Add Oauth2 Authorization Code + Login Page #23
Conversation
|
draft: looking for some feedback on design; assume things are not final |
|
@KCui0327 @ambroseling @elwincheng for thoughts |
There was a problem hiding this comment.
- Where is logout functionality?
- I find it a little hard to follow the auth flow in code with no clear separation between the OAuth2 and session auth patterns mixed
- would help to make a diagram showing how the user interacts with the auth system and the control that is going on
|
|
||
| import ( | ||
| "context" | ||
| "encoding/json" |
| supervisor := NewSupervisor(redisAddr, consumerID, gpuType) | ||
| manager := manage.NewDefaultManager() | ||
| manager.SetAuthorizeCodeTokenCfg(manage.DefaultAuthorizeCodeTokenCfg) | ||
| manager.MustTokenStorage(store.NewMemoryTokenStore()) // TODO: move to redis? |
There was a problem hiding this comment.
From my understanding currently, if the API gateway crashes and restarts then users will need to get new tokens. Therefore, I would suggest moving to redis
| func (a *App) jsonResponse(w http.ResponseWriter, statusCode int, response APIResponse) { | ||
| w.Header().Set("Content-Type", "application/json") | ||
| w.WriteHeader(statusCode) | ||
| json.NewEncoder(w).Encode(response) |
There was a problem hiding this comment.
need to handle error here
|
|
||
| func (a *App) refresh(w http.ResponseWriter, r *http.Request) { | ||
| fmt.Fprintf(w, "Hello, world!\n") | ||
| // TODO: move this to a file? |
There was a problem hiding this comment.
move it to a file
| return id, nil | ||
| } | ||
|
|
||
| func (a *App) getSession(session_id string) (string, error) { |
| if strings.HasPrefix(authHeader, "Session ") { | ||
| return strings.TrimPrefix(authHeader, "Session ") | ||
| } else { | ||
| if cookie, err := r.Cookie("session"); err == nil { |
| wg sync.WaitGroup | ||
| } | ||
|
|
||
| func NewApp(redisAddr, gpuType string) *App { |
There was a problem hiding this comment.
what's the purpose of gpuType here?
| @@ -1,47 +1,87 @@ | |||
| package main | |||
|
|
|||
| import ( | |||
There was a problem hiding this comment.
let's decouple some of the logic from this file to other new or existing files
| ) | ||
|
|
||
| // creates a user session in redis | ||
| func (a *App) CreateSession(uid string) (string, error) { |
There was a problem hiding this comment.
We still need to add session expiration and proper session structure right?
2 participants
No description provided.