tinyauth/internal/controller/context_controller.go at 3e2220757830313abfcb6467839e5d2b18901683 · tinyauthapp/tinyauth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
package controller

import (
	"fmt"
	"net/url"

	"github.com/tinyauthapp/tinyauth/internal/utils"
	"github.com/tinyauthapp/tinyauth/internal/utils/tlog"

	"github.com/gin-gonic/gin"
)

type UserContextResponse struct {
	Status      int    `json:"status"`
	Message     string `json:"message"`
	IsLoggedIn  bool   `json:"isLoggedIn"`
	Username    string `json:"username"`
	Name        string `json:"name"`
	Email       string `json:"email"`
	Provider    string `json:"provider"`
	OAuth       bool   `json:"oauth"`
	TotpPending bool   `json:"totpPending"`
	OAuthName   string `json:"oauthName"`
}

type AppContextResponse struct {
	Status                int        `json:"status"`
	Message               string     `json:"message"`
	Providers             []Provider `json:"providers"`
	Title                 string     `json:"title"`
	AppURL                string     `json:"appUrl"`
	CookieDomain          string     `json:"cookieDomain"`
	ForgotPasswordMessage string     `json:"forgotPasswordMessage"`
	BackgroundImage       string     `json:"backgroundImage"`
	OAuthAutoRedirect     string     `json:"oauthAutoRedirect"`
	WarningsEnabled       bool       `json:"warningsEnabled"`
}

type Provider struct {
	Name  string `json:"name"`
	ID    string `json:"id"`
	OAuth bool   `json:"oauth"`
}

type ContextControllerConfig struct {
	Providers             []Provider
	Title                 string
	AppURL                string
	CookieDomain          string
	ForgotPasswordMessage string
	BackgroundImage       string
	OAuthAutoRedirect     string
	WarningsEnabled       bool
}

type ContextController struct {
	config ContextControllerConfig
	router *gin.RouterGroup
}

func NewContextController(config ContextControllerConfig, router *gin.RouterGroup) *ContextController {
	if !config.WarningsEnabled {
		tlog.App.Warn().Msg("UI warnings are disabled. This may expose users to security risks. Proceed with caution.")
	}

	return &ContextController{
		config: config,
		router: router,
	}
}

func (controller *ContextController) SetupRoutes() {
	contextGroup := controller.router.Group("/context")
	contextGroup.GET("/user", controller.userContextHandler)
	contextGroup.GET("/app", controller.appContextHandler)
}

func (controller *ContextController) userContextHandler(c *gin.Context) {
	context, err := utils.GetContext(c)

	userContext := UserContextResponse{
		Status:      200,
		Message:     "Success",
		IsLoggedIn:  context.IsLoggedIn,
		Username:    context.Username,
		Name:        context.Name,
		Email:       context.Email,
		Provider:    context.Provider,
		OAuth:       context.OAuth,
		TotpPending: context.TotpPending,
		OAuthName:   context.OAuthName,
	}

	if err != nil {
		tlog.App.Debug().Err(err).Msg("No user context found in request")
		userContext.Status = 401
		userContext.Message = "Unauthorized"
		userContext.IsLoggedIn = false
		c.JSON(200, userContext)
		return
	}

	c.JSON(200, userContext)
}

func (controller *ContextController) appContextHandler(c *gin.Context) {
	appUrl, err := url.Parse(controller.config.AppURL)
	if err != nil {
		tlog.App.Error().Err(err).Msg("Failed to parse app URL")
		c.JSON(500, gin.H{
			"status":  500,
			"message": "Internal Server Error",
		})
		return
	}

	c.JSON(200, AppContextResponse{
		Status:                200,
		Message:               "Success",
		Providers:             controller.config.Providers,
		Title:                 controller.config.Title,
		AppURL:                fmt.Sprintf("%s://%s", appUrl.Scheme, appUrl.Host),
		CookieDomain:          controller.config.CookieDomain,
		ForgotPasswordMessage: controller.config.ForgotPasswordMessage,
		BackgroundImage:       controller.config.BackgroundImage,
		OAuthAutoRedirect:     controller.config.OAuthAutoRedirect,
		WarningsEnabled:       controller.config.WarningsEnabled,
	})
}