Merge pull request #42 from sdslabs/VettelMajor

Recovery and Verification Flow
sdslabs · Feb 14, 2024 · c877fe6 · c877fe6
2 parents d537ce3 + c2d55ca
commit c877fe6
Show file tree

Hide file tree

Showing 21 changed files with 384 additions and 383 deletions.
diff --git a/api/admin.go b/api/admin.go
@@ -31,23 +31,6 @@ func HandleCreateIdentityFlow(c *gin.Context) {
 		return
 	}
 
-	var mappedJsonIdentity map[string]interface{}
-
-	data, err := json.Marshal(t)
-
-	if err != nil {
-		log.ErrorLogger("Unable to convert map to json", err)
-
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
-		c.JSON(errCode, gin.H{
-			"error":   err.Error(),
-			"message": "Unable to convert map to json",
-		})
-		return
-	}
-
-	err = json.Unmarshal(data, &mappedJsonIdentity)
-
 	if err != nil {
 		log.ErrorLogger("Unable to convert JSON to map", err)
 
@@ -59,7 +42,7 @@ func HandleCreateIdentityFlow(c *gin.Context) {
 		return
 	}
 
-	createdIdentity, r, err := admin.CreateIdentityFlowWrapper(mappedJsonIdentity)
+	createdIdentity, r, err := admin.CreateIdentityFlowWrapper(t)
 
 	if err != nil {
 		log.ErrorLogger("Error while calling `AdminCreateIdentity`", err)
@@ -209,3 +192,85 @@ func HandleBanIdentity(c *gin.Context) {
 		"identity": id,
 	})
 }
+
+func HandleRemoveBanIdentity(c *gin.Context) {
+	var t IdentityBody
+	err := c.BindJSON(&t)
+
+	if err != nil {
+		log.ErrorLogger("Unable to process JSON body", err)
+
+		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		c.JSON(errCode, gin.H{
+			"error":   err.Error(),
+			"message": "Unable to process JSON body",
+		})
+		return
+	}
+
+	identityResult, r, err := admin.GetIdentityFlowWrapper(t.Identity)
+
+	if err != nil {
+		log.ErrorLogger("Error while fetching Identity details", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": "Internal server error",
+		})
+		return
+	}
+
+	id, r, err := admin.RemoveBanIdentityFlowWrapper(identityResult)
+
+	if err != nil {
+		log.ErrorLogger("Error while calling `AdminPatchIdentities`", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"identity": id,
+	})
+}
+
+func HandleRoleSwitch(c *gin.Context) {
+	var t IdentityBody
+	err := c.BindJSON(&t)
+
+	if err != nil {
+		log.ErrorLogger("Unable to process JSON body", err)
+
+		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		c.JSON(errCode, gin.H{
+			"error":   err.Error(),
+			"message": "Unable to process JSON body",
+		})
+		return
+	}
+
+	identityResult, r, err := admin.GetIdentityFlowWrapper(t.Identity)
+
+	if err != nil {
+		log.ErrorLogger("Error while fetching Identity details", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": "Internal server error",
+		})
+		return
+	}
+
+	id, r, err := admin.RoleSwitchFlowWrapper(identityResult)
+
+	if err != nil {
+		log.ErrorLogger("Error while calling `AdminPatchIdentities`", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"identity": id,
+	})
+}
diff --git a/api/logout.go b/api/logout.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/gin-gonic/gin"
 
+	"github.com/sdslabs/nymeria/config"
 	"github.com/sdslabs/nymeria/log"
 	"github.com/sdslabs/nymeria/pkg/wrapper/kratos/logout"
 )
@@ -79,6 +80,7 @@ func HandlePostLogoutFlow(c *gin.Context) {
 		return
 	}
 
+	c.SetCookie("sdslabs_session", "", 1, "/", config.NymeriaConfig.URL.Domain, true, true)
 	c.JSON(http.StatusOK, gin.H{
 		"status": "user logged out",
 	})

diff --git a/api/main.go b/api/main.go
@@ -36,11 +36,13 @@ func Start() {
 	r.GET("/mfa", HandleGetMFAFlow)
 	r.POST("/mfa", HandlePostMFAFlow)
 
-	r.POST("/create-identity", HandleCreateIdentityFlow)
-	r.GET("/get-identity", HandleGetIdentityFlow)
-	r.POST("/delete-identity", HandleDeleteIdentityFlow)
-	r.GET("/list-identity", HandleListIdentity)
-	r.PUT("/update-identity/ban", HandleBanIdentity)
+	r.POST("/create-identity", middleware.OnlyAdmin, HandleCreateIdentityFlow)
+	r.GET("/get-identity", middleware.OnlyAdmin, HandleGetIdentityFlow)
+	r.POST("/delete-identity", middleware.OnlyAdmin, HandleDeleteIdentityFlow)
+	r.GET("/list-identity", middleware.OnlyAdmin, HandleListIdentity)
+	r.PUT("/update-identity/ban", middleware.OnlyAdmin, HandleBanIdentity)
+	r.PUT("/update-identity/remove-ban", middleware.OnlyAdmin, HandleRemoveBanIdentity)
+	r.PUT("/update-identity/switch-roles", middleware.OnlyAdmin, HandleRoleSwitch)
 
 	r.GET("/register", HandleGetRegistrationFlow)
 	r.POST("/register", HandlePostRegistrationFlow)
@@ -61,7 +63,7 @@ func Start() {
 	r.GET("/verification", HandleGetVerificationFlow)
 	r.POST("/verification", HandlePostVerificationFlow)
 
-	r.POST("/get_profile", middleware.HandleAppAuthorization, HandlePostProfile)
+	r.POST("/get_profile", HandlePostProfile)
 	r.POST("/verify_app", middleware.HandleAppAuthorization, func(c *gin.Context) {
 		c.JSON(http.StatusOK, gin.H{
 			"message": "Authorized",

diff --git a/api/profile.go b/api/profile.go
@@ -11,12 +11,6 @@ import (
 	"github.com/sdslabs/nymeria/pkg/middleware"
 )
 
-type Profile struct {
-	Email       string `json:"email"`
-	Name        string `json:"name"`
-	PhoneNumber string `json:"phone_number"`
-}
-
 func HandlePostProfile(c *gin.Context) {
 	session, err := middleware.GetSession(c)
 	if err != nil {
@@ -31,10 +25,6 @@ func HandlePostProfile(c *gin.Context) {
 	identity := session.GetIdentity()
 	traits := identity.GetTraits()
 	profile := traits.(map[string]interface{})
-	response := Profile{
-		Email:       profile["email"].(string),
-		Name:        profile["name"].(string),
-		PhoneNumber: profile["phone_number"].(string),
-	}
-	c.JSON(http.StatusOK, response)
+
+	c.JSON(http.StatusOK, profile)
 }
diff --git a/api/recovery.go b/api/recovery.go
@@ -61,7 +61,7 @@ func HandlePostRecoveryFlow(c *gin.Context) {
 		return
 	}
 
-	session, err := recovery.SubmitRecoveryFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Code, t.Method)
+	_, err = recovery.SubmitRecoveryFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Email)
 
 	if err != nil {
 		log.ErrorLogger("POST Recovery flow failed", err)
@@ -73,8 +73,7 @@ func HandlePostRecoveryFlow(c *gin.Context) {
 		return
 	}
 
-	c.SetCookie("sdslabs_session", session, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)
 	c.JSON(http.StatusOK, gin.H{
-		"message": "Mail sent with recovery code",
+		"message": "Mail sent with recovery link",
 	})
 }