Add GOPRIVATE to Dockerfile

Fetch user to determine role
Add GetUser to UserClient
2023-10-22 23:07:19 +02:00 · 2023-10-22 23:04:25 +02:00 · 2023-10-22 22:59:16 +02:00
5 changed files with 56 additions and 7 deletions
--- a/2
+++ b/2
@ -1,7 +1,9 @@
 FROM golang:alpine as build
 RUN apk add --no-cache git
 WORKDIR /app
 COPY go.sum /app/go.sum
 COPY go.mod /app/go.mod
 ENV GOPRIVATE=git.t-juice.club
 RUN go mod download
 COPY . /app
 RUN go build -o mf-auth cmd/main.go
--- a/go.mod
+++ b/go.mod
@ -3,6 +3,7 @@ module git.t-juice.club/microfilm/auth
 go 1.21.3
 require (
 	git.t-juice.club/microfilm/users v0.1.2
 	github.com/go-chi/chi/v5 v5.0.10
 	github.com/golang-jwt/jwt/v5 v5.0.0
 	github.com/google/uuid v1.3.1
@ -18,6 +19,6 @@ require (
 	github.com/nats-io/nuid v1.0.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/crypto v0.6.0 // indirect
+	golang.org/x/crypto v0.14.0 // indirect
-	golang.org/x/sys v0.5.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,3 +1,5 @@
 git.t-juice.club/microfilm/users v0.1.2 h1:wudwa4C5ecUGmbe+Y6A77lVHx8dFSy/ib47HBOrQ7AU=
 git.t-juice.club/microfilm/users v0.1.2/go.mod h1:CWb2XYyifeaiLMdEqPyLB4EEj2MKcGogt+wt+PGdcSw=
 github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=
 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@ -34,10 +36,10 @@ github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs=
 github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
-golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
-golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
--- a/server/server.go
+++ b/server/server.go
@ -143,9 +143,18 @@ func (s *Server) TokenHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	u, err := s.userClient.GetUser(userIdentifier)
 	if err != nil {
 		WriteError(w, auth.ErrorResponse{
 			Status:  http.StatusUnauthorized,
 			Message: fmt.Sprintf("Unable to get user details: %s", err),
 		})
 		return
 	}
 	exp := time.Now().Add(DefaultTokenDuration)
 	claims := auth.MicrofilmClaims{
-		Role: auth.RoleUser,
+		Role: u.Role,
 		RegisteredClaims: jwt.RegisteredClaims{
 			Issuer:    "microfilm",
 			Subject:   userIdentifier,
--- a/server/userclient.go
+++ b/server/userclient.go
@ -7,6 +7,8 @@ import (
 	"fmt"
 	"net/http"
 	"time"
 	"git.t-juice.club/microfilm/users"
 )
 type UserClient struct {
@ -53,3 +55,36 @@ func (c *UserClient) VerifyUserPassword(username, password string) error {
 	return nil
 }
 func (c *UserClient) GetUser(identifier string) (users.User, error) {
 	var u users.User
 	ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout)
 	defer cancel()
 	url := fmt.Sprintf("%s/%s", c.BaseURL, identifier)
 	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, nil)
 	if err != nil {
 		return u, err
 	}
 	client := http.Client{}
 	resp, err := client.Do(req)
 	if err != nil {
 		return u, err
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		return u, fmt.Errorf("authentication failed")
 	}
 	decoder := json.NewDecoder(resp.Body)
 	if err := decoder.Decode(&u); err != nil {
 		return u, err
 	}
 	return u, nil
 }
Author	SHA1	Message	Date
Torjus Håkestad	037d347ef3	Add GOPRIVATE to Dockerfile	2023-10-22 23:07:19 +02:00
Torjus Håkestad	2d908e913d	Fetch user to determine role	2023-10-22 23:04:25 +02:00
Torjus Håkestad	8286336c32	Add GetUser to UserClient	2023-10-22 22:59:16 +02:00