hydra-passwordless/internal/route/verify.go

package route

import (
	"net/http"

	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
	"forge.cadoles.com/wpetit/hydra-passwordless/internal/query"
	"github.com/pkg/errors"
	"gitlab.com/wpetit/goweb/cqrs"
	"gitlab.com/wpetit/goweb/logger"
	"gitlab.com/wpetit/goweb/middleware/container"
)

func handleVerification(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	bus := cqrs.Must(ctn)

	token := r.URL.Query().Get("token")
	if token == "" {
		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

		return
	}

	qry := &query.VerifyUserRequest{
		Token: token,
	}

	ctx := r.Context()

	result, err := bus.Query(ctx, qry)
	if err != nil {
		logger.Error(ctx, "could not verify token", logger.E(err))

		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
	}

	verifyUserData, ok := result.Data().(*query.VerifyUserData)
	if !ok {
		panic(errors.New("unexpected result data"))
	}

	hydr := hydra.Must(ctn)

	accept := &hydra.AcceptLoginRequest{
		Subject: verifyUserData.Email,
	}

	res, err := hydr.AcceptLoginRequest(verifyUserData.Challenge, accept)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra accept response"))
	}

	http.Redirect(w, r, res.RedirectTo, http.StatusSeeOther)
}
Basic but complete authentication flow 2020-05-20 11:13:14 +02:00			`package route`

			`import (`
			`"net/http"`

			`"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"`
			`"forge.cadoles.com/wpetit/hydra-passwordless/internal/query"`
			`"github.com/pkg/errors"`
			`"gitlab.com/wpetit/goweb/cqrs"`
			`"gitlab.com/wpetit/goweb/logger"`
			`"gitlab.com/wpetit/goweb/middleware/container"`
			`)`

			`func handleVerification(w http.ResponseWriter, r *http.Request) {`
			`ctn := container.Must(r.Context())`
			`bus := cqrs.Must(ctn)`

			`token := r.URL.Query().Get("token")`
			`if token == "" {`
			`http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)`

			`return`
			`}`

			`qry := &query.VerifyUserRequest{`
			`Token: token,`
			`}`

			`ctx := r.Context()`

			`result, err := bus.Query(ctx, qry)`
			`if err != nil {`
			`logger.Error(ctx, "could not verify token", logger.E(err))`

			`http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)`
			`}`

			`verifyUserData, ok := result.Data().(*query.VerifyUserData)`
			`if !ok {`
			`panic(errors.New("unexpected result data"))`
			`}`

			`hydr := hydra.Must(ctn)`

			`accept := &hydra.AcceptLoginRequest{`
			`Subject: verifyUserData.Email,`
			`}`

			`res, err := hydr.AcceptLoginRequest(verifyUserData.Challenge, accept)`
			`if err != nil {`
			`panic(errors.Wrap(err, "could not retrieve hydra accept response"))`
			`}`

			`http.Redirect(w, r, res.RedirectTo, http.StatusSeeOther)`
			`}`