app/v1/controllers/middleware.go - Code Metrics - Inspection of "Merge pull request #166 from memnix/feat/htmx" - memnix/memnix-rest - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — main ( 01f0b4...eeea6b )

by Yume

created 2024-02-24 18:36 UTC

app/v1/controllers/middleware.go A

↳ Parent: Project

Size/Duplication

Total Lines	96
Duplicated Lines	0 %

Importance

Changes

Metric	Value
cc	11
eloc	52
dl	0
loc	96
rs	10
c	0
b	0
f	0

3 Methods

Rating	Name	Size	Complexity
A	controllers.*JwtController.VerifyPermissions	2	1
C	controllers.*JwtController.IsConnectedMiddleware	58	9
A	controllers.NewJwtController	2	1

package controllers

import (
	"errors"
	"log/slog"
	"strconv"

	"github.com/getsentry/sentry-go"
	"github.com/gofiber/fiber/v2"
	"github.com/gofiber/fiber/v2/log"
	"github.com/memnix/memnix-rest/app/v1/views"
	"github.com/memnix/memnix-rest/cmd/v1/config"
	"github.com/memnix/memnix-rest/domain"
	"github.com/memnix/memnix-rest/infrastructures"
	"github.com/memnix/memnix-rest/services/user"
)

// JwtController is the controller for the jwt routes.
type JwtController struct {
	user.IUseCase
}

// NewJwtController creates a new jwt controller.
func NewJwtController(user user.IUseCase) JwtController {
	return JwtController{IUseCase: user}
}

// VerifyPermissions checks if the user has the required permissions.
func (*JwtController) VerifyPermissions(user domain.User, p domain.Permission) bool {
	return user.HasPermission(p)
}

// IsConnectedMiddleware checks if the user is connected and has the required permissions
// the permissions are defined in the route definition
// returns an error if the user is not connected or has not the required permissions
//
// if the user is connected and has the required permissions, it sets the user in the locals
// and calls the next middleware.
func (j *JwtController) IsConnectedMiddleware(p domain.Permission) func(c *fiber.Ctx) error {
	return func(c *fiber.Ctx) error {
		// check if the permission is valid
		if !p.IsValid() {
			return c.Status(fiber.StatusInternalServerError).JSON(
				views.NewHTTPResponseVMFromError(errors.New("invalid permission")))
		}

		// if the route is public, we don't need to check if the userModel is connected
		if p == domain.PermissionNone {
			return c.Next()
		}

		_, span := infrastructures.GetTracerInstance().Tracer().Start(c.UserContext(), "IsConnectedMiddleware")
		defer span.End()

		// get the token from the request header
		tokenHeader := c.Get("Authorization")
		// if the token is empty, the userModel is not connected, and we return an error
		if tokenHeader == "" {
			return c.Status(fiber.StatusUnauthorized).JSON(
				views.NewHTTPResponseVMFromError(errors.New("unauthorized: token missing")))
		}

		// get the userModel from the token
		// if the token is invalid, we return an error
		userID, err := config.GetJwtInstance().GetJwt().GetConnectedUserID(c.UserContext(), tokenHeader)
		if err != nil {
			return c.Status(fiber.StatusUnauthorized).JSON(
				views.NewHTTPResponseVMFromError(errors.New("unauthorized: invalid token")))
		}

		// get the userModel from the database
		userModel, err := j.IUseCase.GetByID(c.UserContext(), userID)
		if err != nil {
			log.WithContext(c.UserContext()).Error("error getting user / not connected", slog.Any("error", err))
			return c.Status(fiber.StatusUnauthorized).JSON(
				views.NewHTTPResponseVMFromError(errors.New("unauthorized: invalid user")))
		}

		sentry.ConfigureScope(func(scope *sentry.Scope) {
			scope.SetUser(sentry.User{
				ID:       strconv.Itoa(int(userModel.ID)),
				Username: userModel.Username,
				Email:    userModel.Email,
			})
		})

		// Check permissions
		if !j.VerifyPermissions(userModel, p) {
			log.WithContext(c.UserContext()).Debug("Not authorized")
			return c.Status(fiber.StatusUnauthorized).JSON(views.NewHTTPResponseVMFromError(errors.New("unauthorized: insufficient permissions")))
		}

		// Set userModel in locals
		SetUserToContext(c, userModel)
		span.End()
		return c.Next()
	}
}


1			package controllers
2
3			import (
4			"errors"
5			"log/slog"
6			"strconv"
7
8			"github.com/getsentry/sentry-go"
9			"github.com/gofiber/fiber/v2"
10			"github.com/gofiber/fiber/v2/log"
11			"github.com/memnix/memnix-rest/app/v1/views"
12			"github.com/memnix/memnix-rest/cmd/v1/config"
13			"github.com/memnix/memnix-rest/domain"
14			"github.com/memnix/memnix-rest/infrastructures"
15			"github.com/memnix/memnix-rest/services/user"
16			)
17
18			// JwtController is the controller for the jwt routes.
19			type JwtController struct {
20			user.IUseCase
21			}
22
23			// NewJwtController creates a new jwt controller.
24			func NewJwtController(user user.IUseCase) JwtController {
25			return JwtController{IUseCase: user}
26			}
27
28			// VerifyPermissions checks if the user has the required permissions.
29			func (*JwtController) VerifyPermissions(user domain.User, p domain.Permission) bool {
30			return user.HasPermission(p)
31			}
32
33			// IsConnectedMiddleware checks if the user is connected and has the required permissions
34			// the permissions are defined in the route definition
35			// returns an error if the user is not connected or has not the required permissions
36			//
37			// if the user is connected and has the required permissions, it sets the user in the locals
38			// and calls the next middleware.
39			func (j JwtController) IsConnectedMiddleware(p domain.Permission) func(c fiber.Ctx) error {
40			return func(c *fiber.Ctx) error {
41			// check if the permission is valid
42			if !p.IsValid() {
43			return c.Status(fiber.StatusInternalServerError).JSON(
44			views.NewHTTPResponseVMFromError(errors.New("invalid permission")))
45			}
46
47			// if the route is public, we don't need to check if the userModel is connected
48			if p == domain.PermissionNone {
49			return c.Next()
50			}
51
52			_, span := infrastructures.GetTracerInstance().Tracer().Start(c.UserContext(), "IsConnectedMiddleware")
53			defer span.End()
54
55			// get the token from the request header
56			tokenHeader := c.Get("Authorization")
57			// if the token is empty, the userModel is not connected, and we return an error
58			if tokenHeader == "" {
59			return c.Status(fiber.StatusUnauthorized).JSON(
60			views.NewHTTPResponseVMFromError(errors.New("unauthorized: token missing")))
61			}
62
63			// get the userModel from the token
64			// if the token is invalid, we return an error
65			userID, err := config.GetJwtInstance().GetJwt().GetConnectedUserID(c.UserContext(), tokenHeader)
66			if err != nil {
67			return c.Status(fiber.StatusUnauthorized).JSON(
68			views.NewHTTPResponseVMFromError(errors.New("unauthorized: invalid token")))
69			}
70
71			// get the userModel from the database
72			userModel, err := j.IUseCase.GetByID(c.UserContext(), userID)
73			if err != nil {
74			log.WithContext(c.UserContext()).Error("error getting user / not connected", slog.Any("error", err))
75			return c.Status(fiber.StatusUnauthorized).JSON(
76			views.NewHTTPResponseVMFromError(errors.New("unauthorized: invalid user")))
77			}
78
79			sentry.ConfigureScope(func(scope *sentry.Scope) {
80			scope.SetUser(sentry.User{
81			ID: strconv.Itoa(int(userModel.ID)),
82			Username: userModel.Username,
83			Email: userModel.Email,
84			})
85			})
86
87			// Check permissions
88			if !j.VerifyPermissions(userModel, p) {
89			log.WithContext(c.UserContext()).Debug("Not authorized")
90			return c.Status(fiber.StatusUnauthorized).JSON(views.NewHTTPResponseVMFromError(errors.New("unauthorized: insufficient permissions")))
91			}
92
93			// Set userModel in locals
94			SetUserToContext(c, userModel)
95			span.End()
96			return c.Next()
97			}
98			}
99

memnix / memnix-rest

Push — main ( 01f0b4...eeea6b )

app/v1/controllers/middleware.go A

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like