some fix for UI login

2023-11-12 16:12:19 +05:30
parent 4e0d5d0296
commit ac36d7e8c7
6 changed files with 100 additions and 6 deletions
--- a/src/main/kotlin/com/restapi/Main.kt
+++ b/src/main/kotlin/com/restapi/Main.kt
@@ -12,6 +12,8 @@ import com.restapi.config.Roles
 import com.restapi.controllers.Entities
 import com.restapi.domain.DataNotFoundException
 import com.restapi.domain.Session
+import com.restapi.domain.Session.currentTenant
+import com.restapi.domain.Session.currentUser
 import com.restapi.domain.Session.objectMapper
 import com.restapi.domain.Session.redis
 import com.restapi.domain.Session.setAuthorizedUser
@@ -34,6 +36,7 @@ import java.net.http.HttpRequest.BodyPublishers
 import java.net.http.HttpResponse.BodyHandlers
 import java.nio.charset.StandardCharsets
 import java.security.MessageDigest
+import java.time.LocalDateTime
 import java.util.*
 import java.util.concurrent.TimeUnit
 import kotlin.jvm.optionals.getOrDefault
@@ -73,6 +76,9 @@ fun main(args: Array<String>) {

            path("/auth") {
                //for testing, development only
+                get("/endpoint") {
+                    it.json(getAuthEndpoint())
+                }
                get("/init") {
                    val endpoint = getAuthEndpoint().authorizationEndpoint

@@ -83,6 +89,8 @@ fun main(args: Array<String>) {
                get("/code") {

                    val code = it.queryParam("code") ?: throw BadRequestResponse("not proper")
+                    val redirectUri = it.queryParam("redirectUrl") ?: appConfig.iamClientRedirectUri()
+                    val iamClient = it.queryParam("client") ?: appConfig.iamClient()

                    val ep = getAuthEndpoint().tokenEndpoint
                    val client = HttpClient.newHttpClient()
@@ -93,8 +101,8 @@ fun main(args: Array<String>) {
                                getFormDataAsString(
                                    mapOf(
                                        "code" to code,
-                                        "redirect_uri" to appConfig.iamClientRedirectUri(),
-                                        "client_id" to appConfig.iamClient(),
+                                        "redirect_uri" to redirectUri,
+                                        "client_id" to iamClient,
                                        "grant_type" to "authorization_code",
                                    )
                                )
@@ -104,9 +112,10 @@ fun main(args: Array<String>) {
                        .build()
                    val message = client.send(req, BodyHandlers.ofString()).body()
                    val atResponse = objectMapper.readValue<AuthTokenResponse>(message)
+                    val parsed = validateAuthToken(atResponse.accessToken)

-                    //lets keep auth token refreshed
-                    redis.sadd("AUTH_TOKEN", message)
+                    //keep track of this
+                    redis.rpush("AUTH_TOKEN_${parsed.userName}", message)
                    it.result(atResponse.accessToken).contentType(ContentType.TEXT_PLAIN)

                }
@@ -155,6 +164,9 @@ fun main(args: Array<String>) {


            path("/api") {
+                post("/audit/{action}") {
+                    logger.warn("User ${currentUser()} of tenant ${currentTenant()} has performed ${it.pathParam("action")} @ ${LocalDateTime.now()}")
+                }
                post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
                post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))