ForFarmTeam/ForFarm
1
0
Fork 0
mirror of https://github.com/ForFarmTeam/ForFarm.git synced 2025-12-19 22:14:08 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add user generation logic to oauth login

Browse Source
This commit is contained in:
Sosokker 2025-03-12 15:06:25 +07:00
parent 69fa65ccf1
commit 9cc07b32df
1 changed files with 51 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
backend/internal/api/oauth.go
View File

@ -2,17 +2,19 @@ package api
import ( import (
"context" "context"
"crypto/rand"
"errors" "errors"
"net/http" "net/http"
"github.com/danielgtaylor/huma/v2" "github.com/danielgtaylor/huma/v2"
"github.com/forfarm/backend/internal/domain"
"github.com/forfarm/backend/internal/utilities" "github.com/forfarm/backend/internal/utilities"
"github.com/go-chi/chi/v5" "github.com/go-chi/chi/v5"
"golang.org/x/crypto/bcrypt"
) )
func (a *api) registerOauthRoutes(_ chi.Router, apiInstance huma.API) { func (a *api) registerOauthRoutes(_ chi.Router, apiInstance huma.API) {
tags := []string{"oauth"} tags := []string{"oauth"}
huma.Register(apiInstance, huma.Operation{ huma.Register(apiInstance, huma.Operation{
OperationID: "oauth_exchange", OperationID: "oauth_exchange",
Method: http.MethodPost, Method: http.MethodPost,
@ -34,8 +36,24 @@ type ExchangeTokenOutput struct {
} }
} }
// exchangeHandler now assumes the provided access token is a Google ID token. func generateRandomPassword(length int) (string, error) {
// It verifies the token with Google and then generates your own JWT. const charset = "abcdefghijklmnopqrstuvwxyz" +
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+[]{}<>?,./"
bytes := make([]byte, length)
if _, err := rand.Read(bytes); err != nil {
return "", err
}
for i, b := range bytes {
bytes[i] = charset[b%byte(len(charset))]
}
return string(bytes), nil
}
// exchangeHandler assumes the provided access token is a Google ID token.
// It verifies the token with Google, and if the user doesn't exist,
// it creates a new user with a randomly generated password before issuing your JWT.
func (a *api) exchangeHandler(ctx context.Context, input *ExchangeTokenInput) (*ExchangeTokenOutput, error) { func (a *api) exchangeHandler(ctx context.Context, input *ExchangeTokenInput) (*ExchangeTokenOutput, error) {
if input.Body.AccessToken == "" { if input.Body.AccessToken == "" {
return nil, errors.New("access token is required") return nil, errors.New("access token is required")
@ -46,13 +64,38 @@ func (a *api) exchangeHandler(ctx context.Context, input *ExchangeTokenInput) (*
return nil, errors.New("invalid Google ID token") return nil, errors.New("invalid Google ID token")
} }
newJWT, err := utilities.CreateJwtToken(googleUserID) user, err := a.userRepo.GetByEmail(ctx, email)
if err == domain.ErrNotFound {
newPassword, err := generateRandomPassword(12)
if err != nil { if err != nil {
return nil, err return nil, err
} }
resp := &ExchangeTokenOutput{} hashedPassword, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
resp.Body.JWT = newJWT if err != nil {
resp.Body.Email = email return nil, err
return resp, nil }
newUser := &domain.User{
Email: email,
Password: string(hashedPassword),
}
if err := a.userRepo.CreateOrUpdate(ctx, newUser); err != nil {
return nil, err
}
user = *newUser
} else if err != nil {
return nil, err
}
token, err := utilities.CreateJwtToken(user.UUID)
if err != nil {
return nil, err
}
output := &ExchangeTokenOutput{}
output.Body.JWT = token
output.Body.Email = email
_ = googleUserID // Maybe need in the future
return output, nil
} }