Add GOPRIVATE to Dockerfile

Fetch user to determine role
Add GetUser to UserClient
2023-10-22 23:07:19 +02:00 · 2023-10-22 23:04:25 +02:00 · 2023-10-22 22:59:16 +02:00
5 changed files with 56 additions and 7 deletions
--- a/2
+++ b/2
@@ -1,7 +1,9 @@
 FROM golang:alpine as build
+RUN apk add --no-cache git
 WORKDIR /app
 COPY go.sum /app/go.sum
 COPY go.mod /app/go.mod
+ENV GOPRIVATE=git.t-juice.club
 RUN go mod download
 COPY . /app
 RUN go build -o mf-auth cmd/main.go
--- a/go.mod
+++ b/go.mod
@@ -3,6 +3,7 @@ module git.t-juice.club/microfilm/auth
 go 1.21.3

 require (
+	git.t-juice.club/microfilm/users v0.1.2
 	github.com/go-chi/chi/v5 v5.0.10
 	github.com/golang-jwt/jwt/v5 v5.0.0
 	github.com/google/uuid v1.3.1
@@ -18,6 +19,6 @@ require (
 	github.com/nats-io/nuid v1.0.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/crypto v0.6.0 // indirect
-	golang.org/x/sys v0.5.0 // indirect
+	golang.org/x/crypto v0.14.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,3 +1,5 @@
+git.t-juice.club/microfilm/users v0.1.2 h1:wudwa4C5ecUGmbe+Y6A77lVHx8dFSy/ib47HBOrQ7AU=
+git.t-juice.club/microfilm/users v0.1.2/go.mod h1:CWb2XYyifeaiLMdEqPyLB4EEj2MKcGogt+wt+PGdcSw=
 github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=
 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -34,10 +36,10 @@ github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs=
 github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
-golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
-golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
+golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
--- a/server/server.go
+++ b/server/server.go
@@ -143,9 +143,18 @@ func (s *Server) TokenHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	u, err := s.userClient.GetUser(userIdentifier)
+	if err != nil {
+		WriteError(w, auth.ErrorResponse{
+			Status:  http.StatusUnauthorized,
+			Message: fmt.Sprintf("Unable to get user details: %s", err),
+		})
+		return
+	}
+
 	exp := time.Now().Add(DefaultTokenDuration)
 	claims := auth.MicrofilmClaims{
-		Role: auth.RoleUser,
+		Role: u.Role,
 		RegisteredClaims: jwt.RegisteredClaims{
 			Issuer:    "microfilm",
 			Subject:   userIdentifier,
--- a/server/userclient.go
+++ b/server/userclient.go
@@ -7,6 +7,8 @@ import (
 	"fmt"
 	"net/http"
 	"time"
+
+	"git.t-juice.club/microfilm/users"
 )

 type UserClient struct {
@@ -53,3 +55,36 @@ func (c *UserClient) VerifyUserPassword(username, password string) error {

 	return nil
 }
+
+func (c *UserClient) GetUser(identifier string) (users.User, error) {
+	var u users.User
+
+	ctx, cancel := context.WithTimeout(context.Background(), defaultTimeout)
+	defer cancel()
+
+	url := fmt.Sprintf("%s/%s", c.BaseURL, identifier)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, url, nil)
+	if err != nil {
+		return u, err
+	}
+
+	client := http.Client{}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return u, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return u, fmt.Errorf("authentication failed")
+	}
+
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&u); err != nil {
+		return u, err
+	}
+
+	return u, nil
+}
Author	SHA1	Message	Date
Torjus Håkestad	037d347ef3	Add GOPRIVATE to Dockerfile	2023-10-22 23:07:19 +02:00
Torjus Håkestad	2d908e913d	Fetch user to determine role	2023-10-22 23:04:25 +02:00
Torjus Håkestad	8286336c32	Add GetUser to UserClient	2023-10-22 22:59:16 +02:00