forked from r--w/pocketbase
-
Notifications
You must be signed in to change notification settings - Fork 14
/
authorize.go
103 lines (84 loc) · 2 KB
/
authorize.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package pocketbase
import (
"fmt"
"time"
"github.com/go-resty/resty/v2"
"golang.org/x/sync/singleflight"
)
type authStore interface {
authorizer
IsValid() bool
Token() string
}
type authorizer interface {
authorize() error
}
type authorizeNoOp struct{}
func (a authorizeNoOp) authorize() error {
return nil
}
func (a authorizeNoOp) IsValid() bool {
return false
}
func (a authorizeNoOp) Token() string {
return ""
}
type authorizeEmailPassword struct {
email string
password string
token string
tokenValid time.Time
client *resty.Client
url string
tokenSingle singleflight.Group
}
func newAuthorizeEmailPassword(c *resty.Client, url string, email string, password string) authStore {
return &authorizeEmailPassword{
client: c,
email: email,
password: password,
url: url,
tokenSingle: singleflight.Group{},
}
}
func (a *authorizeEmailPassword) authorize() error {
type authResponse struct {
Token string `json:"token"`
}
_, err, _ := a.tokenSingle.Do("auth", func() (interface{}, error) {
if time.Now().Before(a.tokenValid) {
return nil, nil
}
resp, err := a.client.R().
SetHeader("Content-Type", "application/json").
SetBody(map[string]interface{}{
"identity": a.email,
"password": a.password,
}).
SetResult(&authResponse{}).
SetHeader("Authorization", "").
Post(a.url)
if err != nil {
return nil, fmt.Errorf("[auth] can't send request to pocketbase %w", err)
}
if resp.IsError() {
return nil, fmt.Errorf("[auth] pocketbase returned status: %d, msg: %s, err %w",
resp.StatusCode(),
resp.String(),
ErrInvalidResponse,
)
}
auth := *resp.Result().(*authResponse)
a.token = auth.Token
a.client.SetHeader("Authorization", auth.Token)
a.tokenValid = time.Now().Add(60 * time.Minute)
return nil, nil
})
return err
}
func (a *authorizeEmailPassword) IsValid() bool {
return time.Now().Before(a.tokenValid)
}
func (a *authorizeEmailPassword) Token() string {
return a.token
}