woj-server/internal/api/oauth/login.go

package oauth

import (
	"context"
	"fmt"
	"git.0x7f.app/WOJ/woj-server/internal/e"
	"git.0x7f.app/WOJ/woj-server/pkg/utils"
	"github.com/gin-gonic/gin"
	"net/http"
)

// LoginHandler
// @Summary     Login with OAuth2
// @Description Get OAuth2 Login URL
// @Tags        oauth
// @Produce     json
// @Response    200 {object} e.Response[string] "random string"
// @Router      /oauth/login [post]
func (h *handler) LoginHandler() gin.HandlerFunc {
	return func(c *gin.Context) {
		state := utils.RandomString(64)
		key := utils.RandomString(16)

		err := h.cache.Get().Set(context.Background(), fmt.Sprintf(oauthStateKey, key), state, oauthStateLiveness).Err()
		if err != nil {
			e.Pong[any](c, e.RedisError, nil)
			return
		}

		c.SetSameSite(http.SameSiteStrictMode)
		c.SetCookie(oauthStateCookieName, key, int(oauthStateLiveness.Seconds()), "/", "", false, true)

		url := h.conf.AuthCodeURL(state)
		e.Pong(c, e.Success, url)
	}
}
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00			`package oauth`

			`import (`
fix: signed state could not prevent replay attack, use redis to store real state and delete once checked 2024-01-03 14:10:44 +08:00			`"context"`
			`"fmt"`
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00			`"git.0x7f.app/WOJ/woj-server/internal/e"`
			`"git.0x7f.app/WOJ/woj-server/pkg/utils"`
			`"github.com/gin-gonic/gin"`
			`"net/http"`
			`)`

			`// LoginHandler`
			`// @Summary Login with OAuth2`
			`// @Description Get OAuth2 Login URL`
			`// @Tags oauth`
			`// @Produce json`
			`// @Response 200 {object} e.Response[string] "random string"`
			`// @Router /oauth/login [post]`
chore: move oauth into api 2024-01-05 00:57:43 +08:00			`func (h *handler) LoginHandler() gin.HandlerFunc {`
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00			`return func(c *gin.Context) {`
			`state := utils.RandomString(64)`
fix: signed state could not prevent replay attack, use redis to store real state and delete once checked 2024-01-03 14:10:44 +08:00			`key := utils.RandomString(16)`

chore: move oauth into api 2024-01-05 00:57:43 +08:00			`err := h.cache.Get().Set(context.Background(), fmt.Sprintf(oauthStateKey, key), state, oauthStateLiveness).Err()`
fix: signed state could not prevent replay attack, use redis to store real state and delete once checked 2024-01-03 14:10:44 +08:00			`if err != nil {`
			`e.Pong[any](c, e.RedisError, nil)`
			`return`
			`}`
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00
			`c.SetSameSite(http.SameSiteStrictMode)`
chore: move oauth into api 2024-01-05 00:57:43 +08:00			`c.SetCookie(oauthStateCookieName, key, int(oauthStateLiveness.Seconds()), "/", "", false, true)`
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00
chore: move oauth into api 2024-01-05 00:57:43 +08:00			`url := h.conf.AuthCodeURL(state)`
feat: add initial oauth2 support 2024-01-03 00:55:41 +08:00			`e.Pong(c, e.Success, url)`
			`}`
			`}`