chore : refactoring user service

.gitignore

@@ -42,3 +42,5 @@ dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-
 dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
 dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
 
+.vscode/launch.json
+dist/metadata.json

.vscode/launch.json

@@ -6,7 +6,7 @@
             "type": "go",
             "debugAdapter": "dlv-dap",
             "request": "launch",
-            "port": 38133,
+            "port": 45307,
             "host": "127.0.0.1",
             "mode": "exec",
             "program": "${workspaceFolder}/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service"

dist/metadata.json

@@ -1 +1 @@
-{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"f89d096bc2bb2452772dc54d309c629068dee56b","date":"2024-10-01T11:08:09.593194619+07:00","runtime":{"goos":"linux","goarch":"amd64"}}
+{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"22d16769ff5dfcfc7725d0ac0e3e7a670cd80bee","date":"2024-10-02T10:44:57.53465879+07:00","runtime":{"goos":"linux","goarch":"amd64"}}

model/sys_common.go

@@ -18,5 +18,5 @@ type APPModel struct {
 type Result struct {
 	Success int         `json:"success" example:"200"`
 	Message string      `json:"message" example:"ok"`
-	Data    interface{} `json:"data" example:"返回结果"`
+	Data    interface{} `json:"data" example:"Return result"`
 }

route/v1/user.go

@@ -283,7 +283,7 @@ func OIDC() error {
 		ClientSecret: clientSecret,
 		RedirectURL:  callbackURL,
 		Endpoint:     provider.Endpoint(),
-		Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "goauthentik.io/api"},
+		Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "offline_access", "goauthentik.io/api"},
 		//add offline access for refresh token
 	}
 	return nil
@@ -311,10 +311,7 @@ func OIDCLogin(c *gin.Context) {
 	c.ShouldBind(&json)
 	state := json["state"]
 	callBackUrl := fmt.Sprintf("%s/%s", json["baseUrl"], "v1/users/oidc/callback")
-	// w := c.Writer
-	// r := c.Request
-	// setCallbackCookie(w, r, "state", state)
-	// c.Redirect(http.StatusFound, oauth2Config.AuthCodeURL(state))
+
 	oauth2Config.RedirectURL = callBackUrl
 	c.JSON(common_err.SUCCESS,
 		model.Result{
@@ -366,14 +363,15 @@ func OIDCCallback(c *gin.Context) {
 		return
 	}
 	expiryDuration := time.Until(oauth2Token.Expiry)
-	c.SetCookie("accessToken", oauth2Token.AccessToken, int(expiryDuration.Seconds()), "/", "", false, true)
-	// c.SetCookie("refreshToken", oauth2Token.RefreshToken, int(expiryDuration.Seconds()), "/", "", false, true)
+	c.SetCookie("authentik_accessToken", oauth2Token.AccessToken, int(expiryDuration.Seconds()), "/", "", false, true)
+	// c.SetCookie("authentik_refreshToken", oauth2Token.RefreshToken, int(expiryDuration.Seconds()), "/", "", false, true)
 	c.Redirect(http.StatusFound, state)
 }
 func OIDCUserInfo(c *gin.Context) {
 	json := make(map[string]string)
 	c.ShouldBind(&json)
-	accessToken, err := c.Cookie("accessToken")
+	accessToken, err := c.Cookie("authentik_accessToken")
+
 	if err != nil {
 		c.Redirect(http.StatusFound, "/#/oidc")
 	}
@@ -406,9 +404,12 @@ func OIDCValidateToken(c *gin.Context) {
 
 	json := make(map[string]string)
 	c.ShouldBind(&json)
-	accessToken := json["authentikToken"]
+	accessToken, err := c.Cookie("authentik_accessToken")
+	if err != nil {
+		c.Redirect(http.StatusFound, "/#/oidc")
+	}
 	var validateToken model2.AuthentikToken
-	validateToken, err := service.MyService.Authentik().ValidateToken(clientID, clientSecret, accessToken, authServer)
+	validateToken, err = service.MyService.Authentik().ValidateToken(clientID, clientSecret, accessToken, authServer)
 	if err != nil {
 		c.JSON(http.StatusUnauthorized, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
 		return
@@ -420,11 +421,8 @@ func OIDCValidateToken(c *gin.Context) {
 	c.JSON(http.StatusOK, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
 }
 func OIDCLogout(c *gin.Context) {
-
 	json := make(map[string]string)
 	c.ShouldBind(&json)
-	accessToken := json["authentikToken"]
-	fmt.Println(accessToken)
 	flow := "/if/flow/default-authentication-flow/"
 	next := "/application/o/authorize/"
 
@@ -439,11 +437,11 @@ func OIDCLogout(c *gin.Context) {
 }
 func OIDCProfile(c *gin.Context) {
 	if !oidcInit {
-
+		c.Redirect(http.StatusFound, "/#/authentik-offline")
 	}
 	json := make(map[string]string)
 	c.ShouldBind(&json)
-	accessToken, err := c.Cookie("accessToken")
+	accessToken, err := c.Cookie("authentik_accessToken")
 	if err != nil {
 		c.Redirect(http.StatusFound, "/#/oidc")
 	}
@@ -469,6 +467,7 @@ func OIDCProfile(c *gin.Context) {
 		user = model2.UserDBModel{
 			Username: authentikUser.User.Username,
 			Password: hashPassword(),
+			Email:    authentikUser.User.Email,
 			Role:     determineUserRole(authentikUser.User.IsSuperuser),
 			Avatar:   authentikUser.User.Avatar,
 		}

service/authentik.go

@@ -66,6 +66,8 @@ func (a *authentikService) GetSettings() (model2.AuthentikCredentialsDBModel, er
 	}
 	return m, nil
 }
+
+// TODO SHOULD BE Migrate to NEXTZENOS
 func (a *authentikService) HealthCheck(baseURL string) (string, error) {
 	// Check health/live first
 	pathLive := baseURL + "/-/health/live/"

service/model/o_authentik_credetials.go

@@ -2,7 +2,7 @@ package model
 
 import "time"
 
-// Soon to be removed
+// TODO  Refreshtoken
 type AuthentikCredentialsDBModel struct {
 	Id           int       `gorm:"column:id;primary_key" json:"id"`
 	ClientID     string    `json:"clientId"`