6830c8879f
* feat(server): moved an http server object into a pkg subdir to be reusable for http, spots, and integrations * feat(web): isolated web module (server, router, middleware, utils) used in spots and new integrations * feat(web): removed possible panic * feat(web): split all handlers from http service into different packages for better management. * feat(web): changed router's method signature * feat(web): added missing handlers interface * feat(web): added health middleware to remove unnecessary checks * feat(web): customizable middleware set for web servers * feat(web): simplified the handler's structure * feat(web): created an unified server.Run method for all web services (http, spot, integrations) * feat(web): fixed a json size limit issue * feat(web): removed Keys and PG connection from router * feat(web): simplified integration's main file * feat(web): simplified spot's main file * feat(web): simplified http's main file (builder) * feat(web): refactored audit trail functionality * feat(web): added ee version of audit trail * feat(web): added ee version of conditions module * feat(web): moved ee version of some web session structs * feat(web): new format of web metrics * feat(web): added new web metrics to all handlers * feat(web): added justExpired feature to web ingest handler * feat(web): added small integrations improvements
34 lines
907 B
Go
34 lines
907 B
Go
package auth
|
|
|
|
import (
|
|
"fmt"
|
|
"openreplay/backend/pkg/db/postgres/pool"
|
|
"openreplay/backend/pkg/server/user"
|
|
"strings"
|
|
)
|
|
|
|
func authUser(conn pool.Pool, userID, tenantID, jwtIAT int, isExtension bool) (*user.User, error) {
|
|
sql := `
|
|
SELECT user_id, name, email, EXTRACT(epoch FROM spot_jwt_iat)::BIGINT AS spot_jwt_iat
|
|
FROM public.users
|
|
WHERE user_id = $1 AND deleted_at IS NULL
|
|
LIMIT 1;`
|
|
if !isExtension {
|
|
sql = strings.ReplaceAll(sql, "spot_jwt_iat", "jwt_iat")
|
|
}
|
|
newUser := &user.User{TenantID: 1, AuthMethod: "jwt"}
|
|
if err := conn.QueryRow(sql, userID).Scan(&newUser.ID, &newUser.Name, &newUser.Email, &newUser.JwtIat); err != nil {
|
|
return nil, fmt.Errorf("user not found")
|
|
}
|
|
if newUser.JwtIat == 0 || abs(jwtIAT-newUser.JwtIat) > 1 {
|
|
return nil, fmt.Errorf("token has been updated")
|
|
}
|
|
return newUser, nil
|
|
}
|
|
|
|
func abs(x int) int {
|
|
if x < 0 {
|
|
return -x
|
|
}
|
|
return x
|
|
}
|