[ChaosCenter]: Implement api token CRUD logic & frontend view (#4138)

* fix: support Bearer in api-server Signed-off-by: namkyu1999 <[email protected]> * fix: chore Signed-off-by: namkyu1999 <[email protected]> * feat: implement api-token crud api Signed-off-by: namkyu1999 <[email protected]> * feat: add auth apis to swagger Signed-off-by: namkyu1999 <[email protected]> * feat: implement api-token frontend logics Signed-off-by: namkyu1999 <[email protected]> * fix: fix SettingsWrapper Signed-off-by: namkyu1999 <[email protected]> * fix: minor Signed-off-by: namkyu1999 <[email protected]> * fix: pass deepscan Signed-off-by: namkyu1999 <[email protected]> * fix: chore Signed-off-by: namkyu1999 <[email protected]> * fix: use const values Signed-off-by: namkyu1999 <[email protected]> * fix: delete validating whether the user deactivated or not in handler function Signed-off-by: namkyu1999 <[email protected]> --------- Signed-off-by: namkyu1999 <[email protected]>
litmuschaos · Sep 6, 2023 · 57748d7 · 57748d7
1 parent 0cf13c9
commit 57748d7
Show file tree

Hide file tree

Showing 40 changed files with 1,188 additions and 76 deletions.
diff --git a/chaoscenter/authentication/api/handlers/rest/misc_handlers.go b/chaoscenter/authentication/api/handlers/rest/misc_handlers.go
@@ -1,6 +1,8 @@
 package rest
 
 import (
+	"net/http"
+
 	"github.com/litmuschaos/litmus/chaoscenter/authentication/pkg/entities"
 	"github.com/litmuschaos/litmus/chaoscenter/authentication/pkg/services"
 
@@ -30,10 +32,10 @@ func Status(service services.ApplicationService) gin.HandlerFunc {
 		_, err := service.GetUsers()
 		if err != nil {
 			log.Error(err)
-			c.JSON(500, entities.APIStatus{"down"})
+			c.JSON(http.StatusInternalServerError, entities.APIStatus{Status: "down"})
 			return
 		}
-		c.JSON(200, entities.APIStatus{"up"})
+		c.JSON(http.StatusOK, entities.APIStatus{Status: "up"})
 	}
 }
 
@@ -51,7 +53,7 @@ func Readiness(service services.ApplicationService) gin.HandlerFunc {
 
 		if err != nil {
 			log.Error(err)
-			c.JSON(500, ReadinessAPIStatus{"down", "unknown"})
+			c.JSON(http.StatusInternalServerError, ReadinessAPIStatus{"down", "unknown"})
 			return
 		}
 
@@ -62,10 +64,10 @@ func Readiness(service services.ApplicationService) gin.HandlerFunc {
 
 		if err != nil {
 			log.Error(err)
-			c.JSON(500, ReadinessAPIStatus{db_flag, "down"})
+			c.JSON(http.StatusInternalServerError, ReadinessAPIStatus{db_flag, "down"})
 			return
 		}
 
-		c.JSON(200, ReadinessAPIStatus{db_flag, col_flag})
+		c.JSON(http.StatusOK, ReadinessAPIStatus{db_flag, col_flag})
 	}
 }
diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go
@@ -48,7 +48,7 @@ func GetUserWithProject(service services.ApplicationService) gin.HandlerFunc {
 
 		outputUser.Projects = projects
 
-		c.JSON(200, gin.H{"data": outputUser})
+		c.JSON(http.StatusOK, gin.H{"data": outputUser})
 	}
 }
 
@@ -73,7 +73,7 @@ func GetProject(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{"data": project})
+		c.JSON(http.StatusOK, gin.H{"data": project})
 	}
 }
 
@@ -83,7 +83,7 @@ func GetProjectsByUserID(service services.ApplicationService) gin.HandlerFunc {
 		uID := c.MustGet("uid").(string)
 		projects, err := service.GetProjectsByUserID(uID, false)
 		if projects == nil {
-			c.JSON(200, gin.H{
+			c.JSON(http.StatusOK, gin.H{
 				"message": "No projects found",
 			})
 		}
@@ -93,7 +93,7 @@ func GetProjectsByUserID(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{"data": projects})
+		c.JSON(http.StatusOK, gin.H{"data": projects})
 	}
 }
 
@@ -102,13 +102,13 @@ func GetProjectStats(service services.ApplicationService) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		role := c.MustGet("role").(string)
 		if role != string(entities.RoleAdmin) {
-			c.JSON(400, gin.H{
+			c.JSON(http.StatusBadRequest, gin.H{
 				"message": "Permission denied, user is not admin",
 			})
 		}
 		project, err := service.GetProjectStats()
 		if project == nil {
-			c.JSON(200, gin.H{
+			c.JSON(http.StatusOK, gin.H{
 				"message": "No projects found",
 			})
 		}
@@ -117,7 +117,7 @@ func GetProjectStats(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, gin.H{"data": project})
+		c.JSON(http.StatusOK, gin.H{"data": project})
 	}
 }
 
@@ -130,7 +130,7 @@ func GetActiveProjectMembers(service services.ApplicationService) gin.HandlerFun
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, gin.H{"data": members})
+		c.JSON(http.StatusOK, gin.H{"data": members})
 	}
 }
 
@@ -175,7 +175,7 @@ func ListInvitations(service services.ApplicationService) gin.HandlerFunc {
 			}
 			response = append(response, inviteRes)
 		}
-		c.JSON(200, gin.H{"data": response})
+		c.JSON(http.StatusOK, gin.H{"data": response})
 	}
 }
 
@@ -211,7 +211,7 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc {
 		}
 
 		if len(projects) > 0 {
-			c.JSON(400, gin.H{"message": "project with name:" + userRequest.ProjectName + " already exists"})
+			c.JSON(http.StatusBadRequest, gin.H{"message": "project with name:" + userRequest.ProjectName + " already exists"})
 			return
 		}
 		pID := uuid.Must(uuid.NewRandom()).String()
@@ -255,7 +255,7 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{"data": newProject.GetProjectOutput()})
+		c.JSON(http.StatusOK, gin.H{"data": newProject.GetProjectOutput()})
 
 	}
 
@@ -339,7 +339,7 @@ func SendInvitation(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{"data": entities.Member{
+		c.JSON(http.StatusOK, gin.H{"data": entities.Member{
 			UserID:     user.ID,
 			Username:   user.Username,
 			Name:       user.Name,
@@ -380,7 +380,7 @@ func AcceptInvitation(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "Successful",
 		})
 	}
@@ -415,7 +415,7 @@ func DeclineInvitation(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "Successful",
 		})
 	}
@@ -450,7 +450,7 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "Successful",
 		})
 	}
@@ -502,12 +502,12 @@ func RemoveInvitation(service services.ApplicationService) gin.HandlerFunc {
 
 		case entities.DeclinedInvitation, entities.ExitedProject:
 			{
-				c.JSON(400, gin.H{"message": "User is not a part of your project"})
+				c.JSON(http.StatusBadRequest, gin.H{"message": "User is not a part of your project"})
 				return
 			}
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "Successful",
 		})
 	}
@@ -546,7 +546,7 @@ func UpdateProjectName(service services.ApplicationService) gin.HandlerFunc {
 		}
 
 		if len(projects) > 0 {
-			c.JSON(400, gin.H{"message": "project with name: " + userRequest.ProjectName + " already exists"})
+			c.JSON(http.StatusBadRequest, gin.H{"message": "project with name: " + userRequest.ProjectName + " already exists"})
 			return
 		}
 
@@ -557,7 +557,7 @@ func UpdateProjectName(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "Successful",
 		})
 	}

diff --git a/chaoscenter/authentication/api/handlers/rest/user_handlers.go b/chaoscenter/authentication/api/handlers/rest/user_handlers.go
@@ -1,6 +1,7 @@
 package rest
 
 import (
+	"net/http"
 	"time"
 
 	"github.com/litmuschaos/litmus/chaoscenter/authentication/api/presenter"
@@ -80,7 +81,7 @@ func CreateUser(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, userResponse)
+		c.JSON(http.StatusOK, userResponse)
 	}
 }
 func UpdateUser(service services.ApplicationService) gin.HandlerFunc {
@@ -109,7 +110,7 @@ func UpdateUser(service services.ApplicationService) gin.HandlerFunc {
 		if err != nil {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 		}
-		c.JSON(200, gin.H{"message": "User details updated successfully"})
+		c.JSON(http.StatusOK, gin.H{"message": "User details updated successfully"})
 	}
 }
 
@@ -123,7 +124,7 @@ func GetUser(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrUserNotFound], presenter.CreateErrorResponse(utils.ErrUserNotFound))
 			return
 		}
-		c.JSON(200, user)
+		c.JSON(http.StatusOK, user)
 	}
 }
 
@@ -141,7 +142,7 @@ func FetchUsers(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, users)
+		c.JSON(http.StatusOK, users)
 	}
 }
 
@@ -164,7 +165,7 @@ func InviteUsers(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, gin.H{"data": users})
+		c.JSON(http.StatusOK, gin.H{"data": users})
 	}
 }
 
@@ -260,7 +261,7 @@ func LoginUser(service services.ApplicationService) gin.HandlerFunc {
 			defaultProject = newProject.ID
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"accessToken": token,
 			"projectID":   defaultProject,
 			"projectRole": entities.RoleOwner,
@@ -286,7 +287,7 @@ func LogoutUser(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "successfully logged out",
 		})
 	}
@@ -320,7 +321,7 @@ func UpdatePassword(service services.ApplicationService) gin.HandlerFunc {
 			c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidCredentials], presenter.CreateErrorResponse(utils.ErrInvalidCredentials))
 			return
 		}
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "password has been updated successfully",
 		})
 	}
@@ -370,7 +371,7 @@ func ResetPassword(service services.ApplicationService) gin.HandlerFunc {
 			c.AbortWithStatusJSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
 			return
 		}
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "password has been reset successfully",
 		})
 	}
@@ -418,8 +419,85 @@ func UpdateUserState(service services.ApplicationService) gin.HandlerFunc {
 			return
 		}
 
-		c.JSON(200, gin.H{
+		c.JSON(http.StatusOK, gin.H{
 			"message": "user's state updated successfully",
 		})
 	}
 }
+
+// CreateApiToken creates a new api token for the user
+func CreateApiToken(service services.ApplicationService) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		var apiTokenRequest entities.ApiTokenInput
+		err := c.BindJSON(&apiTokenRequest)
+		if err != nil {
+			log.Warn(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], presenter.CreateErrorResponse(utils.ErrInvalidRequest))
+			return
+		}
+
+		// Checking if user exists
+		user, err := service.GetUser(apiTokenRequest.UserID)
+		if err != nil {
+			log.Error(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrUserNotFound], presenter.CreateErrorResponse(utils.ErrUserNotFound))
+			return
+		}
+
+		if token, err := service.CreateApiToken(user, apiTokenRequest); err != nil {
+			log.Error(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
+			return
+		} else {
+			c.JSON(http.StatusOK, gin.H{
+				"accessToken": token,
+				"type":        "Bearer",
+			})
+		}
+	}
+}
+
+// GetApiTokens returns all the api tokens for the user
+func GetApiTokens(service services.ApplicationService) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		uid := c.Param("uid")
+		apiTokens, err := service.GetApiTokensByUserID(uid)
+		if err != nil {
+			log.Error(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
+			return
+		}
+		c.JSON(http.StatusOK, gin.H{
+			"apiTokens": apiTokens,
+		})
+	}
+}
+
+// DeleteApiToken deletes the api token for the user
+func DeleteApiToken(service services.ApplicationService) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		var deleteApiTokenRequest entities.DeleteApiTokenInput
+		err := c.BindJSON(&deleteApiTokenRequest)
+		if err != nil {
+			log.Warn(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], presenter.CreateErrorResponse(utils.ErrInvalidRequest))
+			return
+		}
+		token := deleteApiTokenRequest.Token
+		err = service.DeleteApiToken(token)
+		if err != nil {
+			log.Error(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
+			return
+		}
+		if err = service.RevokeToken(token); err != nil {
+			log.Error(err)
+			c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError))
+			return
+		} else {
+			c.JSON(http.StatusOK, gin.H{
+				"message": "api token deleted successfully",
+			})
+		}
+	}
+}