Add BlockSession (#66)
This commit is contained in:
GitHub
parent
07b6d07fce
commit
c6178e9cd3
4
Makefile
4
Makefile
@ -41,7 +41,7 @@ dropdb:
|
||||
docker exec -it postgres dropdb df
|
||||
|
||||
sqlc:
|
||||
sqlc generate
|
||||
cd bff && sqlc generate && cd ..
|
||||
|
||||
sqlcinit:
|
||||
sqlc init
|
||||
@ -56,6 +56,6 @@ server:
|
||||
cd bff && go run main.go && cd ..
|
||||
|
||||
mock:
|
||||
mockgen -package mockdb -destination bff/db/mock/store.go github.com/itsscb/df/bff/db/sqlc Store
|
||||
cd bff && mockgen -package mockdb -destination db/mock/store.go github.com/itsscb/df/bff/db/sqlc Store && cd ..
|
||||
|
||||
.PHONY: postgres migratenew createdb dropdb migrateup migratedown sqlc sqlcinit test server backend_build backend backend-stop reset_docker
|
||||
|
||||
@ -63,6 +63,7 @@ func NewServer(config util.Config, store db.Store) (*Server, error) {
|
||||
authRoutes.PUT("/accounts/privacy", server.updateAccountPrivacy)
|
||||
authRoutes.GET("/accounts/:id", server.getAccount)
|
||||
authRoutes.GET("/accounts", server.listAccounts)
|
||||
authRoutes.POST("/sessions", server.blockSession)
|
||||
|
||||
server.router = router
|
||||
return server, nil
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/google/uuid"
|
||||
db "github.com/itsscb/df/bff/db/sqlc"
|
||||
"github.com/itsscb/df/bff/token"
|
||||
"github.com/itsscb/df/bff/util"
|
||||
)
|
||||
|
||||
@ -91,3 +92,57 @@ func (server *Server) loginAccount(ctx *gin.Context) {
|
||||
}
|
||||
ctx.JSON(http.StatusOK, rsp)
|
||||
}
|
||||
|
||||
type blockSessionRequest struct {
|
||||
ID uuid.UUID `json:"session_id"`
|
||||
}
|
||||
|
||||
func (server *Server) blockSession(ctx *gin.Context) {
|
||||
var req blockSessionRequest
|
||||
if err := ctx.ShouldBindJSON(&req); err != nil {
|
||||
ctx.JSON(http.StatusBadRequest, errorResponse(err))
|
||||
return
|
||||
}
|
||||
|
||||
authorizationPayload, ok := ctx.Get(authorizationPayloadKey)
|
||||
if !ok {
|
||||
ctx.JSON(http.StatusUnauthorized, nil)
|
||||
return
|
||||
}
|
||||
|
||||
payload := authorizationPayload.(*token.Payload)
|
||||
|
||||
session, err := server.store.GetSession(ctx, req.ID)
|
||||
if err != nil {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
ctx.JSON(http.StatusUnauthorized, errorResponse(errors.New("unauthorized")))
|
||||
return
|
||||
}
|
||||
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
|
||||
return
|
||||
}
|
||||
|
||||
if session.IsBlocked {
|
||||
ctx.JSON(http.StatusAlreadyReported, errorResponse(errors.New("already blocked")))
|
||||
return
|
||||
}
|
||||
|
||||
if session.Email != payload.Email {
|
||||
ctx.JSON(http.StatusUnauthorized, errorResponse(errors.New("unauthorized")))
|
||||
return
|
||||
}
|
||||
|
||||
err = server.store.BlockSession(ctx, session.ID)
|
||||
if err != nil {
|
||||
ctx.JSON(http.StatusInternalServerError, errorResponse(err))
|
||||
return
|
||||
}
|
||||
|
||||
rsp := struct {
|
||||
Ok bool
|
||||
}{
|
||||
Ok: true,
|
||||
}
|
||||
|
||||
ctx.JSON(http.StatusOK, rsp)
|
||||
}
|
||||
|
||||
@ -40,6 +40,20 @@ func (m *MockStore) EXPECT() *MockStoreMockRecorder {
|
||||
return m.recorder
|
||||
}
|
||||
|
||||
// BlockSession mocks base method.
|
||||
func (m *MockStore) BlockSession(arg0 context.Context, arg1 uuid.UUID) error {
|
||||
m.ctrl.T.Helper()
|
||||
ret := m.ctrl.Call(m, "BlockSession", arg0, arg1)
|
||||
ret0, _ := ret[0].(error)
|
||||
return ret0
|
||||
}
|
||||
|
||||
// BlockSession indicates an expected call of BlockSession.
|
||||
func (mr *MockStoreMockRecorder) BlockSession(arg0, arg1 any) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BlockSession", reflect.TypeOf((*MockStore)(nil).BlockSession), arg0, arg1)
|
||||
}
|
||||
|
||||
// CreateAccount mocks base method.
|
||||
func (m *MockStore) CreateAccount(arg0 context.Context, arg1 db.CreateAccountParams) (db.Account, error) {
|
||||
m.ctrl.T.Helper()
|
||||
|
||||
@ -14,3 +14,9 @@ INSERT INTO sessions (
|
||||
-- name: GetSession :one
|
||||
SELECT * FROM sessions
|
||||
WHERE id = $1 LIMIT 1;
|
||||
|
||||
-- name: BlockSession :exec
|
||||
UPDATE sessions
|
||||
SET
|
||||
"is_blocked" = true
|
||||
WHERE "id" = sqlc.arg(id);
|
||||
@ -11,6 +11,7 @@ import (
|
||||
)
|
||||
|
||||
type Querier interface {
|
||||
BlockSession(ctx context.Context, id uuid.UUID) error
|
||||
CreateAccount(ctx context.Context, arg CreateAccountParams) (Account, error)
|
||||
CreateDocumentMail(ctx context.Context, arg CreateDocumentMailParams) (Document, error)
|
||||
CreateDocumentUpload(ctx context.Context, arg CreateDocumentUploadParams) (Document, error)
|
||||
|
||||
@ -12,6 +12,18 @@ import (
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
const blockSession = `-- name: BlockSession :exec
|
||||
UPDATE sessions
|
||||
SET
|
||||
"is_blocked" = true
|
||||
WHERE "id" = $1
|
||||
`
|
||||
|
||||
func (q *Queries) BlockSession(ctx context.Context, id uuid.UUID) error {
|
||||
_, err := q.db.ExecContext(ctx, blockSession, id)
|
||||
return err
|
||||
}
|
||||
|
||||
const createSession = `-- name: CreateSession :one
|
||||
INSERT INTO sessions (
|
||||
id,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user