data": "User logout successful"}) } + +func (h *Handlers) ValidateSession(w http.ResponseWriter, r *http.Request) { + // implement me + api_helpers.RespondWithJSON(w, http.StatusOK, map[string]string{"role": "Admin", "name": "R00t"}) +} diff --git a/internal/app/server/server.gen.go b/internal/app/server/server.gen.go index b71e793..8b3e389 100644 --- a/internal/app/server/server.gen.go +++ b/internal/app/server/server.gen.go @@ -263,6 +263,9 @@ type UpdateUserJSONRequestBody = UserRequest // ServerInterface represents all server handlers. type ServerInterface interface { + // Validate current session and return user role + // (GET /api/v1/auth/session) + ValidateSession(w http.ResponseWriter, r *http.Request) // Login user // (POST /api/v1/auth/signin) PostApiV1AuthSignin(w http.ResponseWriter, r *http.Request) @@ -347,6 +350,12 @@ type ServerInterface interface { type Unimplemented struct{} +// Validate current session and return user role +// (GET /api/v1/auth/session) +func (_ Unimplemented) ValidateSession(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusNotImplemented) +} + // Login user // (POST /api/v1/auth/signin) func (_ Unimplemented) PostApiV1AuthSignin(w http.ResponseWriter, r *http.Request) { @@ -512,6 +521,21 @@ type ServerInterfaceWrapper struct { type MiddlewareFunc func(http.Handler) http.Handler +// ValidateSession operation middleware +func (siw *ServerInterfaceWrapper) ValidateSession(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + + handler := http.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + siw.Handler.ValidateSession(w, r) + })) + + for _, middleware := range siw.HandlerMiddlewares { + handler = middleware(handler) + } + + handler.ServeHTTP(w, r.WithContext(ctx)) +} + // PostApiV1AuthSignin operation middleware func (siw *ServerInterfaceWrapper) PostApiV1AuthSignin(w http.ResponseWriter, r *http.Request) { ctx := r.Context() @@ -1171,6 +1195,9 @@ func HandlerWithOptions(si ServerInterface, options ChiServerOptions) http.Handl ErrorHandlerFunc: options.ErrorHandlerFunc, } + r.Group(func(r chi.Router) { + r.Get(options.BaseURL+"/api/v1/auth/session", wrapper.ValidateSession) + }) r.Group(func(r chi.Router) { r.Post(options.BaseURL+"/api/v1/auth/signin", wrapper.PostApiV1AuthSignin) })