ms-tester/internal/transport/interceptors.go

package transport

import (
	"context"
	"errors"
	"git.sch9.ru/new_gate/ms-tester/internal/lib"
	"git.sch9.ru/new_gate/ms-tester/internal/models"
	sessionv1 "git.sch9.ru/new_gate/ms-tester/pkg/go/gen/proto/session/v1"
	"google.golang.org/grpc"
	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/metadata"
	"google.golang.org/grpc/status"
)

var defaultUser = &models.User{
	UserId:    nil,
	Role:      models.RoleSpectator.AsPointer(),
	UpdatedAt: nil,
}

func extractToken(ctx context.Context) (string, error) {
	md, ok := metadata.FromIncomingContext(ctx)
	if !ok {
		return "", errors.New("no metadata") // FIXME
	}
	tokens := md.Get("token")

	if len(tokens) == 0 {
		return "", errors.New("no token in metadata") // FIXME
	}

	token := tokens[0]
	if token == "" {
		return "", errors.New("empty token in metadata") // FIXME
	}
	return token, nil
}

func (s *TesterServer) readSessionAndReadUser(ctx context.Context, token string) (*models.User, error) {
	// FIXME: possible bottle neck: should we cache it? (think of it in future)
	// FIXME: maybe use single connection instead of multiple requests
	userId, err := s.sessionClient.Read(ctx, &sessionv1.ReadSessionRequest{Token: token})
	if err != nil {
		return nil, status.Errorf(codes.Unauthenticated, "") // FIXME
	}

	user, err := s.userService.ReadUserById(ctx, userId.GetUserId()) // FIXME: must be cached!
	if err != nil {
		// FIXME: if error is "not found" (when error codes module is written)
		// means user has no record, so we should create it
		user = &models.User{
			UserId: lib.AsInt32P(userId.GetUserId()),
			Role:   models.RoleParticipant.AsPointer(),
		}
		err = s.userService.CreateUser(ctx, user)
		if err != nil {
			return nil, status.Errorf(codes.Unauthenticated, "") // FIXME
		}
	}

	return user, nil
}

func insertUser(ctx context.Context, user *models.User) context.Context {
	return context.WithValue(ctx, "user", user)
}

func extractUser(ctx context.Context) *models.User {
	return ctx.Value("user").(*models.User)
}

func (s *TesterServer) AuthUnaryInterceptor() grpc.UnaryServerInterceptor {
	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
		token, err := extractToken(ctx)
		if err != nil {
			return handler(insertUser(ctx, defaultUser), req)
		}

		user, err := s.readSessionAndReadUser(ctx, token)
		if err != nil {
			return handler(insertUser(ctx, defaultUser), req)
		}

		return handler(insertUser(ctx, user), req)
	}
}

type ssWrapper struct {
	grpc.ServerStream
	ctx context.Context
}

func (s *ssWrapper) Context() context.Context {
	return s.ctx
}

func (s *TesterServer) AuthStreamInterceptor() grpc.StreamServerInterceptor {
	return func(server interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
		ctx := ss.Context()

		token, err := extractToken(ctx)
		if err != nil {
			return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, defaultUser)})
		}

		user, err := s.readSessionAndReadUser(ctx, token)
		if err != nil {
			return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, defaultUser)})
		}

		return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, user)})
	}
}
Initial commit 2024-07-27 07:31:04 +00:00			`package transport`
refactor: 2024-08-16 11:05:29 +00:00
			`import (`
			`"context"`
feat: add permission check 2024-08-20 11:18:23 +00:00			`"errors"`
			`"git.sch9.ru/new_gate/ms-tester/internal/lib"`
			`"git.sch9.ru/new_gate/ms-tester/internal/models"`
feat: package name&dir 2024-08-16 17:09:03 +00:00			`sessionv1 "git.sch9.ru/new_gate/ms-tester/pkg/go/gen/proto/session/v1"`
refactor: 2024-08-16 11:05:29 +00:00			`"google.golang.org/grpc"`
			`"google.golang.org/grpc/codes"`
feat: add permission check 2024-08-20 11:18:23 +00:00			`"google.golang.org/grpc/metadata"`
refactor: 2024-08-16 11:05:29 +00:00			`"google.golang.org/grpc/status"`
			`)`

feat: add permission check 2024-08-20 11:18:23 +00:00			`var defaultUser = &models.User{`
			`UserId: nil,`
			`Role: models.RoleSpectator.AsPointer(),`
			`UpdatedAt: nil,`
refactor: 2024-08-16 11:05:29 +00:00			`}`

feat: add permission check 2024-08-20 11:18:23 +00:00			`func extractToken(ctx context.Context) (string, error) {`
			`md, ok := metadata.FromIncomingContext(ctx)`
			`if !ok {`
			`return "", errors.New("no metadata") // FIXME`
			`}`
			`tokens := md.Get("token")`

			`if len(tokens) == 0 {`
			`return "", errors.New("no token in metadata") // FIXME`
			`}`

			`token := tokens[0]`
			`if token == "" {`
			`return "", errors.New("empty token in metadata") // FIXME`
			`}`
			`return token, nil`
			`}`

			`func (s TesterServer) readSessionAndReadUser(ctx context.Context, token string) (models.User, error) {`
			`// FIXME: possible bottle neck: should we cache it? (think of it in future)`
			`// FIXME: maybe use single connection instead of multiple requests`
			`userId, err := s.sessionClient.Read(ctx, &sessionv1.ReadSessionRequest{Token: token})`
			`if err != nil {`
			`return nil, status.Errorf(codes.Unauthenticated, "") // FIXME`
			`}`

			`user, err := s.userService.ReadUserById(ctx, userId.GetUserId()) // FIXME: must be cached!`
			`if err != nil {`
			`// FIXME: if error is "not found" (when error codes module is written)`
			`// means user has no record, so we should create it`
			`user = &models.User{`
			`UserId: lib.AsInt32P(userId.GetUserId()),`
			`Role: models.RoleParticipant.AsPointer(),`
			`}`
			`err = s.userService.CreateUser(ctx, user)`
			`if err != nil {`
feat: integrate auth 2024-08-16 15:01:08 +00:00			`return nil, status.Errorf(codes.Unauthenticated, "") // FIXME`
refactor: 2024-08-16 11:05:29 +00:00			`}`
feat: add permission check 2024-08-20 11:18:23 +00:00			`}`
refactor: 2024-08-16 11:05:29 +00:00
feat: add permission check 2024-08-20 11:18:23 +00:00			`return user, nil`
			`}`
refactor: 2024-08-16 11:05:29 +00:00
feat: add permission check 2024-08-20 11:18:23 +00:00			`func insertUser(ctx context.Context, user *models.User) context.Context {`
			`return context.WithValue(ctx, "user", user)`
			`}`

			`func extractUser(ctx context.Context) *models.User {`
			`return ctx.Value("user").(*models.User)`
			`}`

			`func (s *TesterServer) AuthUnaryInterceptor() grpc.UnaryServerInterceptor {`
			`return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {`
			`token, err := extractToken(ctx)`
			`if err != nil {`
			`return handler(insertUser(ctx, defaultUser), req)`
feat: integrate auth 2024-08-16 15:01:08 +00:00			`}`

feat: add permission check 2024-08-20 11:18:23 +00:00			`user, err := s.readSessionAndReadUser(ctx, token)`
feat: integrate auth 2024-08-16 15:01:08 +00:00			`if err != nil {`
feat: add permission check 2024-08-20 11:18:23 +00:00			`return handler(insertUser(ctx, defaultUser), req)`
feat: integrate auth 2024-08-16 15:01:08 +00:00			`}`

feat: add permission check 2024-08-20 11:18:23 +00:00			`return handler(insertUser(ctx, user), req)`
			`}`
			`}`

			`type ssWrapper struct {`
			`grpc.ServerStream`
			`ctx context.Context`
			`}`

			`func (s *ssWrapper) Context() context.Context {`
			`return s.ctx`
			`}`

			`func (s *TesterServer) AuthStreamInterceptor() grpc.StreamServerInterceptor {`
			`return func(server interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {`
			`ctx := ss.Context()`

			`token, err := extractToken(ctx)`
			`if err != nil {`
			`return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, defaultUser)})`
			`}`

			`user, err := s.readSessionAndReadUser(ctx, token)`
			`if err != nil {`
			`return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, defaultUser)})`
			`}`
feat: integrate auth 2024-08-16 15:01:08 +00:00
feat: add permission check 2024-08-20 11:18:23 +00:00			`return handler(server, &ssWrapper{ServerStream: ss, ctx: insertUser(ctx, user)})`
refactor: 2024-08-16 11:05:29 +00:00			`}`
			`}`