From 647158aa5720c902344f81a01366af992c160637 Mon Sep 17 00:00:00 2001
From: Lakhan Samani <lakhan.m.samani@gmail.com>
Date: Wed, 28 Jul 2021 23:53:54 +0530
Subject: [PATCH] fix: handle signup token

---
 Dockerfile                 |  2 +-
 server/env.go              |  6 ------
 server/handlers/graphql.go |  4 ++++
 server/resolvers/signup.go |  2 +-
 server/utils/cookie.go     |  9 ++++++---
 server/utils/urls.go       | 40 +++++++++++++++++++-------------------
 6 files changed, 32 insertions(+), 31 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d1d3a17..5d77091 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,7 @@ ENV VERSION="${VERSION}"
 RUN apk add build-base &&\
     cd server && \
     go mod download && \
-    go build && \
+    make clean && make && \
     chmod 777 server
 
 FROM alpine:latest
diff --git a/server/env.go b/server/env.go
index 94fb1cf..74e3d17 100644
--- a/server/env.go
+++ b/server/env.go
@@ -93,12 +93,6 @@ func InitEnv() {
 		panic("Database type is required")
 	}
 
-	if constants.AUTHORIZER_DOMAIN == "" {
-		panic("Authroizer domain is required")
-	}
-
-	log.Println("=> Authorizer domain=", constants.AUTHORIZER_DOMAIN)
-
 	if constants.JWT_TYPE == "" {
 		constants.JWT_TYPE = "HS256"
 	}
diff --git a/server/handlers/graphql.go b/server/handlers/graphql.go
index e55323f..a6b2348 100644
--- a/server/handlers/graphql.go
+++ b/server/handlers/graphql.go
@@ -2,6 +2,7 @@ package handlers
 
 import (
 	"github.com/99designs/gqlgen/graphql/handler"
+	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/graph"
 	"github.com/authorizerdev/authorizer/server/graph/generated"
 	"github.com/gin-gonic/gin"
@@ -14,6 +15,9 @@ func GraphqlHandler() gin.HandlerFunc {
 	h := handler.NewDefaultServer(generated.NewExecutableSchema(generated.Config{Resolvers: &graph.Resolver{}}))
 
 	return func(c *gin.Context) {
+		if constants.AUTHORIZER_DOMAIN == "" {
+			constants.AUTHORIZER_DOMAIN = "https://" + c.Request.Host
+		}
 		h.ServeHTTP(c.Writer, c.Request)
 	}
 }
diff --git a/server/resolvers/signup.go b/server/resolvers/signup.go
index 2e00ac7..d1884ca 100644
--- a/server/resolvers/signup.go
+++ b/server/resolvers/signup.go
@@ -64,7 +64,7 @@ func Signup(ctx context.Context, params model.SignUpInput) (*model.AuthResponse,
 	if constants.DISABLE_EMAIL_VERICATION == "true" {
 		user.EmailVerifiedAt = time.Now().Unix()
 	}
-	_, err = db.Mgr.SaveUser(user)
+	user, err = db.Mgr.SaveUser(user)
 	if err != nil {
 		return res, err
 	}
diff --git a/server/utils/cookie.go b/server/utils/cookie.go
index 5342323..7b6194c 100644
--- a/server/utils/cookie.go
+++ b/server/utils/cookie.go
@@ -1,6 +1,7 @@
 package utils
 
 import (
+	"log"
 	"net/http"
 
 	"github.com/authorizerdev/authorizer/server/constants"
@@ -11,8 +12,10 @@ func SetCookie(gc *gin.Context, token string) {
 	secure := true
 	httpOnly := true
 
+	host := GetDomainName(gc.Request.Host)
+	log.Println("=> host", host)
 	gc.SetSameSite(http.SameSiteNoneMode)
-	gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", gc.Request.Host, secure, httpOnly)
+	gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly)
 }
 
 func GetCookie(gc *gin.Context) (string, error) {
@@ -32,7 +35,7 @@ func DeleteCookie(gc *gin.Context) {
 		secure = false
 	}
 
+	host := GetDomainName(gc.Request.Host)
 	gc.SetSameSite(http.SameSiteNoneMode)
-
-	gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", gc.Request.Host, secure, httpOnly)
+	gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", host, secure, httpOnly)
 }
diff --git a/server/utils/urls.go b/server/utils/urls.go
index e249ea0..accf01a 100644
--- a/server/utils/urls.go
+++ b/server/utils/urls.go
@@ -2,36 +2,36 @@ package utils
 
 import (
 	"net/url"
-	"strings"
-
-	"github.com/authorizerdev/authorizer/server/constants"
 )
 
-func GetDomainName() string {
-	u, err := url.Parse(constants.FRONTEND_URL)
+// function to get hostname
+func GetDomainName(auth_url string) string {
+	u, err := url.Parse("//" + auth_url)
 	if err != nil {
 		return `localhost`
 	}
 
 	host := u.Hostname()
-	hostParts := strings.Split(host, ".")
-	hostPartsLen := len(hostParts)
 
-	if hostPartsLen == 1 {
-		return host
-	}
+	// code to get root domain in case of sub-domains
+	// hostParts := strings.Split(host, ".")
+	// hostPartsLen := len(hostParts)
 
-	if hostPartsLen == 2 {
-		if hostParts[0] == "www" {
-			return hostParts[1]
-		} else {
-			return host
-		}
-	}
+	// if hostPartsLen == 1 {
+	// 	return host
+	// }
 
-	if hostPartsLen > 2 {
-		return strings.Join(hostParts[hostPartsLen-2:], ".")
-	}
+	// if hostPartsLen == 2 {
+	// 	if hostParts[0] == "www" {
+	// 		return hostParts[1]
+	// 	} else {
+	// 		return host
+	// 	}
+	// }
+
+	// if hostPartsLen > 2 {
+	// 	return strings.Join(hostParts[hostPartsLen-2:], ".")
+	// }
 
 	return host
 }