feat: add change password endpoint using old password;
feat: implement change password service method with validation; fix: correct ErrorIsOneOf function logic to return true on match; refactor: rename 'log_out_accounts' to 'log_out_sessions' for clarity; refactor: update session termination to return GUIDs and cache in Redis; fix: ensure RollbackOnError only rolls back uncommitted transactions; fix: handle transaction commit errors properly in dbHelper; refactor: add helper methods for session termination and registration; refactor: pass client info to login and registration complete methods; fix: improve token validation error handling in refresh endpoint; refactor: update auth middleware to set session info correctly; chore: remove unused ClientInfo DTO; fix: correct password reset complete to use session termination helper; refactor: adjust database queries for session management; chore: update SQL schema and queries for sessions; docs: update swagger docs with new endpoint and model changes
This commit is contained in:
@@ -38,6 +38,7 @@ type AuthController interface {
|
||||
Refresh(c *gin.Context)
|
||||
PasswordResetBegin(c *gin.Context)
|
||||
PasswordResetComplete(c *gin.Context)
|
||||
ChangePassword(c *gin.Context)
|
||||
Router
|
||||
}
|
||||
|
||||
@@ -65,7 +66,7 @@ func (a *authControllerImpl) Login(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
response, err := a.auth.Login(request.Body)
|
||||
response, err := a.auth.Login(request.User, request.Body)
|
||||
|
||||
if err != nil {
|
||||
if errors.Is(err, errs.ErrForbidden) {
|
||||
@@ -155,18 +156,18 @@ func (a *authControllerImpl) Refresh(c *gin.Context) {
|
||||
|
||||
response, err := a.auth.Refresh(request.Body)
|
||||
if err != nil {
|
||||
if errors.Is(err, errs.ErrTokenExpired) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is expired"})
|
||||
} else if errors.Is(err, errs.ErrTokenInvalid) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Token is invalid"})
|
||||
} else if errors.Is(err, errs.ErrWrongTokenType) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token type"})
|
||||
} else if errors.Is(err, errs.ErrSessionNotFound) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Could not find session in database"})
|
||||
} else if errors.Is(err, errs.ErrSessionTerminated) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Session is terminated"})
|
||||
if utils.ErrorIsOneOf(
|
||||
err,
|
||||
errs.ErrTokenExpired,
|
||||
errs.ErrTokenInvalid,
|
||||
errs.ErrInvalidToken,
|
||||
errs.ErrWrongTokenType,
|
||||
errs.ErrSessionNotFound,
|
||||
errs.ErrSessionTerminated,
|
||||
) {
|
||||
c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid token"})
|
||||
} else {
|
||||
c.Status(http.StatusInternalServerError)
|
||||
c.JSON(http.StatusInternalServerError, err.Error())
|
||||
}
|
||||
return
|
||||
}
|
||||
@@ -221,7 +222,7 @@ func (a *authControllerImpl) RegistrationComplete(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
response, err := a.auth.RegistrationComplete(request.Body)
|
||||
response, err := a.auth.RegistrationComplete(request.User, request.Body)
|
||||
|
||||
if err != nil {
|
||||
if errors.Is(err, errs.ErrForbidden) {
|
||||
@@ -237,6 +238,36 @@ func (a *authControllerImpl) RegistrationComplete(c *gin.Context) {
|
||||
c.JSON(http.StatusOK, response)
|
||||
}
|
||||
|
||||
// @Summary Set new password using the old password
|
||||
// @Tags Auth
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Security JWT
|
||||
// @Param request body models.ChangePasswordRequest true " "
|
||||
// @Success 200 "Password successfully changed"
|
||||
// @Failure 403 "Invalid old password"
|
||||
// @Router /auth/changePassword [post]
|
||||
func (a *authControllerImpl) ChangePassword(c *gin.Context) {
|
||||
request, ok := utils.GetRequest[models.ChangePasswordRequest](c)
|
||||
if !ok {
|
||||
c.Status(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
response, err := a.auth.ChangePassword(request.Body, request.User)
|
||||
|
||||
if err != nil {
|
||||
if errors.Is(err, errs.ErrForbidden) {
|
||||
c.Status(http.StatusForbidden)
|
||||
} else {
|
||||
c.Status(http.StatusInternalServerError)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, response)
|
||||
}
|
||||
|
||||
func (a *authControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
|
||||
group.POST("/registrationBegin", middleware.RequestMiddleware[models.RegistrationBeginRequest](enums.GuestRole), a.RegistrationBegin)
|
||||
group.POST("/registrationComplete", middleware.RequestMiddleware[models.RegistrationCompleteRequest](enums.GuestRole), a.RegistrationComplete)
|
||||
@@ -244,4 +275,5 @@ func (a *authControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
|
||||
group.POST("/refresh", middleware.RequestMiddleware[models.RefreshRequest](enums.GuestRole), a.Refresh)
|
||||
group.POST("/passwordResetBegin", middleware.RequestMiddleware[models.PasswordResetBeginRequest](enums.GuestRole), a.PasswordResetBegin)
|
||||
group.POST("/passwordResetComplete", middleware.RequestMiddleware[models.PasswordResetCompleteRequest](enums.GuestRole), a.PasswordResetComplete)
|
||||
group.POST("/changePassword", middleware.RequestMiddleware[models.ChangePasswordRequest](enums.UserRole), a.ChangePassword)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user