Merge pull request #10 from isd-sgcu/auth-svc

Auth svc + new error handling

apperror/apperror.go

@@ -1,6 +1,11 @@
 package apperror
 
-import "net/http"
+import (
+	"net/http"
+
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+)
 
 type AppError struct {
 	Id       string
@@ -12,21 +17,55 @@ func (e *AppError) Error() string {
 }
 
 var (
+	BadRequest         = &AppError{"Bad request", http.StatusBadRequest}
+	Unauthorized       = &AppError{"Unauthorized", http.StatusUnauthorized}
+	Forbidden          = &AppError{"Forbidden", http.StatusForbidden}
+	NotFound           = &AppError{"Not found", http.StatusNotFound}
 	InternalServer     = &AppError{"Internal error", http.StatusInternalServerError}
 	ServiceUnavailable = &AppError{"Internal error", http.StatusServiceUnavailable}
-	Unauthorized       = &AppError{"Unauthorized", http.StatusUnauthorized}
-	BadRequest         = &AppError{"Bad request", http.StatusBadRequest}
-	InvalidToken       = &AppError{"Invalid token", http.StatusUnauthorized}
 )
 
 func BadRequestError(message string) *AppError {
 	return &AppError{message, http.StatusBadRequest}
 }
 
+func UnauthorizedError(message string) *AppError {
+	return &AppError{message, http.StatusUnauthorized}
+}
+
+func ForbiddenError(message string) *AppError {
+	return &AppError{message, http.StatusForbidden}
+}
+
 func NotFoundError(message string) *AppError {
 	return &AppError{message, http.StatusNotFound}
 }
 
 func InternalServerError(message string) *AppError {
 	return &AppError{message, http.StatusInternalServerError}
 }
+
+func ServiceUnavailableError(message string) *AppError {
+	return &AppError{message, http.StatusServiceUnavailable}
+}
+
+func HandleServiceError(err error) *AppError {
+	st, ok := status.FromError(err)
+	if !ok {
+		return InternalServer
+	}
+	switch st.Code() {
+	case codes.InvalidArgument:
+		return BadRequestError(err.Error())
+	case codes.Unauthenticated:
+		return UnauthorizedError(err.Error())
+	case codes.PermissionDenied:
+		return ForbiddenError(err.Error())
+	case codes.NotFound:
+		return NotFoundError(err.Error())
+	case codes.Internal:
+		return InternalServerError(err.Error())
+	default:
+		return ServiceUnavailable
+	}
+}

docker-compose.qa.template.yml

@@ -35,8 +35,13 @@ services:
       JWT_REFRESH_TTL: 259200
       JWT_ISSUER: rpkm67.sgcu.in.th
       JWT_RESET_TOKEN_TTL: 900
+      OAUTH_CLIENT_ID: client_id
+      OAUTH_CLIENT_SECRET: client_secret
+      OAUTH_REDIRECT_URI: http://localhost:3000
     networks:
       - rpkm67
+    volumes:
+      - ./microservices/auth:/app/config/staffs
     ports:
       - "3002:3002"
 

internal/auth/auth.service.go

@@ -8,13 +8,11 @@ import (
 	"github.com/isd-sgcu/rpkm67-gateway/internal/dto"
 	authProto "github.com/isd-sgcu/rpkm67-go-proto/rpkm67/auth/auth/v1"
 	"go.uber.org/zap"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
 )
 
 type Service interface {
-	Validate()
-	RefreshToken()
+	Validate(req *dto.ValidateRequest) (*dto.ValidateResponse, *apperror.AppError)
+	RefreshToken(req *dto.RefreshTokenRequest) (*dto.Credential, *apperror.AppError)
 	GetGoogleLoginUrl() (*dto.GetGoogleLoginUrlResponse, *apperror.AppError)
 	VerifyGoogleLogin(req *dto.VerifyGoogleLoginRequest) (*dto.VerifyGoogleLoginResponse, *apperror.AppError)
 }
@@ -31,9 +29,36 @@ func NewService(client authProto.AuthServiceClient, log *zap.Logger) Service {
 	}
 }
 
-func (s *serviceImpl) Validate() {
+func (s *serviceImpl) Validate(req *dto.ValidateRequest) (*dto.ValidateResponse, *apperror.AppError) {
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	res, err := s.client.Validate(ctx, &authProto.ValidateRequest{AccessToken: req.AccessToken})
+	if err != nil {
+		s.log.Named("Validate").Error("Validate: ", zap.Error(err))
+		return nil, apperror.HandleServiceError(err)
+	}
+
+	return &dto.ValidateResponse{
+		UserId: res.UserId,
+		Role:   res.Role,
+	}, nil
 }
-func (s *serviceImpl) RefreshToken() {
+func (s *serviceImpl) RefreshToken(req *dto.RefreshTokenRequest) (*dto.Credential, *apperror.AppError) {
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	res, err := s.client.RefreshToken(ctx, &authProto.RefreshTokenRequest{RefreshToken: req.RefreshToken})
+	if err != nil {
+		s.log.Named("RefreshToken").Error("RefreshToken: ", zap.Error(err))
+		return nil, apperror.HandleServiceError(err)
+	}
+
+	return &dto.Credential{
+		AccessToken:  res.Credential.AccessToken,
+		RefreshToken: res.Credential.RefreshToken,
+		ExpiresIn:    int(res.Credential.ExpiresIn),
+	}, nil
 }
 
 func (s *serviceImpl) GetGoogleLoginUrl() (*dto.GetGoogleLoginUrlResponse, *apperror.AppError) {
@@ -42,16 +67,8 @@ func (s *serviceImpl) GetGoogleLoginUrl() (*dto.GetGoogleLoginUrlResponse, *appe
 
 	res, err := s.client.GetGoogleLoginUrl(ctx, &authProto.GetGoogleLoginUrlRequest{})
 	if err != nil {
-		st, ok := status.FromError(err)
-		if !ok {
-			return nil, apperror.InternalServer
-		}
-		switch st.Code() {
-		case codes.Internal:
-			return nil, apperror.InternalServerError(err.Error())
-		default:
-			return nil, apperror.ServiceUnavailable
-		}
+		s.log.Named("GetGoogleLoginUrl").Error("GetGoogleLoginUrl: ", zap.Error(err))
+		return nil, apperror.HandleServiceError(err)
 	}
 
 	return &dto.GetGoogleLoginUrlResponse{
@@ -67,18 +84,8 @@ func (s *serviceImpl) VerifyGoogleLogin(req *dto.VerifyGoogleLoginRequest) (*dto
 		Code: req.Code,
 	})
 	if err != nil {
-		st, ok := status.FromError(err)
-		if !ok {
-			return nil, apperror.InternalServer
-		}
-		switch st.Code() {
-		case codes.AlreadyExists:
-			return nil, apperror.BadRequestError("User already exists")
-		case codes.Internal:
-			return nil, apperror.InternalServerError(err.Error())
-		default:
-			return nil, apperror.ServiceUnavailable
-		}
+		s.log.Named("VerifyGoogleLogin").Error("VerifyGoogleLogin: ", zap.Error(err))
+		return nil, apperror.HandleServiceError(err)
 	}
 
 	return &dto.VerifyGoogleLoginResponse{
@@ -89,70 +96,3 @@ func (s *serviceImpl) VerifyGoogleLogin(req *dto.VerifyGoogleLoginRequest) (*dto
 		},
 	}, nil
 }
-
-// func (s *serviceImpl) SignUp(req *dto.SignUpRequest) (*dto.SignupResponse, *apperror.AppError) {
-// ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
-// defer cancel()
-
-// res, err := s.client.SignUp(ctx, &authProto.SignUpRequest{
-// 	Email:     req.Email,
-// 	Password:  req.Password,
-// 	Firstname: req.Firstname,
-// 	Lastname:  req.Lastname,
-// })
-// if err != nil {
-// 	st, ok := status.FromError(err)
-// 	if !ok {
-// 		return nil, apperror.InternalServer
-// 	}
-// 	switch st.Code() {
-// 	case codes.AlreadyExists:
-// 		return nil, apperror.BadRequestError("User already exists")
-// 	case codes.Internal:
-// 		return nil, apperror.InternalServerError(err.Error())
-// 	default:
-// 		return nil, apperror.ServiceUnavailable
-// 	}
-// }
-
-// return &dto.SignupResponse{
-// 	Id:        res.Id,
-// 	Email:     res.Email,
-// 	Firstname: res.Firstname,
-// 	Lastname:  res.Lastname,
-// }, nil
-
-// 	return nil, nil
-// }
-
-func (s *serviceImpl) SignIn(req *dto.SignInRequest) (*dto.Credential, *apperror.AppError) {
-	// ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
-	// defer cancel()
-
-	// res, err := s.client.SignIn(ctx, &authProto.SignInRequest{
-	// 	Email:    req.Email,
-	// 	Password: req.Password,
-	// })
-	// if err != nil {
-	// 	st, ok := status.FromError(err)
-	// 	if !ok {
-	// 		return nil, apperror.InternalServer
-	// 	}
-	// 	switch st.Code() {
-	// 	case codes.AlreadyExists:
-	// 		return nil, apperror.BadRequestError("User already exists")
-	// 	case codes.Internal:
-	// 		return nil, apperror.InternalServerError(err.Error())
-	// 	default:
-	// 		return nil, apperror.ServiceUnavailable
-	// 	}
-	// }
-
-	// return &dto.Credential{
-	// 	AccessToken:  res.Credential.AccessToken,
-	// 	RefreshToken: res.Credential.RefreshToken,
-	// 	ExpiresIn:    int(res.Credential.ExpiresIn),
-	// }, nil
-
-	return nil, nil
-}

internal/checkin/checkin.service.go

@@ -8,8 +8,6 @@ import (
 	"github.com/isd-sgcu/rpkm67-gateway/internal/dto"
 	checkinProto "github.com/isd-sgcu/rpkm67-go-proto/rpkm67/checkin/checkin/v1"
 	"go.uber.org/zap"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
 )
 
 type Service interface {
@@ -41,18 +39,7 @@ func (s *serviceImpl) Create(req *dto.CreateCheckInRequest) (*dto.CreateCheckInR
 	})
 	if err != nil {
 		s.log.Named("Create").Error("Create: ", zap.Error(err))
-		st, ok := status.FromError(err)
-		if !ok {
-			return nil, apperror.InternalServer
-		}
-		switch st.Code() {
-		case codes.InvalidArgument:
-			return nil, apperror.BadRequest
-		case codes.Internal:
-			return nil, apperror.InternalServer
-		default:
-			return nil, apperror.ServiceUnavailable
-		}
+		return nil, apperror.HandleServiceError(err)
 	}
 
 	return &dto.CreateCheckInResponse{
@@ -74,18 +61,7 @@ func (s *serviceImpl) FindByEmail(req *dto.FindByEmailCheckInRequest) (*dto.Find
 	})
 	if err != nil {
 		s.log.Named("FindByEmail").Error("FindByEmail: ", zap.Error(err))
-		st, ok := status.FromError(err)
-		if !ok {
-			return nil, apperror.InternalServer
-		}
-		switch st.Code() {
-		case codes.InvalidArgument:
-			return nil, apperror.BadRequest
-		case codes.Internal:
-			return nil, apperror.InternalServer
-		default:
-			return nil, apperror.ServiceUnavailable
-		}
+		return nil, apperror.HandleServiceError(err)
 	}
 
 	return &dto.FindByEmailCheckInResponse{
@@ -102,18 +78,7 @@ func (s *serviceImpl) FindByUserID(req *dto.FindByUserIdCheckInRequest) (*dto.Fi
 	})
 	if err != nil {
 		s.log.Named("FindByUserID").Error("FindByUserID: ", zap.Error(err))
-		st, ok := status.FromError(err)
-		if !ok {
-			return nil, apperror.InternalServer
-		}
-		switch st.Code() {
-		case codes.InvalidArgument:
-			return nil, apperror.BadRequest
-		case codes.Internal:
-			return nil, apperror.InternalServer
-		default:
-			return nil, apperror.ServiceUnavailable
-		}
+		return nil, apperror.HandleServiceError(err)
 	}
 
 	return &dto.FindByUserIdCheckInResponse{

internal/dto/auth.dto.go

@@ -6,18 +6,11 @@ type Credential struct {
 	ExpiresIn    int    `json:"expires_in" example:"3600"`
 }
 
-type SignInRequest struct {
-	Email    string `json:"email" validate:"required"`
-	Password string `json:"password" validate:"required,gte=6,lte=30"`
-}
-type SignUpRequest struct {
-	Email     string `json:"email" validate:"required"`
-	Password  string `json:"password" validate:"required,gte=6,lte=30"`
-	Firstname string `json:"firstname" validate:"required"`
-	Lastname  string `json:"lastname" validate:"required"`
+type ValidateRequest struct {
+	AccessToken string `json:"access_token" validate:"required"`
 }
 
-type TokenPayloadAuth struct {
+type ValidateResponse struct {
 	UserId string `json:"user_id"`
 	Role   string `json:"role"`
 }