added query to check if current user is logged in

added auth check
2021-09-15 01:00:26 +02:00 · 2021-09-14 16:51:01 +02:00
3 changed files with 72 additions and 2 deletions
--- a/internal/helper.go
+++ b/internal/helper.go
@@ -6,6 +6,7 @@ import (
 	"path/filepath"
 	"strings"

+	"github.com/golang-jwt/jwt"
 	"github.com/graph-gophers/dataloader"
 	"github.com/minio/minio-go/v7"
 	log "github.com/sirupsen/logrus"
@@ -108,3 +109,17 @@ func getParentDir(id string) string {

 	return nomalizeID(parent)
 }
+
+func isAuth(ctx context.Context) (bool, error) {
+	token, ok := ctx.Value("jwt").(*jwt.Token)
+
+	if !ok {
+		return false, fmt.Errorf("Unauthorized")
+	}
+
+	if token.Valid {
+		return true, nil
+	} else {
+		return false, fmt.Errorf("Unauthorized")
+	}
+}
--- a/internal/httpServer.go
+++ b/internal/httpServer.go
@@ -53,7 +53,9 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
 				parsedToken, err := parseJWT(token)

 				if err == nil && parsedToken.Valid {
-					r.WithContext(context.WithValue(r.Context(), "jwt", parsedToken))
+					newRequest := r.WithContext(context.WithValue(r.Context(), "jwt", parsedToken))
+					h.ServeHTTP(rw, newRequest)
+					return
 				}
 			}

@@ -62,7 +64,8 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
 	})

 	r.HandleFunc("/api/graphql", func(rw http.ResponseWriter, r *http.Request) {
-		gqlHandler.ContextHandler(resolveContext, rw, r)
+		token := r.Context().Value("jwt")
+		gqlHandler.ContextHandler(context.WithValue(resolveContext, "jwt", token), rw, r)
 	})

 	r.HandleFunc("/api/file", func(rw http.ResponseWriter, r *http.Request) {
@@ -82,6 +85,11 @@ func initHttp(resolveContext context.Context, schema graphql.Schema, address str
 }

 func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
+	if is, _ := isAuth(r.Context()); !is {
+		rw.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
 	s3Client := ctx.Value("s3Client").(*minio.Client)
 	id := r.URL.Query().Get("id")

@@ -121,6 +129,11 @@ func httpGetFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
 }

 func httpPostFile(ctx context.Context, rw http.ResponseWriter, r *http.Request) {
+	if is, _ := isAuth(r.Context()); !is {
+		rw.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
 	s3Client := ctx.Value("s3Client").(*minio.Client)

 	id := r.URL.Query().Get("id")
--- a/internal/schema.go
+++ b/internal/schema.go
@@ -21,6 +21,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				path, ok := p.Args["path"].(string)

 				if !ok {
@@ -42,6 +46,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				path, ok := p.Args["path"].(string)

 				if !ok {
@@ -63,6 +71,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				id, ok := p.Args["id"].(string)
 				if !ok {
 					return nil, fmt.Errorf("Failed to parse args")
@@ -75,6 +87,16 @@ func graphqlSchema() (graphql.Schema, error) {
 				}, nil
 			},
 		},
+		"authorized": &graphql.Field{
+			Name:        "authorized",
+			Type:        graphql.NewNonNull(graphql.Boolean),
+			Description: "True if the user is authorized",
+			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				auth, _ := isAuth(p.Context)
+
+				return auth, nil
+			},
+		},
 	}

 	mutationFields := graphql.Fields{
@@ -86,6 +108,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				id, ok := p.Args["id"].(string)
 				if !ok {
 					return nil, fmt.Errorf("Failed to parse args")
@@ -107,6 +133,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				src, ok := p.Args["src"].(string)
 				if !ok {
 					return nil, fmt.Errorf("Failed to parse args")
@@ -132,6 +162,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				src, ok := p.Args["src"].(string)
 				if !ok {
 					return nil, fmt.Errorf("Failed to parse args")
@@ -154,6 +188,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				path, ok := p.Args["path"].(string)
 				if !ok {
 					return nil, fmt.Errorf("Failed to parse args")
@@ -172,6 +210,10 @@ func graphqlSchema() (graphql.Schema, error) {
 				},
 			},
 			Resolve: func(p graphql.ResolveParams) (interface{}, error) {
+				if is, err := isAuth(p.Context); !is {
+					return nil, err
+				}
+
 				path, ok := p.Args["path"].(string)

 				if !ok {
Author	SHA1	Message	Date
Djeeberjr	9f280caafc	added query to check if current user is logged in	2021-09-15 01:00:26 +02:00
Djeeberjr	af488ab5fe	added auth check	2021-09-14 16:51:01 +02:00