auth

Prrromanssss · Apr 20, 2024 · 25b13fb · 25b13fb
1 parent 6ca41ad
commit 25b13fb
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 56 deletions.
diff --git a/backend/internal/agent/agent.go b/backend/internal/agent/agent.go
@@ -147,7 +147,9 @@ func (a *Agent) RunSimpleComputer(ctx context.Context, exprMsg *messages.Express
 	if err != nil {
 		return fmt.Errorf("can't convert int to str: %v, fn: %s", err, fn)
 	}
-
+	if int(exprMsg.UserID) == 0 {
+		a.log.Warn("", slog.String("oper", oper), slog.Int("userID", int(exprMsg.UserID)))
+	}
 	time_for_oper, err := a.dbConfig.Queries.GetOperationTimeByType(ctx, postgres.GetOperationTimeByTypeParams{
 		OperationType: oper,
 		UserID:        exprMsg.UserID,

diff --git a/backend/internal/lib/jwt/jwt.go b/backend/internal/lib/jwt/jwt.go
@@ -1,10 +1,13 @@
 package jwt
 
 import (
+	"errors"
 	"fmt"
 	"log"
+	"net/http"
 	"os"
 	"path/filepath"
+	"strings"
 	"time"
 
 	"github.com/Prrromanssss/DAEE-fullstack/internal/storage/postgres"
@@ -42,3 +45,55 @@ func NewToken(user postgres.User, duration time.Duration) (string, error) {
 
 	return tokenString, nil
 }
+
+func getTokenFromHeader(r *http.Request) (string, error) {
+	authHeader := r.Header.Get("Authorization")
+	if authHeader == "" {
+		return "", fmt.Errorf("authorization header is missing")
+	}
+
+	// Checks that header starts with "Bearer".
+	parts := strings.Split(authHeader, " ")
+	if len(parts) != 2 || parts[0] != "Bearer" {
+		return "", fmt.Errorf("invalid Authorization header format")
+	}
+
+	return parts[1], nil // returns token without "Bearer".
+}
+
+func GetUidFromJWT(r *http.Request, secret string) (int32, error) {
+	jwtToken, err := getTokenFromHeader(r)
+	if err != nil {
+		return 0, err
+	}
+
+	// Parse JWT Token.
+	token, err := jwt.Parse(jwtToken, func(token *jwt.Token) (interface{}, error) {
+		return []byte(secret), nil
+	})
+	if err != nil {
+		return 0, err
+	}
+
+	if !token.Valid {
+		return 0, errors.New("token is invalid")
+	}
+
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok {
+		return 0, errors.New("error in map claims")
+	}
+
+	userIDFloat, ok := claims["uid"].(float64)
+	if !ok {
+		return 0, errors.New("jwt token does not contain uid")
+	}
+
+	userID := int32(userIDFloat)
+
+	if userID == 0 {
+		return 0, errors.New("userID == 0")
+	}
+
+	return userID, nil
+}
diff --git a/backend/internal/lib/jwt/jwt_from_header.go b/backend/internal/lib/jwt/jwt_from_header.go
diff --git a/backend/internal/orchestrator/orchestrator.go b/backend/internal/orchestrator/orchestrator.go
@@ -60,6 +60,7 @@ func (o *Orchestrator) AddTask(
 			ExpressionID: expressionMessage.ExpressionID,
 			Token:        token,
 			Expression:   expressionMessage.Expression,
+			UserID:       expressionMessage.UserID,
 		})
 		if err != nil {
 			o.log.Error("can't publish token to queue", sl.Err(err), slog.String("fn", fn))
@@ -226,6 +227,7 @@ func (o *Orchestrator) HandleExpression(
 			ExpressionID: exprMsg.ExpressionID,
 			Token:        newResultAndToken.Token,
 			Expression:   newResultAndToken.Result,
+			UserID:       exprMsg.UserID,
 		})
 		if err != nil {
 			return fmt.Errorf("orchestrator error: %v, fn: %s", err, fn)

diff --git a/backend/sql/schema/0005_operations.sql b/backend/sql/schema/0005_operations.sql
@@ -1,11 +1,12 @@
 -- +goose Up
 CREATE TABLE IF NOT EXISTS operations (
     operation_id int GENERATED ALWAYS AS IDENTITY,
-    operation_type varchar(1) UNIQUE NOT NULL,
+    operation_type varchar(1) NOT NULL,
     execution_time int NOT NULL DEFAULT 100,
     user_id int NOT NULL,
 
     PRIMARY KEY(operation_id),
+    CONSTRAINT operation_type_user_id UNIQUE(operation_type, user_id),
     FOREIGN KEY(user_id) 
 	  REFERENCES users(user_id)
 	  ON DELETE CASCADE