Basic but complete authentication flow

2020-05-20 11:13:14 +02:00
parent 81778121fb
commit 61aae078b5
32 changed files with 626 additions and 442 deletions
--- a/internal/query/verify_user.go
+++ b/internal/query/verify_user.go
@ -0,0 +1,47 @@
+package query
+
+import (
+	"context"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/token"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/cqrs"
+	"gitlab.com/wpetit/goweb/middleware/container"
+)
+
+type VerifyUserRequest struct {
+	Token string
+}
+
+type VerifyUserData struct {
+	Email     string
+	Challenge string
+}
+
+func HandleVerifyUserRequest(ctx context.Context, qry cqrs.Query) (interface{}, error) {
+	req, ok := qry.Request().(*VerifyUserRequest)
+	if !ok {
+		return nil, cqrs.ErrUnexpectedRequest
+	}
+
+	ctn := container.Must(ctx)
+	conf := config.Must(ctn)
+
+	email, challenge, err := token.Verify(
+		conf.HTTP.TokenSigningKey,
+		conf.HTTP.TokenEncryptionKey,
+		req.Token,
+	)
+
+	if err != nil {
+		return nil, errors.Wrap(err, "could not verify token")
+	}
+
+	data := &VerifyUserData{
+		Email:     email,
+		Challenge: challenge,
+	}
+
+	return data, nil
+}