itsscb/df
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add BlockSession (#66)

Browse Source
This commit is contained in:
itsscb 2023-10-02 23:32:16 +02:00 committed by GitHub
parent 07b6d07fce
commit c6178e9cd3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 92 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -41,7 +41,7 @@ dropdb:
docker exec -it postgres dropdb df docker exec -it postgres dropdb df
sqlc: sqlc:
sqlc generate cd bff && sqlc generate && cd ..
sqlcinit: sqlcinit:
sqlc init sqlc init
@ -56,6 +56,6 @@ server:
cd bff && go run main.go && cd .. cd bff && go run main.go && cd ..
mock: mock:
mockgen -package mockdb -destination bff/db/mock/store.go github.com/itsscb/df/bff/db/sqlc Store cd bff && mockgen -package mockdb -destination db/mock/store.go github.com/itsscb/df/bff/db/sqlc Store && cd ..
.PHONY: postgres migratenew createdb dropdb migrateup migratedown sqlc sqlcinit test server backend_build backend backend-stop reset_docker .PHONY: postgres migratenew createdb dropdb migrateup migratedown sqlc sqlcinit test server backend_build backend backend-stop reset_docker

1
bff/api/server.go
View File

@ -63,6 +63,7 @@ func NewServer(config util.Config, store db.Store) (*Server, error) {
authRoutes.PUT("/accounts/privacy", server.updateAccountPrivacy) authRoutes.PUT("/accounts/privacy", server.updateAccountPrivacy)
authRoutes.GET("/accounts/:id", server.getAccount) authRoutes.GET("/accounts/:id", server.getAccount)
authRoutes.GET("/accounts", server.listAccounts) authRoutes.GET("/accounts", server.listAccounts)
authRoutes.POST("/sessions", server.blockSession)
server.router = router server.router = router
return server, nil return server, nil

55
bff/api/session.go
View File

@ -9,6 +9,7 @@ import (
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/google/uuid" "github.com/google/uuid"
db "github.com/itsscb/df/bff/db/sqlc" db "github.com/itsscb/df/bff/db/sqlc"
"github.com/itsscb/df/bff/token"
"github.com/itsscb/df/bff/util" "github.com/itsscb/df/bff/util"
) )
@ -91,3 +92,57 @@ func (server *Server) loginAccount(ctx *gin.Context) {
} }
ctx.JSON(http.StatusOK, rsp) ctx.JSON(http.StatusOK, rsp)
} }
type blockSessionRequest struct {
ID uuid.UUID `json:"session_id"`
}
func (server *Server) blockSession(ctx *gin.Context) {
var req blockSessionRequest
if err := ctx.ShouldBindJSON(&req); err != nil {
ctx.JSON(http.StatusBadRequest, errorResponse(err))
return
}
authorizationPayload, ok := ctx.Get(authorizationPayloadKey)
if !ok {
ctx.JSON(http.StatusUnauthorized, nil)
return
}
payload := authorizationPayload.(*token.Payload)
session, err := server.store.GetSession(ctx, req.ID)
if err != nil {
if errors.Is(err, sql.ErrNoRows) {
ctx.JSON(http.StatusUnauthorized, errorResponse(errors.New("unauthorized")))
return
}
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
return
}
if session.IsBlocked {
ctx.JSON(http.StatusAlreadyReported, errorResponse(errors.New("already blocked")))
return
}
if session.Email != payload.Email {
ctx.JSON(http.StatusUnauthorized, errorResponse(errors.New("unauthorized")))
return
}
err = server.store.BlockSession(ctx, session.ID)
if err != nil {
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
return
}
rsp := struct {
Ok bool
}{
Ok: true,
}
ctx.JSON(http.StatusOK, rsp)
}

14
bff/db/mock/store.go
View File

@ -40,6 +40,20 @@ func (m *MockStore) EXPECT() *MockStoreMockRecorder {
return m.recorder return m.recorder
} }
// BlockSession mocks base method.
func (m *MockStore) BlockSession(arg0 context.Context, arg1 uuid.UUID) error {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "BlockSession", arg0, arg1)
ret0, _ := ret[0].(error)
return ret0
}
// BlockSession indicates an expected call of BlockSession.
func (mr *MockStoreMockRecorder) BlockSession(arg0, arg1 any) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BlockSession", reflect.TypeOf((*MockStore)(nil).BlockSession), arg0, arg1)
}
// CreateAccount mocks base method. // CreateAccount mocks base method.
func (m *MockStore) CreateAccount(arg0 context.Context, arg1 db.CreateAccountParams) (db.Account, error) { func (m *MockStore) CreateAccount(arg0 context.Context, arg1 db.CreateAccountParams) (db.Account, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()

8
bff/db/query/session.sql
View File

@ -13,4 +13,10 @@ INSERT INTO sessions (
-- name: GetSession :one -- name: GetSession :one
SELECT * FROM sessions SELECT * FROM sessions
WHERE id = $1 LIMIT 1; WHERE id = $1 LIMIT 1;
-- name: BlockSession :exec
UPDATE sessions
SET
"is_blocked" = true
WHERE "id" = sqlc.arg(id);

1
bff/db/sqlc/querier.go
View File

@ -11,6 +11,7 @@ import (
) )
type Querier interface { type Querier interface {
BlockSession(ctx context.Context, id uuid.UUID) error
CreateAccount(ctx context.Context, arg CreateAccountParams) (Account, error) CreateAccount(ctx context.Context, arg CreateAccountParams) (Account, error)
CreateDocumentMail(ctx context.Context, arg CreateDocumentMailParams) (Document, error) CreateDocumentMail(ctx context.Context, arg CreateDocumentMailParams) (Document, error)
CreateDocumentUpload(ctx context.Context, arg CreateDocumentUploadParams) (Document, error) CreateDocumentUpload(ctx context.Context, arg CreateDocumentUploadParams) (Document, error)

12
bff/db/sqlc/session.sql.go
View File

@ -12,6 +12,18 @@ import (
"github.com/google/uuid" "github.com/google/uuid"
) )
const blockSession = `-- name: BlockSession :exec
UPDATE sessions
SET
"is_blocked" = true
WHERE "id" = $1
`
func (q *Queries) BlockSession(ctx context.Context, id uuid.UUID) error {
_, err := q.db.ExecContext(ctx, blockSession, id)
return err
}
const createSession = `-- name: CreateSession :one const createSession = `-- name: CreateSession :one
INSERT INTO sessions ( INSERT INTO sessions (
id, id,