Auth

jace-ys · Nov 9, 2024 · faafe12 · faafe12
1 parent 0c92c52
commit faafe12
Show file tree

Hide file tree

Showing 77 changed files with 5,017 additions and 545 deletions.
diff --git a/app/api/v1/countup.go b/app/api/v1/countup.go
@@ -26,6 +26,10 @@ var _ = API("countup", func() {
 	})
 })
 
+var JWTAuth = JWTSecurity("jwt", func() {
+	Scope("api")
+})
+
 var CounterInfo = ResultType("application/vnd.countup.counter-info`", "CounterInfo", func() {
 	Field(1, "count", Int32)
 	Field(2, "last_increment_by", String)
@@ -35,12 +39,17 @@ var CounterInfo = ResultType("application/vnd.countup.counter-info`", "CounterIn
 })
 
 var _ = Service("api", func() {
+	Security(JWTAuth, func() {
+		Scope("api")
+	})
+
 	Error("unauthorized")
 	Error("existing_increment_request", func() {
 		Temporary()
 	})
 
 	HTTP(func() {
+		Path("/api/v1")
 		Response("unauthorized", StatusUnauthorized)
 		Response("existing_increment_request", StatusTooManyRequests)
 	})
@@ -50,7 +59,38 @@ var _ = Service("api", func() {
 		Response("existing_increment_request", CodeAlreadyExists)
 	})
 
+	Method("AuthToken", func() {
+		NoSecurity()
+
+		Payload(func() {
+			Field(1, "provider", String, func() {
+				Enum("google")
+			})
+			Field(2, "access_token", String)
+			Required("provider", "access_token")
+		})
+
+		Result(func() {
+			Field(1, "token", String)
+			Required("token")
+		})
+
+		HTTP(func() {
+			POST("/auth/token")
+			Response(StatusOK)
+		})
+
+		GRPC(func() {
+			Response(CodeOK)
+		})
+	})
+
 	Method("CounterGet", func() {
+		Payload(func() {
+			TokenField(1, "token", String)
+			Required("token")
+		})
+
 		Result(CounterInfo)
 
 		HTTP(func() {
@@ -65,14 +105,15 @@ var _ = Service("api", func() {
 
 	Method("CounterIncrement", func() {
 		Payload(func() {
-			Field(1, "user", String)
-			Required("user")
+			TokenField(1, "token", String)
+			Field(2, "user", String)
+			Required("token", "user")
 		})
 
 		Result(CounterInfo)
 
 		HTTP(func() {
-			POST("/counter/inc")
+			POST("/counter")
 			Response(StatusAccepted)
 		})
 
@@ -82,6 +123,8 @@ var _ = Service("api", func() {
 	})
 
 	Method("Echo", func() {
+		NoSecurity()
+
 		Payload(func() {
 			Field(1, "text", String)
 			Required("text")
@@ -106,7 +149,14 @@ var _ = Service("api", func() {
 })
 
 var _ = Service("web", func() {
-	Method("index", func() {
+	Error("unauthorized")
+
+	HTTP(func() {
+		Path("/")
+		Response("unauthorized", StatusUnauthorized)
+	})
+
+	Method("Index", func() {
 		Result(Bytes)
 		HTTP(func() {
 			GET("/")
@@ -116,7 +166,7 @@ var _ = Service("web", func() {
 		})
 	})
 
-	Method("another", func() {
+	Method("Another", func() {
 		Result(Bytes)
 		HTTP(func() {
 			GET("/another")
@@ -126,5 +176,104 @@ var _ = Service("web", func() {
 		})
 	})
 
-	Files("/static/{*path}", "static/")
+	Method("LoginGoogle", func() {
+		Result(func() {
+			Attribute("redirect_url", String)
+			Attribute("session_cookie", String)
+			Required("redirect_url", "session_cookie")
+		})
+
+		HTTP(func() {
+			GET("/login/google")
+			Response(StatusFound, func() {
+				Header("redirect_url:Location", String)
+				Cookie("session_cookie:countup.session")
+				CookieSameSite(CookieSameSiteLax)
+				CookieMaxAge(86400)
+				CookieHTTPOnly()
+				// CookieSecure()
+				CookiePath("/")
+			})
+		})
+	})
+
+	Method("LoginGoogleCallback", func() {
+		Payload(func() {
+			Attribute("code", String)
+			Attribute("state", String)
+			Attribute("session_cookie", String)
+			Required("code", "state", "session_cookie")
+		})
+
+		Result(func() {
+			Attribute("redirect_url", String)
+			Attribute("session_cookie", String)
+			Required("redirect_url", "session_cookie")
+		})
+
+		HTTP(func() {
+			GET("/login/google/callback")
+			Param("code", String)
+			Param("state", String)
+			Cookie("session_cookie:countup.session")
+			Response(StatusFound, func() {
+				Header("redirect_url:Location", String)
+				Cookie("session_cookie:countup.session")
+				CookieSameSite(CookieSameSiteLax)
+				CookieMaxAge(86400)
+				CookieHTTPOnly()
+				// CookieSecure()
+				CookiePath("/")
+			})
+		})
+	})
+
+	Method("Logout", func() {
+		Payload(func() {
+			Attribute("session_cookie", String)
+			Required("session_cookie")
+		})
+
+		Result(func() {
+			Attribute("redirect_url", String)
+			Attribute("session_cookie", String)
+			Required("redirect_url", "session_cookie")
+		})
+
+		HTTP(func() {
+			GET("/logout")
+			Cookie("session_cookie:countup.session")
+			Response(StatusFound, func() {
+				Header("redirect_url:Location", String)
+				Cookie("session_cookie:countup.session")
+				CookieSameSite(CookieSameSiteLax)
+				CookieMaxAge(86400)
+				CookieHTTPOnly()
+				// CookieSecure()
+				CookiePath("/")
+			})
+		})
+	})
+
+	Method("SessionToken", func() {
+		Payload(func() {
+			Attribute("session_cookie", String)
+			Required("session_cookie")
+		})
+
+		Result(func() {
+			Attribute("token", String)
+			Required("token")
+		})
+
+		HTTP(func() {
+			GET("/session/token")
+			Cookie("session_cookie:countup.session")
+			Response(StatusOK, func() {
+				ContentType("application/json")
+			})
+		})
+	})
+
+	Files("/static/*", "static/")
 })
diff --git a/app/api/v1/gen/api/client.go b/app/api/v1/gen/api/client.go
diff --git a/app/api/v1/gen/api/endpoints.go b/app/api/v1/gen/api/endpoints.go