notid/integreat
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Revamps all of the IOL's routing, so that the new history page can share with the rest.

Browse Source
This commit is contained in:
Bryce Covert
2023-01-12 16:56:40 -08:00
parent ce01a63797
commit 46dd191391
29 changed files with 1294 additions and 1053 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
src/clj/auto_ap/routes/auth.clj
View File

@@ -1,11 +1,11 @@
(ns auto-ap.routes.auth
(:require [auto-ap.datomic.users :as users]
[buddy.sign.jwt :as jwt]
[clj-http.client :as http]
[clj-time.core :as time]
[compojure.core :refer [GET defroutes]]
[config.core :refer [env]]
[clojure.tools.logging :as log]))
(:require
[auto-ap.datomic.users :as users]
[buddy.sign.jwt :as jwt]
[clj-http.client :as http]
[clj-time.core :as time]
[clojure.tools.logging :as log]
[config.core :refer [env]]))
(def google-client-id "264081895820-0nndcfo3pbtqf30sro82vgq5r27h8736.apps.googleusercontent.com")
(def google-client-secret "OC-WemHurPXYpuIw5cT-B90g")
@@ -19,48 +19,50 @@
(:jwt-secret env)
{:alg :hs512}))
(defroutes routes
(GET "/oauth" {{:strs [code]} :query-params {:strs [host]} :headers}
(try
(let [auth (-> "https://accounts.google.com/o/oauth2/token"
(http/post
{:form-params {"client_id" google-client-id
"client_secret" google-client-secret
"code" code
"redirect_uri" (str (:scheme env) "://" host "/api/oauth")
"grant_type" "authorization_code"}
:as :json})
:body)
token (:access_token auth)
profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo"
{:headers {"Authorization" (str "Bearer " token)} :as :json})
:body)
user (users/find-or-insert! {:user/provider "google"
:user/provider-id (:id profile)
:user/role :user-role/none
:user/name (:name profile)})
auth {:user (:name profile)
:exp (time/plus (time/now) (time/days 30))
:user/clients (map (fn [c]
(select-keys c [:client/code :db/id :client/name :client/locations]))
(:user/clients user))
:user/role (name (:user/role user))
:user/name (:name profile)}
]
(log/info "authenticated as user" user)
;; TODO - these namespaces are not being transmitted/deserialized properly
(if (and token user)
(let [jwt (jwt/sign auth
(:jwt-secret env)
{:alg :hs512})]
{:status 301
:headers {"Location" (str "/?jwt=" jwt)}
:session {:identity (dissoc auth :exp)}})
{:status 401
:body "Couldn't authenticate"}))
(catch Exception e
(log/warn e )
{:status 401
:body (str "Couldn't authenticate " (.toString e))}))))
(defn oauth [{{:strs [code]} :query-params {:strs [host]} :headers}]
(try
(let [auth (-> "https://accounts.google.com/o/oauth2/token"
(http/post
{:form-params {"client_id" google-client-id
"client_secret" google-client-secret
"code" code
"redirect_uri" (str (:scheme env) "://" host "/api/oauth")
"grant_type" "authorization_code"}
:as :json})
:body)
token (:access_token auth)
profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo"
{:headers {"Authorization" (str "Bearer " token)} :as :json})
:body)
user (users/find-or-insert! {:user/provider "google"
:user/provider-id (:id profile)
:user/role :user-role/none
:user/name (:name profile)})
auth {:user (:name profile)
:exp (time/plus (time/now) (time/days 30))
:user/clients (map (fn [c]
(select-keys c [:client/code :db/id :client/name :client/locations]))
(:user/clients user))
:user/role (name (:user/role user))
:user/name (:name profile)}
]
(log/info "authenticated as user" user)
;; TODO - these namespaces are not being transmitted/deserialized properly
(if (and token user)
(let [jwt (jwt/sign auth
(:jwt-secret env)
{:alg :hs512})]
{:status 301
:headers {"Location" (str "/?jwt=" jwt)}
:session {:identity (dissoc auth :exp)}})
{:status 401
:body "Couldn't authenticate"}))
(catch Exception e
(log/warn e )
{:status 401
:body (str "Couldn't authenticate " (.toString e))})))
(def routes {"api" {"/oauth" :oauth}})
(def match->handler {:oauth oauth})