fixed
This commit is contained in:
@@ -127,11 +127,7 @@ func checkUserAuthorization(userID, accessToken string) (bool, string, error) {
|
|||||||
defer resp.Body.Close()
|
defer resp.Body.Close()
|
||||||
|
|
||||||
// Parse response
|
// Parse response
|
||||||
var authResp struct {
|
var authResp models.AuthorizationResponse
|
||||||
Allowed bool `json:"allowed"`
|
|
||||||
RedirectRoute string `json:"redirect_route,omitempty"`
|
|
||||||
Message string `json:"message,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := json.NewDecoder(resp.Body).Decode(&authResp); err != nil {
|
if err := json.NewDecoder(resp.Body).Decode(&authResp); err != nil {
|
||||||
helper.LogError(err, "Failed to decode authorization response")
|
helper.LogError(err, "Failed to decode authorization response")
|
||||||
|
|||||||
+23
-4
@@ -107,7 +107,7 @@ func GenerateTokens(email, userAgent, ipAddress string) (string, string, error)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
accessToken, err := generateAccessToken(email, sessionID)
|
accessToken, err := generateAccessToken(email, sessionID, userID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", "", fmt.Errorf(errFormatWithContext, errMsgFailedToGenerateAccessToken, err)
|
return "", "", fmt.Errorf(errFormatWithContext, errMsgFailedToGenerateAccessToken, err)
|
||||||
}
|
}
|
||||||
@@ -116,11 +116,18 @@ func GenerateTokens(email, userAgent, ipAddress string) (string, string, error)
|
|||||||
return accessToken, refreshToken, nil
|
return accessToken, refreshToken, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func generateAccessToken(email, sessionID string) (string, error) {
|
func generateAccessToken(email, sessionID, userID string) (string, error) {
|
||||||
|
AccessTokenExpiration := os.Getenv("AccessTokenExpiration")
|
||||||
|
if AccessTokenExpiration == "" {
|
||||||
|
log.Println("AccessTokenExpiration not set, defaulting to 45 minutes")
|
||||||
|
AccessTokenExpiration = "45"
|
||||||
|
}
|
||||||
|
|
||||||
expirationTime := time.Now().Add(45 * time.Minute).Unix()
|
expirationTime := time.Now().Add(45 * time.Minute).Unix()
|
||||||
|
|
||||||
claims := &models.AccessToken{
|
claims := &models.AccessToken{
|
||||||
Email: email,
|
Email: email,
|
||||||
|
UserID: userID,
|
||||||
SessionID: sessionID,
|
SessionID: sessionID,
|
||||||
Exp: expirationTime,
|
Exp: expirationTime,
|
||||||
RegisteredClaims: jwt.RegisteredClaims{
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
@@ -256,7 +263,13 @@ func RefreshAccessToken(refreshTokenString, userAgent, ipAddress string) (string
|
|||||||
|
|
||||||
helper.LogInfo(fmt.Sprintf("Generating new access token for email: %s, session: %s", email, session.ID))
|
helper.LogInfo(fmt.Sprintf("Generating new access token for email: %s, session: %s", email, session.ID))
|
||||||
|
|
||||||
accessToken, err := generateAccessToken(email, session.ID)
|
userID, err := helper.FetchUserIDFromDB(email)
|
||||||
|
if err != nil {
|
||||||
|
helper.LogError(err, fmt.Sprintf("Failed to fetch user ID for email %s during refresh", email))
|
||||||
|
userID = session.UserID // Fallback to session's user ID
|
||||||
|
}
|
||||||
|
|
||||||
|
accessToken, err := generateAccessToken(email, session.ID, userID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
helper.LogError(err, "Failed to generate access token during refresh")
|
helper.LogError(err, "Failed to generate access token during refresh")
|
||||||
return "", fmt.Errorf("failed to generate access token: %w", err)
|
return "", fmt.Errorf("failed to generate access token: %w", err)
|
||||||
@@ -395,7 +408,13 @@ func RefreshAccessTokenWithEmailFallback(refreshTokenString, userAgent, ipAddres
|
|||||||
|
|
||||||
helper.LogInfo(fmt.Sprintf("Generating new access token for email: %s, session: %s", email, session.ID))
|
helper.LogInfo(fmt.Sprintf("Generating new access token for email: %s, session: %s", email, session.ID))
|
||||||
|
|
||||||
accessToken, err := generateAccessToken(email, session.ID)
|
userID, err := helper.FetchUserIDFromDB(email)
|
||||||
|
if err != nil {
|
||||||
|
helper.LogError(err, fmt.Sprintf("Failed to fetch user ID for email %s during refresh", email))
|
||||||
|
userID = session.UserID // Fallback to session's user ID
|
||||||
|
}
|
||||||
|
|
||||||
|
accessToken, err := generateAccessToken(email, session.ID, userID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
helper.LogError(err, "Failed to generate access token during refresh")
|
helper.LogError(err, "Failed to generate access token during refresh")
|
||||||
return "", fmt.Errorf("failed to generate access token: %w", err)
|
return "", fmt.Errorf("failed to generate access token: %w", err)
|
||||||
|
|||||||
@@ -0,0 +1,11 @@
|
|||||||
|
package helper
|
||||||
|
|
||||||
|
import "authentication/services"
|
||||||
|
|
||||||
|
func FetchUserIDFromDB(email string) (string, error) {
|
||||||
|
UserID, err := services.GetUserID(email)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
return UserID, nil
|
||||||
|
}
|
||||||
@@ -24,3 +24,10 @@ func (rw *ResponseWriter) Write(b []byte) (int, error) {
|
|||||||
rw.Size += size
|
rw.Size += size
|
||||||
return size, err
|
return size, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// AuthorizationResponse represents the response from the authorization microservice
|
||||||
|
type AuthorizationResponse struct {
|
||||||
|
Allowed bool `json:"allowed"`
|
||||||
|
RedirectRoute string `json:"redirect_route,omitempty"`
|
||||||
|
Message string `json:"message,omitempty"`
|
||||||
|
}
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import (
|
|||||||
|
|
||||||
type AccessToken struct {
|
type AccessToken struct {
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
|
UserID string `json:"user_id"`
|
||||||
SessionID string `json:"session_id"`
|
SessionID string `json:"session_id"`
|
||||||
Exp int64 `json:"exp"`
|
Exp int64 `json:"exp"`
|
||||||
jwt.RegisteredClaims
|
jwt.RegisteredClaims
|
||||||
|
|||||||
Reference in New Issue
Block a user