From dfc411e5f623edd909887bf3c006edb7779f5548 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Tue, 27 Aug 2024 00:47:58 +0200 Subject: [PATCH] Add configuration table --- .gitignore | 3 +- auth/auth.go | 9 ++-- auth/config.go | 50 +++++++++++++++++++++- auth/main.go | 6 +++ auth/sql/migrations/000002_config.down.sql | 5 +++ auth/sql/migrations/000002_config.up.sql | 8 ++++ auth/sql/queries/config.sql | 21 +++++++++ 7 files changed, 95 insertions(+), 7 deletions(-) create mode 100644 auth/sql/migrations/000002_config.down.sql create mode 100644 auth/sql/migrations/000002_config.up.sql create mode 100644 auth/sql/queries/config.sql diff --git a/.gitignore b/.gitignore index 6ed2917f..6738538d 100644 --- a/.gitignore +++ b/.gitignore @@ -7,4 +7,5 @@ log.html output.xml report.html chart/charts -chart/Chart.lock \ No newline at end of file +chart/Chart.lock +tmp diff --git a/auth/auth.go b/auth/auth.go index b1f4f4f2..e98eb087 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -40,22 +40,21 @@ func (h *Handler) Register(c echo.Context) error { Username: req.Username, Email: req.Email, Password: &pass, - // TODO: Use configured value. - Claims: []byte{}, + Claims: h.config.DefaultClaims, }) if err != nil { return echo.NewHTTPError(409, "Email or username already taken") } user := MapDbUser(&duser) - return createToken(c, &user) + return h.createToken(c, &user) } -func createToken(c echo.Context, user *User) error { +func (h *Handler) createToken(c echo.Context, user *User) error { claims := &jwt.RegisteredClaims{ Subject: user.ID.String(), } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) - t, err := token.SignedString(h.jwtSecret) + t, err := token.SignedString(h.config.JwtSecret) if err != nil { return err } diff --git a/auth/config.go b/auth/config.go index 541807c7..a8e16ae4 100644 --- a/auth/config.go +++ b/auth/config.go @@ -1,6 +1,54 @@ package main +import ( + "context" + "crypto/rand" + "encoding/base64" + + "github.com/zoriya/kyoo/keibi/dbc" +) + type Configuration struct { - JwtSecret string + JwtSecret []byte DefaultClaims []byte } + +const ( + JwtSecret = "jwt_secret" +) + +func LoadConfiguration(db *dbc.Queries) (*Configuration, error) { + ctx := context.Background() + confs, err := db.LoadConfig(ctx) + if err != nil { + return nil, err + } + + ret := Configuration{} + + for _, conf := range confs { + switch conf.Key { + case JwtSecret: + secret, err := base64.StdEncoding.DecodeString(conf.Value) + if err != nil { + return nil, err + } + ret.JwtSecret = secret + } + } + + if ret.JwtSecret == nil { + ret.JwtSecret = make([]byte, 128) + rand.Read(ret.JwtSecret) + + _, err := db.SaveConfig(ctx, dbc.SaveConfigParams{ + Key: JwtSecret, + Value: base64.StdEncoding.EncodeToString(ret.JwtSecret), + }) + if err != nil { + return nil, err + } + } + + return &ret, nil +} diff --git a/auth/main.go b/auth/main.go index d7878baf..05aa37f2 100644 --- a/auth/main.go +++ b/auth/main.go @@ -124,6 +124,12 @@ func main() { h := Handler{ db: dbc.New(db), } + conf, err := LoadConfiguration(h.db) + if err != nil { + e.Logger.Fatal("Could not load configuration: %v", err) + return + } + h.config = conf e.GET("/users", h.ListUsers) diff --git a/auth/sql/migrations/000002_config.down.sql b/auth/sql/migrations/000002_config.down.sql new file mode 100644 index 00000000..2fd15f61 --- /dev/null +++ b/auth/sql/migrations/000002_config.down.sql @@ -0,0 +1,5 @@ +begin; + +drop table config; + +commit; diff --git a/auth/sql/migrations/000002_config.up.sql b/auth/sql/migrations/000002_config.up.sql new file mode 100644 index 00000000..7d9e4b72 --- /dev/null +++ b/auth/sql/migrations/000002_config.up.sql @@ -0,0 +1,8 @@ +begin; + +create table config( + key varchar(256) not null primary key, + value text not null +); + +commit; diff --git a/auth/sql/queries/config.sql b/auth/sql/queries/config.sql new file mode 100644 index 00000000..3f3db9d5 --- /dev/null +++ b/auth/sql/queries/config.sql @@ -0,0 +1,21 @@ +-- name: LoadConfig :many +select + * +from + config; + +-- name: SaveConfig :one +insert into config(key, value) + values ($1, $2) +on conflict (key) + do update set + value = excluded.value + returning + *; + +-- name: DeleteConfig :one +delete from config +where key = $1 +returning + *; +