Add query to get token

Resolves #16
2021-07-15 17:32:55 +05:30
parent 1d6191cbcb
commit 699c49ade0
7 changed files with 123 additions and 42 deletions
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@@ -39,7 +39,8 @@ type ResolverRoot interface {
 	Query() QueryResolver
 }

-type DirectiveRoot struct{}
+type DirectiveRoot struct {
+}

 type ComplexityRoot struct {
 	Error struct {
@@ -48,9 +49,10 @@ type ComplexityRoot struct {
 	}

 	LoginResponse struct {
-		AccessToken func(childComplexity int) int
-		Message     func(childComplexity int) int
-		User        func(childComplexity int) int
+		AccessToken          func(childComplexity int) int
+		AccessTokenExpiresAt func(childComplexity int) int
+		Message              func(childComplexity int) int
+		User                 func(childComplexity int) int
 	}

 	Mutation struct {
@@ -104,7 +106,6 @@ type MutationResolver interface {
 	Login(ctx context.Context, params model.LoginInput) (*model.LoginResponse, error)
 	Logout(ctx context.Context) (*model.Response, error)
 }
-
 type QueryResolver interface {
 	Users(ctx context.Context) ([]*model.User, error)
 	Token(ctx context.Context) (*model.LoginResponse, error)
@@ -146,6 +147,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.LoginResponse.AccessToken(childComplexity), true

+	case "LoginResponse.accessTokenExpiresAt":
+		if e.complexity.LoginResponse.AccessTokenExpiresAt == nil {
+			break
+		}
+
+		return e.complexity.LoginResponse.AccessTokenExpiresAt(childComplexity), true
+
 	case "LoginResponse.message":
 		if e.complexity.LoginResponse.Message == nil {
 			break
@@ -457,6 +465,7 @@ type Error {
 type LoginResponse {
  message: String!
  accessToken: String
+  accessTokenExpiresAt: Int64
  user: User
 }

@@ -741,6 +750,38 @@ func (ec *executionContext) _LoginResponse_accessToken(ctx context.Context, fiel
 	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
 }

+func (ec *executionContext) _LoginResponse_accessTokenExpiresAt(ctx context.Context, field graphql.CollectedField, obj *model.LoginResponse) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "LoginResponse",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.AccessTokenExpiresAt, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*int64)
+	fc.Result = res
+	return ec.marshalOInt642ᚖint64(ctx, field.Selections, res)
+}
+
 func (ec *executionContext) _LoginResponse_user(ctx context.Context, field graphql.CollectedField, obj *model.LoginResponse) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
@@ -2819,7 +2860,7 @@ func (ec *executionContext) ___Type_ofType(ctx context.Context, field graphql.Co

 func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj interface{}) (model.LoginInput, error) {
 	var it model.LoginInput
-	asMap := obj.(map[string]interface{})
+	var asMap = obj.(map[string]interface{})

 	for k, v := range asMap {
 		switch k {
@@ -2847,7 +2888,7 @@ func (ec *executionContext) unmarshalInputLoginInput(ctx context.Context, obj in

 func (ec *executionContext) unmarshalInputSignUpInput(ctx context.Context, obj interface{}) (model.SignUpInput, error) {
 	var it model.SignUpInput
-	asMap := obj.(map[string]interface{})
+	var asMap = obj.(map[string]interface{})

 	for k, v := range asMap {
 		switch k {
@@ -2907,7 +2948,7 @@ func (ec *executionContext) unmarshalInputSignUpInput(ctx context.Context, obj i

 func (ec *executionContext) unmarshalInputVerifySignupTokenInput(ctx context.Context, obj interface{}) (model.VerifySignupTokenInput, error) {
 	var it model.VerifySignupTokenInput
-	asMap := obj.(map[string]interface{})
+	var asMap = obj.(map[string]interface{})

 	for k, v := range asMap {
 		switch k {
@@ -2983,6 +3024,8 @@ func (ec *executionContext) _LoginResponse(ctx context.Context, sel ast.Selectio
 			}
 		case "accessToken":
 			out.Values[i] = ec._LoginResponse_accessToken(ctx, field, obj)
+		case "accessTokenExpiresAt":
+			out.Values[i] = ec._LoginResponse_accessTokenExpiresAt(ctx, field, obj)
 		case "user":
 			out.Values[i] = ec._LoginResponse_user(ctx, field, obj)
 		default:
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@@ -13,9 +13,10 @@ type LoginInput struct {
 }

 type LoginResponse struct {
-	Message     string  `json:"message"`
-	AccessToken *string `json:"accessToken"`
-	User        *User   `json:"user"`
+	Message              string  `json:"message"`
+	AccessToken          *string `json:"accessToken"`
+	AccessTokenExpiresAt *int64  `json:"accessTokenExpiresAt"`
+	User                 *User   `json:"user"`
 }

 type Response struct {
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@@ -34,6 +34,7 @@ type Error {
 type LoginResponse {
  message: String!
  accessToken: String
+  accessTokenExpiresAt: Int64
  user: User
 }

--- a/server/graph/schema.resolvers.go
+++ b/server/graph/schema.resolvers.go
@@ -38,23 +38,23 @@ func (r *mutationResolver) VerifySignupToken(ctx context.Context, params model.V
 		return res, errors.New(`Invalid token`)
 	}

-	// update email_verified_at in users table
-	db.Mgr.UpdateVerificationTime(time.Now().Unix(), claim.Email)
-	// delete from verification table
-	db.Mgr.DeleteToken(claim.Email)
-
 	user, err := db.Mgr.GetUserByEmail(claim.Email)
 	if err != nil {
 		return res, err
 	}

+	// update email_verified_at in users table
+	db.Mgr.UpdateVerificationTime(time.Now().Unix(), user.ID)
+	// delete from verification table
+	db.Mgr.DeleteToken(claim.Email)
+
 	userIdStr := fmt.Sprintf("%d", user.ID)
-	refreshToken, _ := utils.CreateAuthToken(utils.UserAuthInfo{
+	refreshToken, _, _ := utils.CreateAuthToken(utils.UserAuthInfo{
 		ID:    userIdStr,
 		Email: user.Email,
 	}, enum.RefreshToken)

-	accessToken, _ := utils.CreateAuthToken(utils.UserAuthInfo{
+	accessToken, expiresAt, _ := utils.CreateAuthToken(utils.UserAuthInfo{
 		ID:    userIdStr,
 		Email: user.Email,
 	}, enum.AccessToken)
@@ -62,8 +62,9 @@ func (r *mutationResolver) VerifySignupToken(ctx context.Context, params model.V
 	session.SetToken(userIdStr, refreshToken)

 	res = &model.LoginResponse{
-		Message:     `Email verified successfully.`,
-		AccessToken: &accessToken,
+		Message:              `Email verified successfully.`,
+		AccessToken:          &accessToken,
+		AccessTokenExpiresAt: &expiresAt,
 		User: &model.User{
 			ID:        userIdStr,
 			Email:     user.Email,
@@ -165,18 +166,23 @@ func (r *mutationResolver) Login(ctx context.Context, params model.LoginInput) (
 		return res, errors.New(`Email not verified`)
 	}
 	// match password
+	log.Println("params Pass", params.Password)
+	log.Println("hashed pass", user.Password)
+	cost, err := bcrypt.Cost([]byte(user.Password))
+	log.Println(cost, err)
 	err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(params.Password))
+
 	if err != nil {
 		log.Println("Compare password error:", err)
 		return res, errors.New(`Invalid Password`)
 	}
 	userIdStr := fmt.Sprintf("%d", user.ID)
-	refreshToken, _ := utils.CreateAuthToken(utils.UserAuthInfo{
+	refreshToken, _, _ := utils.CreateAuthToken(utils.UserAuthInfo{
 		ID:    userIdStr,
 		Email: user.Email,
 	}, enum.RefreshToken)

-	accessToken, _ := utils.CreateAuthToken(utils.UserAuthInfo{
+	accessToken, expiresAt, _ := utils.CreateAuthToken(utils.UserAuthInfo{
 		ID:    userIdStr,
 		Email: user.Email,
 	}, enum.AccessToken)
@@ -184,8 +190,9 @@ func (r *mutationResolver) Login(ctx context.Context, params model.LoginInput) (
 	session.SetToken(userIdStr, refreshToken)

 	res = &model.LoginResponse{
-		Message:     `Logged in successfully`,
-		AccessToken: &accessToken,
+		Message:              `Logged in successfully`,
+		AccessToken:          &accessToken,
+		AccessTokenExpiresAt: &expiresAt,
 		User: &model.User{
 			ID:        userIdStr,
 			Email:     user.Email,
@@ -259,22 +266,40 @@ func (r *queryResolver) Token(ctx context.Context) (*model.LoginResponse, error)
 		return res, err
 	}

-	claim, err := utils.VerifyAuthToken(token)
-	if err != nil {
-		// generate new accessToken
-		return res, err
-	}
+	claim, accessTokenErr := utils.VerifyAuthToken(token)
+	expiresAt := claim.ExpiresAt

 	user, err := db.Mgr.GetUserByEmail(claim.Email)
 	if err != nil {
 		return res, err
 	}

+	userIdStr := fmt.Sprintf("%d", user.ID)
+
+	sessionToken := session.GetToken(userIdStr)
+
+	if sessionToken == "" {
+		return res, errors.New(`Unauthorized`)
+	}
+	// TODO check if session token has expired
+
+	if accessTokenErr != nil {
+		// if access token has expired and refresh/session token is valid
+		// generate new accessToken
+		fmt.Println(`here... getting new accesstoken`)
+		token, expiresAt, _ = utils.CreateAuthToken(utils.UserAuthInfo{
+			ID:    userIdStr,
+			Email: user.Email,
+		}, enum.AccessToken)
+
+	}
+	utils.SetCookie(gc, token)
 	res = &model.LoginResponse{
-		Message:     `Email verified successfully.`,
-		AccessToken: &token,
+		Message:              `Email verified successfully.`,
+		AccessToken:          &token,
+		AccessTokenExpiresAt: &expiresAt,
 		User: &model.User{
-			ID:        fmt.Sprintf("%d", user.ID),
+			ID:        userIdStr,
 			Email:     user.Email,
 			Image:     &user.Image,
 			FirstName: &user.FirstName,