e76469ad55
- Add authentication controller for login, logout, and token refresh - Add user controller for user management and profile operations - Add session controller for session management and validation - Add access controller for API access control and permissions - Include proper input validation and error handling - Implement secure authentication flows
139 lines
4.2 KiB
Go
139 lines
4.2 KiB
Go
package controllers
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"fmt"
|
|
"strconv"
|
|
|
|
"git.secnex.io/secnex/idp-api/api"
|
|
"git.secnex.io/secnex/idp-api/db"
|
|
"git.secnex.io/secnex/idp-api/repositories"
|
|
"git.secnex.io/secnex/idp-api/utils"
|
|
"github.com/gofiber/fiber/v2"
|
|
)
|
|
|
|
func GetSessions(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
page := c.Query("page", "1")
|
|
limit := c.Query("limit", "10")
|
|
user := c.Query("user")
|
|
pageInt, err := strconv.Atoi(page)
|
|
if err != nil {
|
|
return api.Error(c, "Invalid page", fiber.StatusBadRequest, fiber.Map{
|
|
"message": "Invalid page",
|
|
})
|
|
}
|
|
limitInt, err := strconv.Atoi(limit)
|
|
if err != nil {
|
|
return api.Error(c, "Invalid limit", fiber.StatusBadRequest, fiber.Map{
|
|
"message": "Invalid limit",
|
|
})
|
|
}
|
|
sessions, err := sessionRepo.GetSessions(pageInt, limitInt, &user)
|
|
if err != nil {
|
|
return api.Error(c, "Failed to get sessions", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to get sessions",
|
|
})
|
|
}
|
|
|
|
total, err := sessionRepo.GetSessionCount(&user)
|
|
if err != nil {
|
|
return api.Error(c, "Failed to get sessions", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to get sessions",
|
|
})
|
|
}
|
|
|
|
paginationInformation, paginationLinks := utils.Pagination(c, total, pageInt, limitInt)
|
|
|
|
return api.Success(c, sessions, fiber.StatusOK, paginationInformation, paginationLinks)
|
|
}
|
|
|
|
func GetSessionBySession(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
sessionQuery := c.Query("session")
|
|
sessionID, err := base64.StdEncoding.DecodeString(sessionQuery)
|
|
if err != nil {
|
|
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
|
"message": "Invalid session",
|
|
})
|
|
}
|
|
session, err := sessionRepo.GetSessionByID(string(sessionID), true)
|
|
if err != nil {
|
|
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
|
"message": "Invalid session",
|
|
})
|
|
}
|
|
return api.Success(c, session, fiber.StatusOK, nil, nil)
|
|
}
|
|
|
|
func RevokeSessionBySession(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
session := c.Query("session")
|
|
sessionID, err := base64.StdEncoding.DecodeString(session)
|
|
if err != nil {
|
|
return api.Error(c, "Invalid session", fiber.StatusBadRequest, fiber.Map{
|
|
"message": "Invalid session",
|
|
})
|
|
}
|
|
err = sessionRepo.RevokeSession(string(sessionID))
|
|
if err != nil {
|
|
return api.Error(c, "Failed to revoke session", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to revoke session",
|
|
})
|
|
}
|
|
return api.Success(c, fiber.Map{
|
|
"message": fmt.Sprintf("Session %s revoked", sessionID),
|
|
"status": "REVOKED",
|
|
}, fiber.StatusOK, nil, nil)
|
|
}
|
|
|
|
func RevokeSessionByID(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
sessionID := c.Params("session_id")
|
|
err := sessionRepo.RevokeSession(sessionID)
|
|
if err != nil {
|
|
return api.Error(c, "Failed to revoke session", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to revoke session",
|
|
})
|
|
}
|
|
return api.Success(c, fiber.Map{
|
|
"message": fmt.Sprintf("Session %s revoked", sessionID),
|
|
"status": "REVOKED",
|
|
}, fiber.StatusOK, nil, nil)
|
|
}
|
|
|
|
func RevokeAllSessions(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
err := sessionRepo.RevokeAllSessions()
|
|
if err != nil {
|
|
return api.Error(c, "Failed to revoke all sessions", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to revoke all sessions",
|
|
})
|
|
}
|
|
return api.Success(c, fiber.Map{
|
|
"message": "All sessions revoked for all users",
|
|
"status": "REVOKED",
|
|
}, fiber.StatusOK, nil, nil)
|
|
}
|
|
|
|
func RevokeAllSessionsByUserID(c *fiber.Ctx) error {
|
|
database := db.GetDB()
|
|
sessionRepo := repositories.NewSessionRepository(database)
|
|
userID := c.Query("user")
|
|
err := sessionRepo.RevokeAllSessionsByUserID(userID)
|
|
if err != nil {
|
|
return api.Error(c, "Failed to revoke all sessions", fiber.StatusInternalServerError, fiber.Map{
|
|
"message": "Failed to revoke all sessions",
|
|
})
|
|
}
|
|
return api.Success(c, fiber.Map{
|
|
"message": fmt.Sprintf("All sessions revoked for user %s", userID),
|
|
"status": "REVOKED",
|
|
}, fiber.StatusOK, nil, nil)
|
|
}
|