From 36806c9cf619801b89e35608d78b1ee8624db846 Mon Sep 17 00:00:00 2001 From: Bryce Covert Date: Mon, 18 Dec 2017 22:45:24 -0800 Subject: [PATCH] auth now actually works straight through google --- project.clj | 5 +++- src/clj/auto_ap/handler.clj | 49 ++++++++++++++++++++++++++++++------- src/cljs/auto_ap/core.cljs | 3 +++ src/cljs/auto_ap/db.cljs | 2 +- src/cljs/auto_ap/subs.cljs | 9 +++++-- src/cljs/auto_ap/views.cljs | 3 ++- 6 files changed, 57 insertions(+), 14 deletions(-) diff --git a/project.clj b/project.clj index cc6481ef..a0bebf96 100644 --- a/project.clj +++ b/project.clj @@ -22,7 +22,10 @@ [cljs-http "0.1.44"] [clj-http "3.7.0"] [org.clojure/core.async "0.3.465"] - [fogus/ring-edn "0.3.0"]] + [fogus/ring-edn "0.3.0"] + [buddy/buddy-auth "2.1.0"] + [buddy/buddy-sign "2.1.0"] + [clj-time "0.14.2"]] :plugins [[lein-ring "0.9.7"] [lein-cljsbuild "1.1.5"]] :clean-targets ^{:protect false} ["resources/public/js/compiled" "target"] diff --git a/src/clj/auto_ap/handler.clj b/src/clj/auto_ap/handler.clj index 6f9f457c..44650c49 100644 --- a/src/clj/auto_ap/handler.clj +++ b/src/clj/auto_ap/handler.clj @@ -15,7 +15,13 @@ [clojure.java.jdbc :as j] [clj-fuzzy.metrics :as m] [clj-http.client :as http] + [clj-time.core :as time] + + [buddy.auth :refer [authenticated?]] + [buddy.sign.jwt :as jwt] + [buddy.auth.backends.token :refer [jws-backend]] + [buddy.auth.middleware :refer [wrap-authorization wrap-authentication]] [auto-ap.db.companies :as companies])) (defn best-match [companies company-identifier] (->> companies @@ -29,11 +35,14 @@ (def google-client-id "264081895820-0nndcfo3pbtqf30sro82vgq5r27h8736.apps.googleusercontent.com") (def google-client-secret "OC-WemHurPXYpuIw5cT-B90g") +(def jwt-secret "auto ap invoices are awesome") + (defroutes app-routes - (GET "/" [] (response/resource-response "index.html" {:root "public"})) + (GET "/" [] + (response/resource-response "index.html" {:root "public"})) (GET "/api/oauth" {{:strs [code]} :query-params} (try - (let [result (-> "https://accounts.google.com/o/oauth2/token" + (let [token (-> "https://accounts.google.com/o/oauth2/token" (http/post {:form-params {"client_id" google-client-id "client_secret" google-client-secret @@ -42,19 +51,32 @@ "grant_type" "authorization_code"} :as :json}) :body - :access_token)] - {:status 200 - :body result}) + :access_token) + profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo" + {:headers {"Authorization" (str "Bearer " token)} :as :json}) + :body + :name) + ] + (if token + {:status 301 + :headers {"Location" (str "/?jwt=" (jwt/sign {:user "test" + :exp (time/plus (time/now) (time/days 7)) + :name profile} + jwt-secret + {:alg :hs512}))}} + {:status 401 + :body "Couldn't authenticate"})) (catch Exception e - (println e) + {:status 401 - :body "Couldn't authenticate"}))) + :body (str "Couldn't authenticate " (.toString e))}))) (GET "/api/invoices" [] {:status 200 :body (pr-str (invoices/get-all)) :headers {"Content-Type" "application/edn"}}) - (GET "/api/invoices/unpaid" {:keys [query-params]} + (GET "/api/invoices/unpaid" {:keys [query-params] :as r} + (println "TEST" r (authenticated? r)) {:status 200 :body (pr-str (invoices/get-unpaid (query-params "company"))) :headers {"Content-Type" "application/edn"}}) @@ -106,5 +128,14 @@ (routes (ANY "*" [] (response/resource-response "index.html" {:root "public"}))) (route/not-found "Not Found")) +(def auth-backend (jws-backend {:secret jwt-secret :options {:alg :hs512}})) + (def app - (wrap-edn-params (mp/wrap-multipart-params (wrap-params (wrap-reload #'app-routes))))) + (-> #'app-routes + (wrap-authorization auth-backend) + (wrap-authentication auth-backend) + (wrap-reload) + (wrap-params) + (mp/wrap-multipart-params) + (wrap-edn-params) + )) diff --git a/src/cljs/auto_ap/core.cljs b/src/cljs/auto_ap/core.cljs index 71bc522e..236a4e9d 100644 --- a/src/cljs/auto_ap/core.cljs +++ b/src/cljs/auto_ap/core.cljs @@ -27,6 +27,9 @@ (defn ^:export init [] (dev-setup) + (when-let [jwt (.get (js/URLSearchParams. (.-search (.-location js/window))) "jwt")] + (println "got jwt" jwt) + (.setItem js/localStorage "jwt" jwt)) (pushy/start! (pushy/pushy dispatch-route parse-url)) (re-frame/dispatch-sync [::events/initialize-db]) (mount-root)) diff --git a/src/cljs/auto_ap/db.cljs b/src/cljs/auto_ap/db.cljs index 5946dd16..1be65ebb 100644 --- a/src/cljs/auto_ap/db.cljs +++ b/src/cljs/auto_ap/db.cljs @@ -1,7 +1,7 @@ (ns auto-ap.db) (def default-db - {:user nil + {:user (.getItem js/localStorage "jwt") :company {:name "Campbell Brewing Company"} :companies [{:name "Campbell Brewing Company" :matches ["campbell brewing company" "campbell brewery company" "campbell brewing"]} diff --git a/src/cljs/auto_ap/subs.cljs b/src/cljs/auto_ap/subs.cljs index ce3fd209..76643e6c 100644 --- a/src/cljs/auto_ap/subs.cljs +++ b/src/cljs/auto_ap/subs.cljs @@ -1,5 +1,7 @@ (ns auto-ap.subs - (:require [re-frame.core :as re-frame])) + (:require [re-frame.core :as re-frame] + [clojure.string :as str] + [goog.crypt.base64 :as base64])) (re-frame/reg-sub ::company @@ -19,7 +21,10 @@ (re-frame/reg-sub ::user (fn [db] - (:user db))) + (when (:user db) + (let [{:strs [name] :as x} (js->clj (.parse js/JSON (base64/decodeString (second (str/split (:user db) #"\.")))))] + (println x) + {:name name})))) (re-frame/reg-sub ::active-page diff --git a/src/cljs/auto_ap/views.cljs b/src/cljs/auto_ap/views.cljs index ab7d6f45..88d43f17 100644 --- a/src/cljs/auto_ap/views.cljs +++ b/src/cljs/auto_ap/views.cljs @@ -224,7 +224,8 @@ ) (defn login [] (let [user (re-frame/subscribe [::subs/user])] - [:a {:class "navbar-link login" :href (login-url)} (or (get @user "name") "Login")])) + (println @user) + [:a {:class "navbar-link login" :href (login-url)} (or (:name @user) "Login")])) (defn main-panel [] (let [company (re-frame/subscribe [::subs/company])