feat: add business logic controllers
- Add authentication controller for login, logout, and token refresh - Add user controller for user management and profile operations - Add session controller for session management and validation - Add access controller for API access control and permissions - Include proper input validation and error handling - Implement secure authentication flows
This commit is contained in:
Björn Benouarets
138
controllers/session.go
Normal file
138
controllers/session.go
Normal file
@@ -0,0 +1,138 @@
|
||||
package controllers
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
"git.secnex.io/secnex/idp-api/api"
|
||||
"git.secnex.io/secnex/idp-api/db"
|
||||
"git.secnex.io/secnex/idp-api/repositories"
|
||||
"git.secnex.io/secnex/idp-api/utils"
|
||||
"github.com/gofiber/fiber/v2"
|
||||
)
|
||||
|
||||
func GetSessions(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
page := c.Query("page", "1")
|
||||
limit := c.Query("limit", "10")
|
||||
user := c.Query("user")
|
||||
pageInt, err := strconv.Atoi(page)
|
||||
if err != nil {
|
||||
return api.Error(c, "Invalid page", fiber.StatusBadRequest, fiber.Map{
|
||||
"message": "Invalid page",
|
||||
})
|
||||
}
|
||||
limitInt, err := strconv.Atoi(limit)
|
||||
if err != nil {
|
||||
return api.Error(c, "Invalid limit", fiber.StatusBadRequest, fiber.Map{
|
||||
"message": "Invalid limit",
|
||||
})
|
||||
}
|
||||
sessions, err := sessionRepo.GetSessions(pageInt, limitInt, &user)
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to get sessions", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to get sessions",
|
||||
})
|
||||
}
|
||||
|
||||
total, err := sessionRepo.GetSessionCount(&user)
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to get sessions", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to get sessions",
|
||||
})
|
||||
}
|
||||
|
||||
paginationInformation, paginationLinks := utils.Pagination(c, total, pageInt, limitInt)
|
||||
|
||||
return api.Success(c, sessions, fiber.StatusOK, paginationInformation, paginationLinks)
|
||||
}
|
||||
|
||||
func GetSessionBySession(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
sessionQuery := c.Query("session")
|
||||
sessionID, err := base64.StdEncoding.DecodeString(sessionQuery)
|
||||
if err != nil {
|
||||
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
||||
"message": "Invalid session",
|
||||
})
|
||||
}
|
||||
session, err := sessionRepo.GetSessionByID(string(sessionID), true)
|
||||
if err != nil {
|
||||
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
||||
"message": "Invalid session",
|
||||
})
|
||||
}
|
||||
return api.Success(c, session, fiber.StatusOK, nil, nil)
|
||||
}
|
||||
|
||||
func RevokeSessionBySession(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
session := c.Query("session")
|
||||
sessionID, err := base64.StdEncoding.DecodeString(session)
|
||||
if err != nil {
|
||||
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
||||
"message": "Invalid session",
|
||||
})
|
||||
}
|
||||
err = sessionRepo.RevokeSession(string(sessionID))
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to revoke session", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to revoke session",
|
||||
})
|
||||
}
|
||||
return api.Success(c, fiber.Map{
|
||||
"message": fmt.Sprintf("Session %s revoked", sessionID),
|
||||
"status": "REVOKED",
|
||||
}, fiber.StatusOK, nil, nil)
|
||||
}
|
||||
|
||||
func RevokeSessionByID(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
sessionID := c.Params("session_id")
|
||||
err := sessionRepo.RevokeSession(sessionID)
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to revoke session", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to revoke session",
|
||||
})
|
||||
}
|
||||
return api.Success(c, fiber.Map{
|
||||
"message": fmt.Sprintf("Session %s revoked", sessionID),
|
||||
"status": "REVOKED",
|
||||
}, fiber.StatusOK, nil, nil)
|
||||
}
|
||||
|
||||
func RevokeAllSessions(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
err := sessionRepo.RevokeAllSessions()
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to revoke all sessions", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to revoke all sessions",
|
||||
})
|
||||
}
|
||||
return api.Success(c, fiber.Map{
|
||||
"message": "All sessions revoked for all users",
|
||||
"status": "REVOKED",
|
||||
}, fiber.StatusOK, nil, nil)
|
||||
}
|
||||
|
||||
func RevokeAllSessionsByUserID(c *fiber.Ctx) error {
|
||||
database := db.GetDB()
|
||||
sessionRepo := repositories.NewSessionRepository(database)
|
||||
userID := c.Query("user")
|
||||
err := sessionRepo.RevokeAllSessionsByUserID(userID)
|
||||
if err != nil {
|
||||
return api.Error(c, "Failed to revoke all sessions", fiber.StatusInternalServerError, fiber.Map{
|
||||
"message": "Failed to revoke all sessions",
|
||||
})
|
||||
}
|
||||
return api.Success(c, fiber.Map{
|
||||
"message": fmt.Sprintf("All sessions revoked for user %s", userID),
|
||||
"status": "REVOKED",
|
||||
}, fiber.StatusOK, nil, nil)
|
||||
}
|
||||
Reference in New Issue
Block a user