Add user token renew (#113)

This commit is contained in:
konrad 2019-12-07 19:52:04 +00:00
parent 10ab8ef4d9
commit 62e550bf35
5 changed files with 134 additions and 22 deletions

View file

@ -19,6 +19,7 @@ package v1
import ( import (
"code.vikunja.io/api/pkg/models" "code.vikunja.io/api/pkg/models"
"code.vikunja.io/web/handler" "code.vikunja.io/web/handler"
"github.com/dgrijalva/jwt-go"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
"net/http" "net/http"
) )
@ -59,3 +60,36 @@ func Login(c echo.Context) error {
return c.JSON(http.StatusOK, Token{Token: t}) return c.JSON(http.StatusOK, Token{Token: t})
} }
// RenewToken gives a new token to every user with a valid token
// If the token is valid is checked in the middleware.
// @Summary Renew user token
// @Description Returns a new valid jwt user token with an extended length.
// @tags user
// @Accept json
// @Produce json
// @Success 200 {object} v1.Token
// @Failure 400 {object} models.Message "Only user token are available for renew."
// @Router /user/token [post]
func RenewToken(c echo.Context) error {
jwtinf := c.Get("user").(*jwt.Token)
claims := jwtinf.Claims.(jwt.MapClaims)
typ := int(claims["type"].(float64))
if typ != AuthTypeUser {
return echo.ErrBadRequest
}
user, err := models.GetUserFromClaims(claims)
if err != nil {
return handler.HandleHTTPError(err, c)
}
// Create token
t, err := NewUserJWTAuthtoken(user)
if err != nil {
return err
}
return c.JSON(http.StatusOK, Token{Token: t})
}

View file

@ -190,6 +190,7 @@ func registerAPIRoutes(a *echo.Group) {
a.GET("/user", apiv1.UserShow) a.GET("/user", apiv1.UserShow)
a.POST("/user/password", apiv1.UserChangePassword) a.POST("/user/password", apiv1.UserChangePassword)
a.GET("/users", apiv1.UserList) a.GET("/users", apiv1.UserList)
a.POST("/user/token", apiv1.RenewToken)
listHandler := &handler.WebHandler{ listHandler := &handler.WebHandler{
EmptyStruct: func() handler.CObject { EmptyStruct: func() handler.CObject {

View file

@ -1,6 +1,6 @@
// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT // GENERATED BY THE COMMAND ABOVE; DO NOT EDIT
// This file was generated by swaggo/swag at // This file was generated by swaggo/swag at
// 2019-12-05 22:15:49.761451764 +0100 CET m=+0.171539379 // 2019-12-07 20:29:10.551783293 +0100 CET m=+0.172017440
package swagger package swagger
@ -407,7 +407,7 @@ var doc = `{
"JWTKeyAuth": [] "JWTKeyAuth": []
} }
], ],
"description": "Returns a team by its ID.", "description": "Returns a list by its ID.",
"consumes": [ "consumes": [
"application/json" "application/json"
], ],
@ -415,13 +415,13 @@ var doc = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"team" "list"
], ],
"summary": "Gets one team", "summary": "Gets one list",
"parameters": [ "parameters": [
{ {
"type": "integer", "type": "integer",
"description": "Team ID", "description": "List ID",
"name": "id", "name": "id",
"in": "path", "in": "path",
"required": true "required": true
@ -429,13 +429,13 @@ var doc = `{
], ],
"responses": { "responses": {
"200": { "200": {
"description": "The team", "description": "The list",
"schema": { "schema": {
"$ref": "#/definitions/models.Team" "$ref": "#/definitions/models.List"
} }
}, },
"403": { "403": {
"description": "The user does not have access to the team", "description": "The user does not have access to the list",
"schema": { "schema": {
"$ref": "#/definitions/code.vikunja.io.web.HTTPError" "$ref": "#/definitions/code.vikunja.io.web.HTTPError"
} }
@ -4285,6 +4285,35 @@ var doc = `{
} }
} }
}, },
"/user/token": {
"post": {
"description": "Returns a new valid jwt user token with an extended length.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"user"
],
"summary": "Renew user token",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/v1.Token"
}
},
"400": {
"description": "Only user token are available for renew.",
"schema": {
"$ref": "#/definitions/models.Message"
}
}
}
}
},
"/users": { "/users": {
"get": { "get": {
"security": [ "security": [

View file

@ -389,7 +389,7 @@
"JWTKeyAuth": [] "JWTKeyAuth": []
} }
], ],
"description": "Returns a team by its ID.", "description": "Returns a list by its ID.",
"consumes": [ "consumes": [
"application/json" "application/json"
], ],
@ -397,13 +397,13 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"team" "list"
], ],
"summary": "Gets one team", "summary": "Gets one list",
"parameters": [ "parameters": [
{ {
"type": "integer", "type": "integer",
"description": "Team ID", "description": "List ID",
"name": "id", "name": "id",
"in": "path", "in": "path",
"required": true "required": true
@ -411,13 +411,13 @@
], ],
"responses": { "responses": {
"200": { "200": {
"description": "The team", "description": "The list",
"schema": { "schema": {
"$ref": "#/definitions/models.Team" "$ref": "#/definitions/models.List"
} }
}, },
"403": { "403": {
"description": "The user does not have access to the team", "description": "The user does not have access to the list",
"schema": { "schema": {
"$ref": "#/definitions/code.vikunja.io/web.HTTPError" "$ref": "#/definitions/code.vikunja.io/web.HTTPError"
} }
@ -4267,6 +4267,35 @@
} }
} }
}, },
"/user/token": {
"post": {
"description": "Returns a new valid jwt user token with an extended length.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"user"
],
"summary": "Renew user token",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/v1.Token"
}
},
"400": {
"description": "Only user token are available for renew.",
"schema": {
"$ref": "#/definitions/models.Message"
}
}
}
}
},
"/users": { "/users": {
"get": { "get": {
"security": [ "security": [

View file

@ -1133,9 +1133,9 @@ paths:
get: get:
consumes: consumes:
- application/json - application/json
description: Returns a team by its ID. description: Returns a list by its ID.
parameters: parameters:
- description: Team ID - description: List ID
in: path in: path
name: id name: id
required: true required: true
@ -1144,11 +1144,11 @@ paths:
- application/json - application/json
responses: responses:
"200": "200":
description: The team description: The list
schema: schema:
$ref: '#/definitions/models.Team' $ref: '#/definitions/models.List'
"403": "403":
description: The user does not have access to the team description: The user does not have access to the list
schema: schema:
$ref: '#/definitions/code.vikunja.io/web.HTTPError' $ref: '#/definitions/code.vikunja.io/web.HTTPError'
"500": "500":
@ -1157,9 +1157,9 @@ paths:
$ref: '#/definitions/models.Message' $ref: '#/definitions/models.Message'
security: security:
- JWTKeyAuth: [] - JWTKeyAuth: []
summary: Gets one team summary: Gets one list
tags: tags:
- team - list
post: post:
consumes: consumes:
- application/json - application/json
@ -3675,6 +3675,25 @@ paths:
summary: Request password reset token summary: Request password reset token
tags: tags:
- user - user
/user/token:
post:
consumes:
- application/json
description: Returns a new valid jwt user token with an extended length.
produces:
- application/json
responses:
"200":
description: OK
schema:
$ref: '#/definitions/v1.Token'
"400":
description: Only user token are available for renew.
schema:
$ref: '#/definitions/models.Message'
summary: Renew user token
tags:
- user
/users: /users:
get: get:
consumes: consumes: