added amore robust user model, and some notes on a subscription based callback redirect
This commit is contained in:
parent
af37be92bc
commit
291a3f80c3
@ -42,7 +42,7 @@ func NewCallbackHandler(c Config) http.HandlerFunc {
|
||||
}
|
||||
|
||||
oidcConfig := &oidc.Config{
|
||||
ClientID: "ae1e02bTwXA35O3r3Xxk4kbRf31j5ge9",
|
||||
ClientID: c.ClientID,
|
||||
}
|
||||
|
||||
idToken, err := authenticator.Provider.Verifier(oidcConfig).Verify(context.TODO(), rawIDToken)
|
||||
@ -53,22 +53,39 @@ func NewCallbackHandler(c Config) http.HandlerFunc {
|
||||
}
|
||||
|
||||
// Getting now the userInfo
|
||||
var profile map[string]interface{}
|
||||
if err := idToken.Claims(&profile); err != nil {
|
||||
user := User{}
|
||||
|
||||
// var profile map[string]interface{}
|
||||
if err := idToken.Claims(&user); err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
session.Values["id_token"] = rawIDToken
|
||||
session.Values["access_token"] = token.AccessToken
|
||||
session.Values["profile"] = profile
|
||||
session.Values["profile"] = user
|
||||
err = session.Save(r, w)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Redirect to logged in page
|
||||
http.Redirect(w, r, "/user", http.StatusSeeOther)
|
||||
// if application ID is non existent, and therefore does not have a tenant
|
||||
// Create or associate?
|
||||
// Create:
|
||||
// - Create Tenant
|
||||
// - Specify plan
|
||||
// - Specify payment info
|
||||
// - Associate Tenant
|
||||
// - by email address domain?
|
||||
//set tenant ID on application ID in App Metadata on user
|
||||
|
||||
if c.CallbackFunc != nil {
|
||||
c.CallbackFunc(c, user)
|
||||
} else {
|
||||
// Redirect to logged in page
|
||||
http.Redirect(w, r, "/user", http.StatusSeeOther)
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -10,17 +10,21 @@ type Config struct {
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
CallbackURL string
|
||||
CallbackFunc CallbackFunc
|
||||
}
|
||||
|
||||
func FromEnv() Config {
|
||||
func FromEnv(c CallbackFunc) Config {
|
||||
return Config{
|
||||
Domain: os.Getenv("AUTH_DOMAIN"),
|
||||
ClientID: os.Getenv("AUTH_CLIENT_ID"),
|
||||
ClientSecret: os.Getenv("AUTH_CLIENT_SECRET"),
|
||||
CallbackURL: os.Getenv("AUTH_CALLBACK_URL"),
|
||||
CallbackFunc: c,
|
||||
}
|
||||
}
|
||||
|
||||
func PrintConfig() {
|
||||
fmt.Printf("%#v\n", FromEnv())
|
||||
fmt.Printf("%#v\n", FromEnv(nil))
|
||||
}
|
||||
|
||||
type CallbackFunc func(c Config, u User) error
|
||||
|
@ -11,6 +11,7 @@ func IsAuthenticated(w http.ResponseWriter, r *http.Request, next http.HandlerFu
|
||||
}
|
||||
|
||||
if _, ok := session.Values["profile"]; !ok {
|
||||
//TODO allow customization of redirect
|
||||
http.Redirect(w, r, "/", http.StatusSeeOther)
|
||||
} else {
|
||||
next(w, r)
|
||||
|
@ -13,5 +13,7 @@ var (
|
||||
func Init() error {
|
||||
Store = sessions.NewFilesystemStore("", []byte("something-very-secret"))
|
||||
gob.Register(map[string]interface{}{})
|
||||
gob.Register(User{})
|
||||
|
||||
return nil
|
||||
}
|
||||
|
22
auth/user.go
22
auth/user.go
@ -16,3 +16,25 @@ func UserHandler(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
jchenry_http.RenderTemplate(w, "user", session.Values["profile"])
|
||||
}
|
||||
|
||||
type User struct {
|
||||
Email string `json:"email"`
|
||||
FirstName string `json:"given_name"`
|
||||
LastName string `json:"family_name"`
|
||||
Picture string `json:"picture"`
|
||||
Nickname string `json:"nickname"`
|
||||
AppMetadata AppMetadata `json:"app_metadata"`
|
||||
|
||||
//UserMetadata UserMetadata `json:"user_metadata"`
|
||||
}
|
||||
|
||||
type AppMetadata struct {
|
||||
Apps map[string]string // an association between the unique applicationID and the tenantID that the user is associated with
|
||||
// Apps []struct {
|
||||
// ApplicationID string
|
||||
// TenantID string
|
||||
// }
|
||||
}
|
||||
|
||||
// type UserMetadata struct {
|
||||
// }
|
||||
|
@ -18,7 +18,7 @@ func StartServer() {
|
||||
auth.PrintConfig()
|
||||
s := jch_http.NewServer(negroni.New()).
|
||||
Static("/public/*filepath", http.Dir("public/")).
|
||||
Service("", auth.Service(auth.FromEnv())).
|
||||
Service("", auth.Service(auth.FromEnv(nil))).
|
||||
GET("/", "", http.HandlerFunc(HomeHandler))
|
||||
|
||||
port := os.Getenv("PORT")
|
||||
|
@ -15,8 +15,8 @@
|
||||
<div class="container">
|
||||
<div class="login-page clearfix">
|
||||
<div class="logged-in-box auth0-box logged-in">
|
||||
<img class="avatar" src="{{.picture}}"/>
|
||||
<h2>Welcome {{.nickname}}</h2>
|
||||
<img class="avatar" src="{{.Picture}}"/>
|
||||
<h2>Welcome {{.Nickname}}</h2>
|
||||
<a id="qsLogoutBtn" class="btn btn-primary btn-lg btn-logout btn-block" href="/logout">Logout</a>
|
||||
</div>
|
||||
</div>
|
||||
|
Loading…
Reference in New Issue
Block a user