gowthaman/readymixerp_modules_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

some fix for UI login

Browse Source
This commit is contained in:
gowthaman.b 2023-11-12 16:12:19 +05:30
parent 4e0d5d0296
commit ac36d7e8c7
6 changed files with 100 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.idea/.name generated Normal file
View File

@ -0,0 +1 @@
rest_api

69
.idea/codeStyles/Project.xml generated Normal file
View File

@ -0,0 +1,69 @@
<component name="ProjectCodeStyleConfiguration">
<code_scheme name="Project" version="173">
<HTMLCodeStyleSettings>
<option name="HTML_SPACE_INSIDE_EMPTY_TAG" value="true" />
<option name="HTML_QUOTE_STYLE" value="Single" />
<option name="HTML_ENFORCE_QUOTES" value="true" />
</HTMLCodeStyleSettings>
<JSCodeStyleSettings version="0">
<option name="USE_SEMICOLON_AFTER_STATEMENT" value="false" />
<option name="FORCE_SEMICOLON_STYLE" value="true" />
<option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
<option name="USE_DOUBLE_QUOTES" value="false" />
<option name="FORCE_QUOTE_STYlE" value="true" />
<option name="ENFORCE_TRAILING_COMMA" value="Remove" />
<option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
<option name="SPACES_WITHIN_IMPORTS" value="true" />
</JSCodeStyleSettings>
<JetCodeStyleSettings>
<option name="CODE_STYLE_DEFAULTS" value="KOTLIN_OFFICIAL" />
</JetCodeStyleSettings>
<TypeScriptCodeStyleSettings version="0">
<option name="USE_SEMICOLON_AFTER_STATEMENT" value="false" />
<option name="FORCE_SEMICOLON_STYLE" value="true" />
<option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
<option name="USE_DOUBLE_QUOTES" value="false" />
<option name="FORCE_QUOTE_STYlE" value="true" />
<option name="ENFORCE_TRAILING_COMMA" value="Remove" />
<option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
<option name="SPACES_WITHIN_IMPORTS" value="true" />
</TypeScriptCodeStyleSettings>
<VueCodeStyleSettings>
<option name="INTERPOLATION_NEW_LINE_AFTER_START_DELIMITER" value="false" />
<option name="INTERPOLATION_NEW_LINE_BEFORE_END_DELIMITER" value="false" />
</VueCodeStyleSettings>
<codeStyleSettings language="HTML">
<option name="SOFT_MARGINS" value="100" />
<indentOptions>
<option name="INDENT_SIZE" value="2" />
<option name="CONTINUATION_INDENT_SIZE" value="2" />
<option name="TAB_SIZE" value="2" />
</indentOptions>
</codeStyleSettings>
<codeStyleSettings language="JavaScript">
<option name="SOFT_MARGINS" value="100" />
<indentOptions>
<option name="INDENT_SIZE" value="2" />
<option name="CONTINUATION_INDENT_SIZE" value="2" />
<option name="TAB_SIZE" value="2" />
</indentOptions>
</codeStyleSettings>
<codeStyleSettings language="TypeScript">
<option name="SOFT_MARGINS" value="100" />
<indentOptions>
<option name="INDENT_SIZE" value="2" />
<option name="CONTINUATION_INDENT_SIZE" value="2" />
<option name="TAB_SIZE" value="2" />
</indentOptions>
</codeStyleSettings>
<codeStyleSettings language="Vue">
<option name="SOFT_MARGINS" value="100" />
<indentOptions>
<option name="CONTINUATION_INDENT_SIZE" value="2" />
</indentOptions>
</codeStyleSettings>
<codeStyleSettings language="kotlin">
<option name="CODE_STYLE_DEFAULTS" value="KOTLIN_OFFICIAL" />
</codeStyleSettings>
</code_scheme>
</component>

5
.idea/codeStyles/codeStyleConfig.xml generated Normal file
View File

@ -0,0 +1,5 @@
<component name="ProjectCodeStyleConfiguration">
<state>
<option name="USE_PER_PROJECT_SETTINGS" value="true" />
</state>
</component>

7
.idea/prettier.xml generated Normal file
View File

@ -0,0 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="PrettierConfiguration">
<option name="myConfigurationMode" value="AUTOMATIC" />
<option name="myRunOnSave" value="true" />
</component>
</project>

4
src/main/kotlin/com/restapi/AppAccessManager.kt
View File

@ -46,12 +46,12 @@ class AppAccessManager : AccessManager {
} }
val isAllowed = currentRoles().count { allowedRoles.contains(it) } > 0 val isAllowed = currentRoles().count { allowedRoles.contains(it) } > 0
logger.warn("entity - $entity, action $action, userroles = ${currentRoles()}, allowed = $allowedRoles, isAllowed? $isAllowed, enforce? ${appConfig.enforceRoleRestriction()}") logger.warn("entity - $entity, action $action, user roles = ${currentRoles()}, allowed = $allowedRoles, isAllowed? $isAllowed, enforce? ${appConfig.enforceRoleRestriction()}")
if (isAllowed || !appConfig.enforceRoleRestriction() || allowedRoles.isEmpty()) { if (isAllowed || !appConfig.enforceRoleRestriction() || allowedRoles.isEmpty()) {
//if role is allowed, or enforcement is turned off or no roles are explicitly allowed //if role is allowed, or enforcement is turned off or no roles are explicitly allowed
handler.handle(ctx) handler.handle(ctx)
} else { } else {
ctx.status(HttpStatus.UNAUTHORIZED).result("unauthorized request") ctx.status(HttpStatus.FORBIDDEN).result("user not allowed to do this")
} }
} }
} }

20
src/main/kotlin/com/restapi/Main.kt
View File

@ -12,6 +12,8 @@ import com.restapi.config.Roles
import com.restapi.controllers.Entities import com.restapi.controllers.Entities
import com.restapi.domain.DataNotFoundException import com.restapi.domain.DataNotFoundException
import com.restapi.domain.Session import com.restapi.domain.Session
import com.restapi.domain.Session.currentTenant
import com.restapi.domain.Session.currentUser
import com.restapi.domain.Session.objectMapper import com.restapi.domain.Session.objectMapper
import com.restapi.domain.Session.redis import com.restapi.domain.Session.redis
import com.restapi.domain.Session.setAuthorizedUser import com.restapi.domain.Session.setAuthorizedUser
@ -34,6 +36,7 @@ import java.net.http.HttpRequest.BodyPublishers
import java.net.http.HttpResponse.BodyHandlers import java.net.http.HttpResponse.BodyHandlers
import java.nio.charset.StandardCharsets import java.nio.charset.StandardCharsets
import java.security.MessageDigest import java.security.MessageDigest
import java.time.LocalDateTime
import java.util.* import java.util.*
import java.util.concurrent.TimeUnit import java.util.concurrent.TimeUnit
import kotlin.jvm.optionals.getOrDefault import kotlin.jvm.optionals.getOrDefault
@ -73,6 +76,9 @@ fun main(args: Array<String>) {
path("/auth") { path("/auth") {
//for testing, development only //for testing, development only
get("/endpoint") {
it.json(getAuthEndpoint())
}
get("/init") { get("/init") {
val endpoint = getAuthEndpoint().authorizationEndpoint val endpoint = getAuthEndpoint().authorizationEndpoint
@ -83,6 +89,8 @@ fun main(args: Array<String>) {
get("/code") { get("/code") {
val code = it.queryParam("code") ?: throw BadRequestResponse("not proper") val code = it.queryParam("code") ?: throw BadRequestResponse("not proper")
val redirectUri = it.queryParam("redirectUrl") ?: appConfig.iamClientRedirectUri()
val iamClient = it.queryParam("client") ?: appConfig.iamClient()
val ep = getAuthEndpoint().tokenEndpoint val ep = getAuthEndpoint().tokenEndpoint
val client = HttpClient.newHttpClient() val client = HttpClient.newHttpClient()
@ -93,8 +101,8 @@ fun main(args: Array<String>) {
getFormDataAsString( getFormDataAsString(
mapOf( mapOf(
"code" to code, "code" to code,
"redirect_uri" to appConfig.iamClientRedirectUri(), "redirect_uri" to redirectUri,
"client_id" to appConfig.iamClient(), "client_id" to iamClient,
"grant_type" to "authorization_code", "grant_type" to "authorization_code",
) )
) )
@ -104,9 +112,10 @@ fun main(args: Array<String>) {
.build() .build()
val message = client.send(req, BodyHandlers.ofString()).body() val message = client.send(req, BodyHandlers.ofString()).body()
val atResponse = objectMapper.readValue<AuthTokenResponse>(message) val atResponse = objectMapper.readValue<AuthTokenResponse>(message)
val parsed = validateAuthToken(atResponse.accessToken)
//lets keep auth token refreshed //keep track of this
redis.sadd("AUTH_TOKEN", message) redis.rpush("AUTH_TOKEN_${parsed.userName}", message)
it.result(atResponse.accessToken).contentType(ContentType.TEXT_PLAIN) it.result(atResponse.accessToken).contentType(ContentType.TEXT_PLAIN)
} }
@ -155,6 +164,9 @@ fun main(args: Array<String>) {
path("/api") { path("/api") {
post("/audit/{action}") {
logger.warn("User ${currentUser()} of tenant ${currentTenant()} has performed ${it.pathParam("action")} @ ${LocalDateTime.now()}")
}
post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps)) post("/script/database/{name}", Entities::executeStoredProcedure, Roles(adminRole, Role.DbOps))
post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps)) post("/script/{file}/{name}", Entities::executeScript, Roles(adminRole, Role.DbOps))