feature: Adds user deletion support.

2024-12-22 12:36:55 -05:00 · 2024-12-22 12:36:55 -05:00 · cee4e62f53
commit cee4e62f53
parent 37d0d41570
7 changed files with 169 additions and 7 deletions
--- a/backend/api/jwtcore/jwt.go
+++ b/backend/api/jwtcore/jwt.go
@ -2,11 +2,13 @@ package jwtcore

 import (
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"os"
 	"strconv"
 	"time"

+	"git.terah.dev/imterah/hermes/api/dbcore"
 	"github.com/golang-jwt/jwt/v5"
 )

@ -37,6 +39,49 @@ func Parse(tokenString string, options ...jwt.ParserOption) (*jwt.Token, error)
 	return jwt.Parse(tokenString, JWTKeyCallback, options...)
 }

+func GetUserFromJWT(token string) (*dbcore.User, error) {
+	parsedJWT, err := Parse(token)
+
+	if err != nil {
+		if errors.Is(err, jwt.ErrTokenExpired) {
+			return nil, fmt.Errorf("token is expired")
+		} else {
+			return nil, err
+		}
+	}
+
+	audience, err := parsedJWT.Claims.GetAudience()
+
+	if err != nil {
+		return nil, err
+	}
+
+	if len(audience) < 1 {
+		return nil, fmt.Errorf("audience is too small")
+	}
+
+	uid, err := strconv.Atoi(audience[0])
+
+	if err != nil {
+		return nil, err
+	}
+
+	user := &dbcore.User{}
+	userRequest := dbcore.DB.Preload("Permissions").Where("id = ?", uint(uid)).Find(&user)
+
+	if userRequest.Error != nil {
+		return user, fmt.Errorf("failed to find if user exists or not: %s", userRequest.Error)
+	}
+
+	userExists := userRequest.RowsAffected > 0
+
+	if !userExists {
+		return user, fmt.Errorf("user does not exist")
+	}
+
+	return user, nil
+}
+
 func Generate(uid uint) (string, error) {
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
 		ExpiresAt: jwt.NewNumericDate(time.Now().Add(3 * time.Minute)),