feat: Add other tasks from chapter 6

2024-10-25 23:31:57 +02:00
parent e72fd2ee86
commit 61beecd4a0
18 changed files with 361 additions and 23 deletions
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@ -1,6 +1,17 @@
 package auth

-import "golang.org/x/crypto/bcrypt"
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"errors"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/google/uuid"
+	"golang.org/x/crypto/bcrypt"
+)

 func HashPassword(password string) (string, error) {
 	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), 10)
@ -10,3 +21,63 @@ func HashPassword(password string) (string, error) {
 func CheckPasswordHash(password, hash string) error {
 	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
 }
+
+func MakeJWT(userID uuid.UUID, tokenSecret string) (string, error) {
+	newToken := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
+		Issuer:    "chirpy",
+		IssuedAt:  jwt.NewNumericDate(time.Now()),
+		ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Hour)),
+		Subject:   userID.String(),
+	})
+	token, err := newToken.SignedString([]byte(tokenSecret))
+	if err != nil {
+		return "", err
+	}
+	return token, nil
+}
+
+func ValidateJWT(tokenString, tokenSecret string) (uuid.UUID, error) {
+
+	token, err := jwt.ParseWithClaims(tokenString, &jwt.RegisteredClaims{}, func(t *jwt.Token) (interface{}, error) {
+		return []byte(tokenSecret), nil
+	})
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+	if !token.Valid {
+		return uuid.UUID{}, errors.New("token has expired")
+	}
+
+	userIDString, err := token.Claims.GetSubject()
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+	userID, err := uuid.Parse(userIDString)
+	if err != nil {
+		return uuid.UUID{}, err
+	}
+
+	return userID, nil
+}
+
+func GetBearerToken(headers http.Header) (string, error) {
+	authHeader := headers.Get("Authorization")
+	if authHeader == "" {
+		return "", errors.New("authorization header is not set")
+	}
+	if !strings.HasPrefix(authHeader, "Bearer ") {
+		return "", errors.New("incorrect authorization type, must be of type Bearer")
+	}
+	bearerToken := strings.TrimPrefix(authHeader, "Bearer ")
+	return strings.TrimSpace(bearerToken), nil
+}
+
+func MakeRefreshToken() (string, error) {
+	buffer := make([]byte, 32)
+	_, err := rand.Read(buffer)
+	if err != nil {
+		return "", err
+	}
+	hexData := hex.EncodeToString(buffer)
+	return hexData, nil
+}
--- a/internal/database/models.go
+++ b/internal/database/models.go
@ -5,6 +5,7 @@
 package database

 import (
+	"database/sql"
 	"time"

 	"github.com/google/uuid"
@ -18,6 +19,15 @@ type Chirp struct {
 	UserID    uuid.UUID
 }

+type RefreshToken struct {
+	Token     string
+	CreatedAt time.Time
+	UpdatedAt time.Time
+	UserID    uuid.UUID
+	ExpiresAt sql.NullTime
+	RevokedAt sql.NullTime
+}
+
 type User struct {
 	ID             uuid.UUID
 	CreatedAt      time.Time
--- a/internal/database/refresh_token.sql.go
+++ b/internal/database/refresh_token.sql.go
@ -0,0 +1,46 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.27.0
+// source: refresh_token.sql
+
+package database
+
+import (
+	"context"
+	"database/sql"
+
+	"github.com/google/uuid"
+)
+
+const createRefreshToken = `-- name: CreateRefreshToken :one
+INSERT INTO refresh_tokens (token, created_at, updated_at, user_id, expires_at, revoked_at)
+VALUES (
+    $1,
+    NOW(),
+    NOW(),
+    $2,
+    $3,
+    NULL
+)
+RETURNING token, created_at, updated_at, user_id, expires_at, revoked_at
+`
+
+type CreateRefreshTokenParams struct {
+	Token     string
+	UserID    uuid.UUID
+	ExpiresAt sql.NullTime
+}
+
+func (q *Queries) CreateRefreshToken(ctx context.Context, arg CreateRefreshTokenParams) (RefreshToken, error) {
+	row := q.db.QueryRowContext(ctx, createRefreshToken, arg.Token, arg.UserID, arg.ExpiresAt)
+	var i RefreshToken
+	err := row.Scan(
+		&i.Token,
+		&i.CreatedAt,
+		&i.UpdatedAt,
+		&i.UserID,
+		&i.ExpiresAt,
+		&i.RevokedAt,
+	)
+	return i, err
+}
--- a/internal/database/update_token.sql.go
+++ b/internal/database/update_token.sql.go
@ -0,0 +1,23 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.27.0
+// source: update_token.sql
+
+package database
+
+import (
+	"context"
+)
+
+const revokeRefreshToken = `-- name: RevokeRefreshToken :exec
+UPDATE refresh_tokens
+SET 
+    revoked_at = NOW(),
+    updated_at = NOW()
+WHERE token = $1
+`
+
+func (q *Queries) RevokeRefreshToken(ctx context.Context, token string) error {
+	_, err := q.db.ExecContext(ctx, revokeRefreshToken, token)
+	return err
+}
--- a/internal/database/user_from_token.sql.go
+++ b/internal/database/user_from_token.sql.go
@ -0,0 +1,26 @@
+// Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.27.0
+// source: user_from_token.sql
+
+package database
+
+import (
+	"context"
+
+	"github.com/google/uuid"
+)
+
+const getUserFromRefreshToken = `-- name: GetUserFromRefreshToken :one
+SELECT user_id FROM refresh_tokens
+WHERE refresh_tokens.token = $1
+AND refresh_tokens.expires_at > NOW()
+AND refresh_tokens.revoked_at IS NULL
+`
+
+func (q *Queries) GetUserFromRefreshToken(ctx context.Context, token string) (uuid.UUID, error) {
+	row := q.db.QueryRowContext(ctx, getUserFromRefreshToken, token)
+	var user_id uuid.UUID
+	err := row.Scan(&user_id)
+	return user_id, err
+}
--- a/internal/database/users.sql.go
+++ b/internal/database/users.sql.go
@ -16,13 +16,18 @@ VALUES (
    NOW(),
    NOW(),
    $1,
-	$2
+    $2
 )
 RETURNING id, created_at, updated_at, email, hashed_password
 `

-func (q *Queries) CreateUser(ctx context.Context, email string, hashed_password string) (User, error) {
-	row := q.db.QueryRowContext(ctx, createUser, email, hashed_password)
+type CreateUserParams struct {
+	Email          string
+	HashedPassword string
+}
+
+func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, error) {
+	row := q.db.QueryRowContext(ctx, createUser, arg.Email, arg.HashedPassword)
 	var i User
 	err := row.Scan(
 		&i.ID,