h/projectreshoot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor fix to theme rendering and token parsing

Browse Source
This commit is contained in:
Haelnorr
2025-02-12 11:39:21 +11:00
parent 732f8510ae
commit e605e6437b
3 changed files with 50 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
jwt/parse.go
View File

@@ -19,48 +19,51 @@ func ParseAccessToken(
config *config.Config, config *config.Config,
conn *sql.DB, conn *sql.DB,
tokenString string, tokenString string,
) (AccessToken, error) { ) (*AccessToken, error) {
if tokenString == "" {
return nil, errors.New("Access token string not provided")
}
claims, err := parseToken(config.SecretKey, tokenString) claims, err := parseToken(config.SecretKey, tokenString)
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "parseToken") return nil, errors.Wrap(err, "parseToken")
} }
expiry, err := checkTokenExpired(claims["exp"]) expiry, err := checkTokenExpired(claims["exp"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "checkTokenExpired") return nil, errors.Wrap(err, "checkTokenExpired")
} }
issuer, err := checkTokenIssuer(config.TrustedHost, claims["iss"]) issuer, err := checkTokenIssuer(config.TrustedHost, claims["iss"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "checkTokenIssuer") return nil, errors.Wrap(err, "checkTokenIssuer")
} }
ttl, err := getTokenTTL(claims["ttl"]) ttl, err := getTokenTTL(claims["ttl"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getTokenTTL") return nil, errors.Wrap(err, "getTokenTTL")
} }
scope, err := getTokenScope(claims["scope"]) scope, err := getTokenScope(claims["scope"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getTokenScope") return nil, errors.Wrap(err, "getTokenScope")
} }
if scope != "access" { if scope != "access" {
return AccessToken{}, errors.New("Token is not an Access token") return nil, errors.New("Token is not an Access token")
} }
issuedAt, err := getIssuedTime(claims["iat"]) issuedAt, err := getIssuedTime(claims["iat"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getIssuedTime") return nil, errors.Wrap(err, "getIssuedTime")
} }
subject, err := getTokenSubject(claims["sub"]) subject, err := getTokenSubject(claims["sub"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getTokenSubject") return nil, errors.Wrap(err, "getTokenSubject")
} }
fresh, err := getFreshTime(claims["fresh"]) fresh, err := getFreshTime(claims["fresh"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getFreshTime") return nil, errors.Wrap(err, "getFreshTime")
} }
jti, err := getTokenJTI(claims["jti"]) jti, err := getTokenJTI(claims["jti"])
if err != nil { if err != nil {
return AccessToken{}, errors.Wrap(err, "getTokenJTI") return nil, errors.Wrap(err, "getTokenJTI")
} }
token := AccessToken{ token := &AccessToken{
ISS: issuer, ISS: issuer,
TTL: ttl, TTL: ttl,
EXP: expiry, EXP: expiry,
@@ -73,7 +76,7 @@ func ParseAccessToken(
valid, err := CheckTokenNotRevoked(conn, token) valid, err := CheckTokenNotRevoked(conn, token)
if err != nil || !valid { if err != nil || !valid {
return AccessToken{}, errors.Wrap(err, "CheckTokenNotRevoked") return nil, errors.Wrap(err, "CheckTokenNotRevoked")
} }
return token, nil return token, nil
} }
@@ -85,44 +88,47 @@ func ParseRefreshToken(
config *config.Config, config *config.Config,
conn *sql.DB, conn *sql.DB,
tokenString string, tokenString string,
) (RefreshToken, error) { ) (*RefreshToken, error) {
if tokenString == "" {
return nil, errors.New("Refresh token string not provided")
}
claims, err := parseToken(config.SecretKey, tokenString) claims, err := parseToken(config.SecretKey, tokenString)
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "parseToken") return nil, errors.Wrap(err, "parseToken")
} }
expiry, err := checkTokenExpired(claims["exp"]) expiry, err := checkTokenExpired(claims["exp"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "checkTokenExpired") return nil, errors.Wrap(err, "checkTokenExpired")
} }
issuer, err := checkTokenIssuer(config.TrustedHost, claims["iss"]) issuer, err := checkTokenIssuer(config.TrustedHost, claims["iss"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "checkTokenIssuer") return nil, errors.Wrap(err, "checkTokenIssuer")
} }
ttl, err := getTokenTTL(claims["ttl"]) ttl, err := getTokenTTL(claims["ttl"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "getTokenTTL") return nil, errors.Wrap(err, "getTokenTTL")
} }
scope, err := getTokenScope(claims["scope"]) scope, err := getTokenScope(claims["scope"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "getTokenScope") return nil, errors.Wrap(err, "getTokenScope")
} }
if scope != "refresh" { if scope != "refresh" {
return RefreshToken{}, errors.New("Token is not an Refresh token") return nil, errors.New("Token is not an Refresh token")
} }
issuedAt, err := getIssuedTime(claims["iat"]) issuedAt, err := getIssuedTime(claims["iat"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "getIssuedTime") return nil, errors.Wrap(err, "getIssuedTime")
} }
subject, err := getTokenSubject(claims["sub"]) subject, err := getTokenSubject(claims["sub"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "getTokenSubject") return nil, errors.Wrap(err, "getTokenSubject")
} }
jti, err := getTokenJTI(claims["jti"]) jti, err := getTokenJTI(claims["jti"])
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "getTokenJTI") return nil, errors.Wrap(err, "getTokenJTI")
} }
token := RefreshToken{ token := &RefreshToken{
ISS: issuer, ISS: issuer,
TTL: ttl, TTL: ttl,
EXP: expiry, EXP: expiry,
@@ -134,10 +140,10 @@ func ParseRefreshToken(
valid, err := CheckTokenNotRevoked(conn, token) valid, err := CheckTokenNotRevoked(conn, token)
if err != nil { if err != nil {
return RefreshToken{}, errors.Wrap(err, "CheckTokenNotRevoked") return nil, errors.Wrap(err, "CheckTokenNotRevoked")
} }
if !valid { if !valid {
return RefreshToken{}, errors.New("Token has been revoked") return nil, errors.New("Token has been revoked")
} }
return token, nil return token, nil
} }

2
middleware/authentication.go
View File

@@ -64,7 +64,7 @@ func getAuthenticatedUser(
return nil, errors.Wrap(err, "jwt.ParseRefreshToken") return nil, errors.Wrap(err, "jwt.ParseRefreshToken")
} }
// Refresh token valid, attempt to get a new token pair // Refresh token valid, attempt to get a new token pair
user, err := refreshAuthTokens(config, conn, w, r, &rT) user, err := refreshAuthTokens(config, conn, w, r, rT)
if err != nil { if err != nil {
return nil, errors.Wrap(err, "refreshAuthTokens") return nil, errors.Wrap(err, "refreshAuthTokens")
} }

28
view/layout/global.templ
View File

@@ -17,24 +17,30 @@ templ Global() {
window.matchMedia('(prefers-color-scheme: dark)').matches)}" window.matchMedia('(prefers-color-scheme: dark)').matches)}"
> >
<head> <head>
<script>
(function () {
let theme = localStorage.getItem("theme") || "system";
if (theme === "system") {
theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? "dark" : "light";
}
if (theme === "dark") {
document.documentElement.classList.add("dark");
} else {
document.documentElement.classList.remove("dark");
}
})();
</script>
<meta charset="UTF-8"/> <meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/> <meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>Project Reshoot</title> <title>Project Reshoot</title>
<link href="/static/css/output.css" rel="stylesheet"/> <link href="/static/css/output.css" rel="stylesheet"/>
<script src="https://unpkg.com/htmx.org@2.0.4" integrity="sha384-HGfztofotfshcF7+8n44JQL2oJmowVChPTg48S+jvZoztPfvwD79OC/LTtG6dMp+" crossorigin="anonymous"></script> <script src="https://unpkg.com/htmx.org@2.0.4" integrity="sha384-HGfztofotfshcF7+8n44JQL2oJmowVChPTg48S+jvZoztPfvwD79OC/LTtG6dMp+" crossorigin="anonymous"></script>
<script defer src="https://cdn.jsdelivr.net/npm/@alpinejs/persist@3.x.x/dist/cdn.min.js"></script>
<script src="https://unpkg.com/alpinejs" defer></script> <script src="https://unpkg.com/alpinejs" defer></script>
<script>
document.documentElement.classList.toggle(
"dark",
localStorage.currentTheme === "dark" ||
(
!("theme" in localStorage) &&
window.matchMedia("(prefers-color-scheme: dark)").matches
),
);
</script>
</head> </head>
<body class="bg-base text-text ubuntu-mono-regular"> <body
class="bg-base text-text ubuntu-mono-regular"
>
<div id="main-content" class="flex flex-col h-screen justify-between"> <div id="main-content" class="flex flex-col h-screen justify-between">
@nav.Navbar() @nav.Navbar()
<div id="page-content" class="mb-auto"> <div id="page-content" class="mb-auto">