forked from baron/baron-sso
golangci-lint gofmt/gofumpt 적용
This commit is contained in:
@@ -2,13 +2,13 @@ package domain
|
|||||||
|
|
||||||
type EnchantedLinkInitRequest struct {
|
type EnchantedLinkInitRequest struct {
|
||||||
LoginID string `json:"loginId"`
|
LoginID string `json:"loginId"`
|
||||||
URI string `json:"uri,omitempty"` // Redirect URI (optional for polling flow)
|
URI string `json:"uri,omitempty"` // Redirect URI (optional for polling flow)
|
||||||
Method string `json:"method,omitempty"` // "email" or "sms"
|
Method string `json:"method,omitempty"` // "email" or "sms"
|
||||||
}
|
}
|
||||||
|
|
||||||
type EnchantedLinkInitResponse struct {
|
type EnchantedLinkInitResponse struct {
|
||||||
LinkID string `json:"linkId"`
|
LinkID string `json:"linkId"`
|
||||||
PendingRef string `json:"pendingRef"`
|
PendingRef string `json:"pendingRef"`
|
||||||
MaskedEmail string `json:"maskedEmail"`
|
MaskedEmail string `json:"maskedEmail"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -30,4 +30,4 @@ type QRInitResponse struct {
|
|||||||
QRCode string `json:"qrCode"` // Base64 or URL
|
QRCode string `json:"qrCode"` // Base64 or URL
|
||||||
PendingRef string `json:"pendingRef"`
|
PendingRef string `json:"pendingRef"`
|
||||||
ExpiresIn int `json:"expiresIn"`
|
ExpiresIn int `json:"expiresIn"`
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,14 +6,14 @@ import (
|
|||||||
|
|
||||||
// AuditLog represents a single audit event
|
// AuditLog represents a single audit event
|
||||||
type AuditLog struct {
|
type AuditLog struct {
|
||||||
Timestamp time.Time `json:"timestamp"`
|
Timestamp time.Time `json:"timestamp"`
|
||||||
UserID string `json:"user_id"`
|
UserID string `json:"user_id"`
|
||||||
EventType string `json:"event_type"` // e.g., "login_success", "login_failed", "otp_sent"
|
EventType string `json:"event_type"` // e.g., "login_success", "login_failed", "otp_sent"
|
||||||
Status string `json:"status"` // e.g., "success", "failure"
|
Status string `json:"status"` // e.g., "success", "failure"
|
||||||
IPAddress string `json:"ip_address"`
|
IPAddress string `json:"ip_address"`
|
||||||
UserAgent string `json:"user_agent"`
|
UserAgent string `json:"user_agent"`
|
||||||
DeviceID string `json:"device_id,omitempty"`
|
DeviceID string `json:"device_id,omitempty"`
|
||||||
Details string `json:"details,omitempty"` // JSON string or simple text
|
Details string `json:"details,omitempty"` // JSON string or simple text
|
||||||
}
|
}
|
||||||
|
|
||||||
// AuditRepository defines interface for storing logs
|
// AuditRepository defines interface for storing logs
|
||||||
|
|||||||
@@ -7,12 +7,12 @@ type SmsService interface {
|
|||||||
|
|
||||||
// NaverSmsRequest represents the request body for the Naver Cloud SMS API.
|
// NaverSmsRequest represents the request body for the Naver Cloud SMS API.
|
||||||
type NaverSmsRequest struct {
|
type NaverSmsRequest struct {
|
||||||
Type string `json:"type"`
|
Type string `json:"type"`
|
||||||
ContentType string `json:"contentType"`
|
ContentType string `json:"contentType"`
|
||||||
CountryCode string `json:"countryCode"`
|
CountryCode string `json:"countryCode"`
|
||||||
From string `json:"from"`
|
From string `json:"from"`
|
||||||
Content string `json:"content"`
|
Content string `json:"content"`
|
||||||
Messages []SmsMessage `json:"messages"`
|
Messages []SmsMessage `json:"messages"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// SmsMessage represents a single message to be sent.
|
// SmsMessage represents a single message to be sent.
|
||||||
@@ -23,10 +23,10 @@ type SmsMessage struct {
|
|||||||
|
|
||||||
// NaverSmsResponse represents the response from the Naver Cloud SMS API.
|
// NaverSmsResponse represents the response from the Naver Cloud SMS API.
|
||||||
type NaverSmsResponse struct {
|
type NaverSmsResponse struct {
|
||||||
RequestID string `json:"requestId"`
|
RequestID string `json:"requestId"`
|
||||||
RequestTime string `json:"requestTime"`
|
RequestTime string `json:"requestTime"`
|
||||||
StatusCode string `json:"statusCode"`
|
StatusCode string `json:"statusCode"`
|
||||||
StatusName string `json:"statusName"`
|
StatusName string `json:"statusName"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// SmsRequest represents the request body for sending an SMS.
|
// SmsRequest represents the request body for sending an SMS.
|
||||||
|
|||||||
@@ -3,9 +3,9 @@ package handler
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"log/slog"
|
"log/slog"
|
||||||
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
"net/url"
|
|
||||||
|
|
||||||
"github.com/descope/go-sdk/descope"
|
"github.com/descope/go-sdk/descope"
|
||||||
"github.com/descope/go-sdk/descope/client"
|
"github.com/descope/go-sdk/descope/client"
|
||||||
@@ -50,7 +50,7 @@ func (h *AdminHandler) checkAuth(c *fiber.Ctx) error {
|
|||||||
if adminPass == "" {
|
if adminPass == "" {
|
||||||
adminPass = "admin" // Default fallback
|
adminPass = "admin" // Default fallback
|
||||||
}
|
}
|
||||||
|
|
||||||
reqPass := c.Get("X-Admin-Password")
|
reqPass := c.Get("X-Admin-Password")
|
||||||
if reqPass != adminPass {
|
if reqPass != adminPass {
|
||||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid Admin Password"})
|
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid Admin Password"})
|
||||||
@@ -59,11 +59,11 @@ func (h *AdminHandler) checkAuth(c *fiber.Ctx) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type CreateUserRequest struct {
|
type CreateUserRequest struct {
|
||||||
LoginID string `json:"loginId"`
|
LoginID string `json:"loginId"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
Phone string `json:"phone"`
|
Phone string `json:"phone"`
|
||||||
DisplayName string `json:"displayName"`
|
DisplayName string `json:"displayName"`
|
||||||
Roles []string `json:"roles"`
|
Roles []string `json:"roles"`
|
||||||
Tenants map[string][]string `json:"tenants"` // tenantId -> roles
|
Tenants map[string][]string `json:"tenants"` // tenantId -> roles
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -76,18 +76,20 @@ func (h *AdminHandler) CheckAuth(c *fiber.Ctx) error {
|
|||||||
|
|
||||||
// ListUsers - GET /api/v1/admin/users
|
// ListUsers - GET /api/v1/admin/users
|
||||||
func (h *AdminHandler) ListUsers(c *fiber.Ctx) error {
|
func (h *AdminHandler) ListUsers(c *fiber.Ctx) error {
|
||||||
if err := h.checkAuth(c); err != nil { return err }
|
if err := h.checkAuth(c); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
text := c.Query("text")
|
text := c.Query("text")
|
||||||
// Limit is not directly supported in SearchAll options as a simple int in all SDK versions,
|
// Limit is not directly supported in SearchAll options as a simple int in all SDK versions,
|
||||||
// but let's check the options struct.
|
// but let's check the options struct.
|
||||||
// Based on previous inspection: SearchAll takes UserSearchOptions.
|
// Based on previous inspection: SearchAll takes UserSearchOptions.
|
||||||
|
|
||||||
var users []*descope.UserResponse
|
var users []*descope.UserResponse
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
if text != "" {
|
if text != "" {
|
||||||
options := &descope.UserSearchOptions{ Text: text, Limit: 50 }
|
options := &descope.UserSearchOptions{Text: text, Limit: 50}
|
||||||
users, _, err = h.DescopeClient.Management.User().SearchAll(context.Background(), options)
|
users, _, err = h.DescopeClient.Management.User().SearchAll(context.Background(), options)
|
||||||
} else {
|
} else {
|
||||||
// Nil options means default search (usually returns all or default page)
|
// Nil options means default search (usually returns all or default page)
|
||||||
@@ -104,13 +106,15 @@ func (h *AdminHandler) ListUsers(c *fiber.Ctx) error {
|
|||||||
|
|
||||||
// DeleteUser - DELETE /api/v1/admin/users/:loginId
|
// DeleteUser - DELETE /api/v1/admin/users/:loginId
|
||||||
func (h *AdminHandler) DeleteUser(c *fiber.Ctx) error {
|
func (h *AdminHandler) DeleteUser(c *fiber.Ctx) error {
|
||||||
if err := h.checkAuth(c); err != nil { return err }
|
if err := h.checkAuth(c); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
loginID := c.Params("loginId")
|
loginID := c.Params("loginId")
|
||||||
// Decode if necessary (Fiber usually decodes params, but let's be safe if it's double encoded)
|
// Decode if necessary (Fiber usually decodes params, but let's be safe if it's double encoded)
|
||||||
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
||||||
loginID = decoded
|
loginID = decoded
|
||||||
}
|
}
|
||||||
|
|
||||||
slog.Info("[Admin] Deleting user", "loginID", loginID)
|
slog.Info("[Admin] Deleting user", "loginID", loginID)
|
||||||
if err := h.DescopeClient.Management.User().Delete(context.Background(), loginID); err != nil {
|
if err := h.DescopeClient.Management.User().Delete(context.Background(), loginID); err != nil {
|
||||||
@@ -123,12 +127,14 @@ func (h *AdminHandler) DeleteUser(c *fiber.Ctx) error {
|
|||||||
|
|
||||||
// UpdateUserStatus - PATCH /api/v1/admin/users/:loginId/status
|
// UpdateUserStatus - PATCH /api/v1/admin/users/:loginId/status
|
||||||
func (h *AdminHandler) UpdateUserStatus(c *fiber.Ctx) error {
|
func (h *AdminHandler) UpdateUserStatus(c *fiber.Ctx) error {
|
||||||
if err := h.checkAuth(c); err != nil { return err }
|
if err := h.checkAuth(c); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
loginID := c.Params("loginId")
|
loginID := c.Params("loginId")
|
||||||
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
||||||
loginID = decoded
|
loginID = decoded
|
||||||
}
|
}
|
||||||
|
|
||||||
var req struct {
|
var req struct {
|
||||||
Status string `json:"status"` // "enabled" or "disabled"
|
Status string `json:"status"` // "enabled" or "disabled"
|
||||||
@@ -161,7 +167,9 @@ func (h *AdminHandler) UpdateUserStatus(c *fiber.Ctx) error {
|
|||||||
|
|
||||||
// UpdateUser - PATCH /api/v1/admin/users/:loginId
|
// UpdateUser - PATCH /api/v1/admin/users/:loginId
|
||||||
func (h *AdminHandler) UpdateUser(c *fiber.Ctx) error {
|
func (h *AdminHandler) UpdateUser(c *fiber.Ctx) error {
|
||||||
if err := h.checkAuth(c); err != nil { return err }
|
if err := h.checkAuth(c); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
loginID := c.Params("loginId")
|
loginID := c.Params("loginId")
|
||||||
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
if decoded, err := url.QueryUnescape(loginID); err == nil {
|
||||||
@@ -213,7 +221,9 @@ func (h *AdminHandler) UpdateUser(c *fiber.Ctx) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (h *AdminHandler) CreateUser(c *fiber.Ctx) error {
|
func (h *AdminHandler) CreateUser(c *fiber.Ctx) error {
|
||||||
if err := h.checkAuth(c); err != nil { return err }
|
if err := h.checkAuth(c); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
if h.DescopeClient == nil {
|
if h.DescopeClient == nil {
|
||||||
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Descope Client not configured"})
|
return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Descope Client not configured"})
|
||||||
@@ -247,7 +257,7 @@ func (h *AdminHandler) CreateUser(c *fiber.Ctx) error {
|
|||||||
VerifiedEmail: boolPtr(req.Email != ""),
|
VerifiedEmail: boolPtr(req.Email != ""),
|
||||||
VerifiedPhone: boolPtr(normalizedPhone != ""),
|
VerifiedPhone: boolPtr(normalizedPhone != ""),
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add Roles if provided
|
// Add Roles if provided
|
||||||
if len(req.Roles) > 0 {
|
if len(req.Roles) > 0 {
|
||||||
userObj.Roles = req.Roles
|
userObj.Roles = req.Roles
|
||||||
@@ -278,4 +288,4 @@ func (h *AdminHandler) CreateUser(c *fiber.Ctx) error {
|
|||||||
"message": "User created successfully",
|
"message": "User created successfully",
|
||||||
"user": res,
|
"user": res,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -55,34 +55,34 @@ func NewAuthHandler(redisService *service.RedisService) *AuthHandler {
|
|||||||
|
|
||||||
var descopeClient *client.DescopeClient
|
var descopeClient *client.DescopeClient
|
||||||
var err error
|
var err error
|
||||||
if projectID != "" {
|
if projectID != "" {
|
||||||
descopeClient, err = client.NewWithConfig(&client.Config{
|
descopeClient, err = client.NewWithConfig(&client.Config{
|
||||||
ProjectID: projectID,
|
ProjectID: projectID,
|
||||||
ManagementKey: managementKey,
|
ManagementKey: managementKey,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
slog.Warn("Failed to initialize Descope Client", "error", err)
|
slog.Warn("Failed to initialize Descope Client", "error", err)
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return &AuthHandler{
|
|
||||||
ProjectID: projectID,
|
|
||||||
SmsService: service.NewSmsService(),
|
|
||||||
EmailService: service.NewEmailService(),
|
|
||||||
RedisService: redisService,
|
|
||||||
DescopeClient: descopeClient,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// SendSms sends a verification code via SMS. (Restored for completeness)
|
return &AuthHandler{
|
||||||
func (h *AuthHandler) SendSms(c *fiber.Ctx) error {
|
ProjectID: projectID,
|
||||||
var req domain.SmsRequest
|
SmsService: service.NewSmsService(),
|
||||||
if err := c.BodyParser(&req); err != nil {
|
EmailService: service.NewEmailService(),
|
||||||
return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"})
|
RedisService: redisService,
|
||||||
}
|
DescopeClient: descopeClient,
|
||||||
|
}
|
||||||
slog.Info("[SMS] Sending code", "phoneNumber", req.PhoneNumber)
|
}
|
||||||
sanitizedPhone := strings.ReplaceAll(req.PhoneNumber, "-", "")
|
|
||||||
|
// SendSms sends a verification code via SMS. (Restored for completeness)
|
||||||
|
func (h *AuthHandler) SendSms(c *fiber.Ctx) error {
|
||||||
|
var req domain.SmsRequest
|
||||||
|
if err := c.BodyParser(&req); err != nil {
|
||||||
|
return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"})
|
||||||
|
}
|
||||||
|
|
||||||
|
slog.Info("[SMS] Sending code", "phoneNumber", req.PhoneNumber)
|
||||||
|
sanitizedPhone := strings.ReplaceAll(req.PhoneNumber, "-", "")
|
||||||
rand.Seed(time.Now().UnixNano())
|
rand.Seed(time.Now().UnixNano())
|
||||||
code := fmt.Sprintf("%06d", rand.Intn(1000000))
|
code := fmt.Sprintf("%06d", rand.Intn(1000000))
|
||||||
content := fmt.Sprintf("[Baron SSO] 인증번호: %s", code)
|
content := fmt.Sprintf("[Baron SSO] 인증번호: %s", code)
|
||||||
|
|||||||
@@ -1,12 +1,11 @@
|
|||||||
package repository
|
package repository
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"baron-sso-backend/internal/domain"
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"baron-sso-backend/internal/domain"
|
|
||||||
|
|
||||||
"github.com/ClickHouse/clickhouse-go/v2"
|
"github.com/ClickHouse/clickhouse-go/v2"
|
||||||
"github.com/ClickHouse/clickhouse-go/v2/lib/driver"
|
"github.com/ClickHouse/clickhouse-go/v2/lib/driver"
|
||||||
)
|
)
|
||||||
@@ -25,7 +24,6 @@ func NewClickHouseRepository(host string, port int, user, password, db string) (
|
|||||||
},
|
},
|
||||||
Debug: false,
|
Debug: false,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to open clickhouse connection: %w", err)
|
return nil, fmt.Errorf("failed to open clickhouse connection: %w", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,12 +1,12 @@
|
|||||||
package service
|
package service
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"baron-sso-backend/internal/domain"
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"log/slog"
|
"log/slog"
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"baron-sso-backend/internal/domain"
|
|
||||||
"github.com/aws/aws-sdk-go-v2/aws"
|
"github.com/aws/aws-sdk-go-v2/aws"
|
||||||
"github.com/aws/aws-sdk-go-v2/config"
|
"github.com/aws/aws-sdk-go-v2/config"
|
||||||
"github.com/aws/aws-sdk-go-v2/credentials"
|
"github.com/aws/aws-sdk-go-v2/credentials"
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
package service
|
package service
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"baron-sso-backend/internal/domain"
|
||||||
"bytes"
|
"bytes"
|
||||||
"crypto/hmac"
|
"crypto/hmac"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
@@ -14,8 +15,6 @@ import (
|
|||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"baron-sso-backend/internal/domain"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type SmsServiceImpl struct {
|
type SmsServiceImpl struct {
|
||||||
@@ -96,8 +95,8 @@ func (s *SmsServiceImpl) SendSms(to, content string) error {
|
|||||||
slog.Error("[SmsService] error response from naver cloud sms api", "body", string(respBody))
|
slog.Error("[SmsService] error response from naver cloud sms api", "body", string(respBody))
|
||||||
return fmt.Errorf("error sending sms: status code %d", resp.StatusCode)
|
return fmt.Errorf("error sending sms: status code %d", resp.StatusCode)
|
||||||
}
|
}
|
||||||
|
|
||||||
slog.Info("[SmsService] sms sent successfully", "body", string(respBody))
|
slog.Info("[SmsService] sms sent successfully", "body", string(respBody))
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -113,4 +112,4 @@ func (s *SmsServiceImpl) makeSignature(method, url, timestamp string) (string, e
|
|||||||
}
|
}
|
||||||
|
|
||||||
return base64.StdEncoding.EncodeToString(h.Sum(nil)), nil
|
return base64.StdEncoding.EncodeToString(h.Sum(nil)), nil
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user