removed useless user fields and functions, added rolesHEADv0.19.0master

3 files changed, 25 insertions, 19 deletions

diff --git a/auth/auth.go b/auth/auth.go
index 4ac6445..0b28b57 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -1,5 +1,5 @@
 /* openbills - Server for web based Libre Billing Software
- * Copyright (C) 2023  Vidhu Kant Sharma <vidhukant@vidhukant.com>
+ * Copyright (C) 2023-2025  Vidhu Kant Sharma <vidhukant@vidhukant.com>
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -23,7 +23,8 @@ import (
 
 type AuthClaims struct {
 	jwt.RegisteredClaims
-	UserID uint `json:"userid"`
+	UserID uint     `json:"userid"`
+	Roles  []string `json:"roles"`
 }
 
 type RefreshClaims struct {
diff --git a/auth/controller.go b/auth/controller.go
index 961518a..8de7370 100644
--- a/auth/controller.go
+++ b/auth/controller.go
@@ -1,5 +1,5 @@
 /* openbills - Server for web based Libre Billing Software
- * Copyright (C) 2023  Vidhu Kant Sharma <vidhukant@vidhukant.com>
+ * Copyright (C) 2023-2025  Vidhu Kant Sharma <vidhukant@vidhukant.com>
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -39,36 +39,37 @@ func init() {
 }
 
 func handleSignUp (ctx *gin.Context) {
-	var user user.User
-	ctx.Bind(&user)
+	var u user.User
+	ctx.Bind(&u)
 
 	var err error
 
 	// hash password
 	var bytes []byte
-	bytes, err = bcrypt.GenerateFromPassword([]byte(user.Password), 14)
+	bytes, err = bcrypt.GenerateFromPassword([]byte(u.Password), 14)
 	if err != nil {
 		// TODO: handle potential errors
 		ctx.Error(err)
 		ctx.Abort()
 		return
 	}
-	user.Password = string(bytes)
+	u.Password = string(bytes)
+
+	// for now everyone's an admin
+	// TODO: fix this shit
+	u.Roles = []user.Role{
+		{0, 0, "admin"},
+	}
 
-	err = user.Create()
+	err = u.Create()
 	if err != nil {
 		ctx.Error(err)
 		ctx.Abort()
 		return
 	}
 
-	// remove password hash from response
-	user.Password = ""
-
-	ctx.JSON(http.StatusOK, gin.H{
-		"message": "success",
-		"data": user,
-	})
+	// TODO: email verification and shit before this
+	ctx.JSON(http.StatusOK, nil)
 }
 
 func handleSignIn (ctx *gin.Context) {
@@ -93,6 +94,7 @@ func handleSignIn (ctx *gin.Context) {
 				ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)),
 			},
 			u.ID,
+			user.RolesToStringList(u.Roles),
 		},
 	).SignedString(AUTH_KEY)
 	if err != nil {
@@ -125,7 +127,6 @@ func handleSignIn (ctx *gin.Context) {
 	ctx.JSON(http.StatusOK, gin.H{
 		"auth_token": authToken,
 		"refresh_token": refreshToken,
-		"message": "success",
 		"data": u,
 	})
 }
@@ -147,9 +148,10 @@ func handleRefresh (ctx *gin.Context) {
 
 	// check token version
 	var u user.User
-	err := user.GetUser(&u, claims.UserID)
+	err := user.GetUserById(&u, claims.UserID)
 	if err != nil {
 		if err == errors.ErrNotFound {
+			// user doesn't exist
 		  ctx.Error(errors.ErrUnauthorized)
 		  ctx.Abort()
 		  return
@@ -184,7 +186,8 @@ func handleRefresh (ctx *gin.Context) {
 				IssuedAt: jwt.NewNumericDate(time.Now()),
 				ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Minute * 2)),
 			},
-			claims.UserID,
+			u.ID,
+			user.RolesToStringList(u.Roles),
 		},
 	).SignedString(AUTH_KEY)
 	if err != nil {
@@ -196,6 +199,5 @@ func handleRefresh (ctx *gin.Context) {
 
 	ctx.JSON(http.StatusOK, gin.H{
 		"auth_token": authToken,
-		"message": "success",
 	})
 }
diff --git a/auth/middleware.go b/auth/middleware.go
index 9ce5e12..80e512e 100644
--- a/auth/middleware.go
+++ b/auth/middleware.go
@@ -70,6 +70,9 @@ func Authorize() gin.HandlerFunc {
 			return
 		}
 
+		ctx.Set("UserID", claims.UserID)
+		ctx.Set("Roles", claims.Roles)
+
 		ctx.Next()
 	}
 }