weirdcat/easywish
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: weirdcat:be9aee7145179db0d9c750a5779d0c9f2daa1a56
Branches Tags
weirdcat:main weirdcat:feat-wishlist_service weirdcat:ml2 weirdcat:fix-auth_service
..
compare: weirdcat:cbcfb8a2860fdc1e7f79da6adaab17290620326a
Branches Tags
weirdcat:feat-wishlist_service weirdcat:main weirdcat:ml2 weirdcat:fix-auth_service

2 Commits
be9aee7145 ... cbcfb8a286

Author SHA1 Message Date
Nikolai Papin
cbcfb8a286 feat: middleware for request body parsing, validation and authentication; 
feat: helper function for getting request info from gin context
 2025-06-24 17:31:48 +03:00
Nikolai Papin
c2059dcd6e feat: middlewares for authorization and automatic request parsing; 
feat: roles enum
 2025-06-24 13:57:39 +03:00
9 changed files with 180 additions and 33 deletions
Expand all files Collapse all files

3
backend/go.mod
View File

@@ -7,6 +7,7 @@ require (
github.com/golang-jwt/jwt/v5 v5.2.2
github.com/jackc/pgx/v5 v5.7.5
github.com/spf13/viper v1.20.1
github.com/stretchr/testify v1.10.0
github.com/swaggo/files v1.0.1
github.com/swaggo/gin-swagger v1.6.0
github.com/swaggo/swag v1.16.4
@@ -19,6 +20,7 @@ require (
github.com/bytedance/sonic v1.13.3 // indirect
github.com/bytedance/sonic/loader v0.2.4 // indirect
github.com/cloudwego/base64x v0.1.5 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
github.com/gabriel-vasile/mimetype v1.4.9 // indirect
github.com/gin-contrib/sse v1.1.0 // indirect
@@ -43,6 +45,7 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/sagikazarmark/locafero v0.9.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.14.0 // indirect

19
backend/internal/controllers/auth.go
View File

@@ -18,11 +18,15 @@
package controllers
import (
"easywish/internal/middleware"
"easywish/internal/models"
"easywish/internal/services"
"easywish/internal/utils"
"easywish/internal/utils/enums"
"net/http"
"github.com/gin-gonic/gin"
"go.uber.org/zap"
)
type AuthController interface {
@@ -37,10 +41,11 @@ type AuthController interface {
type authControllerImpl struct {
authService services.AuthService
log *zap.Logger
}
func NewAuthController(as services.AuthService) AuthController {
return &authControllerImpl{authService: as}
func NewAuthController(_log *zap.Logger, as services.AuthService) AuthController {
return &authControllerImpl{log: _log, authService: as}
}
// Login implements AuthController.
@@ -94,14 +99,14 @@ func (a *authControllerImpl) Refresh(c *gin.Context) {
// @Router /auth/registrationBegin [post]
func (a *authControllerImpl) RegistrationBegin(c *gin.Context) {
var request models.RegistrationBeginRequest
if err := c.ShouldBindJSON(&request); err != nil {
request, ok := utils.GetRequest[models.RegistrationBeginRequest](c)
if !ok {
c.Status(http.StatusBadRequest)
return
}
_, err := a.authService.RegistrationBegin(request)
_, err := a.authService.RegistrationBegin(request.Body)
if err != nil {
c.JSON(http.StatusBadRequest, err.Error())
return
@@ -122,7 +127,7 @@ func (a *authControllerImpl) RegistrationComplete(c *gin.Context) {
}
func (a *authControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
group.POST("/registrationBegin", a.RegistrationBegin)
group.POST("/registrationBegin", middleware.RequestMiddleware[models.RegistrationBeginRequest](enums.GuestRole), a.RegistrationBegin)
group.POST("/registrationComplete", a.RegistrationComplete)
group.POST("/login", a.Login)
group.POST("/refresh", a.Refresh)

8
backend/internal/controllers/profile.go
View File

@@ -18,7 +18,6 @@
package controllers
import (
"easywish/internal/middleware"
"net/http"
"github.com/gin-gonic/gin"
@@ -92,11 +91,4 @@ func (p *profileControllerImpl) UpdatePrivacySettings(c *gin.Context) {
}
func (p *profileControllerImpl) RegisterRoutes(group *gin.RouterGroup) {
protected := group.Group("")
protected.Use(middleware.JWTAuthMiddleware())
{
protected.GET("/me", p.GetOwnProfile)
protected.GET("/:username", p.GetProfile)
protected.GET("/privacy", p.GetPrivacySettings)
}
}

14
backend/internal/middleware/auth.go
View File

@@ -19,6 +19,7 @@ package middleware
import (
"easywish/config"
"easywish/internal/utils/enums"
"errors"
"fmt"
"net/http"
@@ -28,16 +29,20 @@ import (
)
type Claims struct {
Username string `json:"username"`
Username string `json:"username"`
Role enums.Role `json:"role"`
jwt.RegisteredClaims
}
func JWTAuthMiddleware() gin.HandlerFunc {
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
cfg := config.GetConfig()
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Authorization header required"})
c.Set("username", nil)
c.Set("role", enums.GuestRole)
c.Next()
return
}
@@ -64,7 +69,8 @@ func JWTAuthMiddleware() gin.HandlerFunc {
}
if claims, ok := token.Claims.(*Claims); ok && token.Valid {
c.Set("userID", claims.Username)
c.Set("username", claims.Username)
c.Set("role", claims.Role)
c.Next()
} else {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": "Invalid claims"})

98
backend/internal/middleware/request.go Normal file
View File

@@ -0,0 +1,98 @@
// Copyright (c) 2025 Nikolai Papin
//
// This file is part of Easywish
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
// the GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
package middleware
import (
"easywish/internal/utils/enums"
"net/http"
"github.com/gin-gonic/gin"
)
type UserInfo struct {
Username string
Role enums.Role
}
type Request[T any] struct {
User UserInfo
Body T
}
const requestKey = "request"
func UserInfoFromContext(c *gin.Context) (*UserInfo, bool) {
var username any
var role any
var ok bool
username, ok = c.Get("username") ; if !ok {
return &UserInfo{Username: "", Role: enums.GuestRole}, true
}
role, ok = c.Get("role"); if !ok {
return nil, false
}
if username == nil {
return &UserInfo{Username: "", Role: enums.GuestRole}, true
}
if role == nil {
return nil, false
}
return &UserInfo{Username: username.(string), Role: role.(enums.Role)}, true
}
func RequestFromContext[T any](c *gin.Context) Request[T] {
return c.Value(requestKey).(Request[T])
}
func RequestMiddleware[T any](role enums.Role) gin.HandlerFunc {
return gin.HandlerFunc(func(c *gin.Context) {
userInfo, ok := UserInfoFromContext(c)
if !ok {
c.Status(http.StatusUnauthorized)
return
}
if userInfo.Role < role {
c.Status(http.StatusForbidden)
}
var body T
if err := c.ShouldBindJSON(&body); err != nil {
c.String(http.StatusBadRequest, err.Error())
// TODO: implement automatic validation here
return
}
request := Request[T]{
User: *userInfo,
Body: body,
}
c.Set(requestKey, request)
c.Next()
})
}

2
backend/internal/models/auth.go
View File

@@ -25,7 +25,7 @@ type Tokens struct {
type RegistrationBeginRequest struct {
Username string `json:"username" binding:"required,min=3,max=20"`
Email *string `json:"email" binding:"email"`
Password string `json:"password" binding:"required,password"` // TODO: password checking
Password string `json:"password" binding:"required"` // TODO: password checking
}
// TODO: length check

2
backend/internal/routes/router.go
View File

@@ -19,12 +19,14 @@ package routes
import (
"easywish/internal/controllers"
"easywish/internal/middleware"
"github.com/gin-gonic/gin"
)
func NewRouter(engine *gin.Engine, groups []RouteGroup) *gin.Engine {
apiGroup := engine.Group("/api")
apiGroup.Use(middleware.AuthMiddleware())
for _, group := range groups {
subgroup := apiGroup.Group(group.BasePath)
subgroup.Use(group.Middleware...)

8
backend/internal/utils/enums/enums.go
View File

@@ -18,8 +18,14 @@
package enums
type ConfirmationCodeType int32
const (
RegistrationCodeType ConfirmationCodeType = iota
PasswordResetCodeType
)
type Role int32
const (
GuestRole Role = iota
UserRole
AdminRole
)

35
backend/internal/utils/request.go Normal file
View File

@@ -0,0 +1,35 @@
// Copyright (c) 2025 Nikolai Papin
//
// This file is part of Easywish
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
// the GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
package utils
import (
"easywish/internal/middleware"
"github.com/gin-gonic/gin"
)
func GetRequest[T any](c *gin.Context) (*middleware.Request[T], bool) {
req, ok := c.Get("request")
request := req.(middleware.Request[T])
if !ok {
return nil, false
}
return &request, true
}