fix(auth): wiring Auth/Sessions, нормализация email, GetUserByID для /me, 409 на дубль, timing-guard логина
This commit is contained in:
+8
-1
@@ -5,10 +5,12 @@ import (
|
||||
"log"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/jackc/pgx/v5/pgxpool"
|
||||
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/api"
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/auth"
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/config"
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/crypto"
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/provider/registry"
|
||||
@@ -18,6 +20,10 @@ import (
|
||||
"github.com/vasyakrg/dns-autoresolver/internal/web"
|
||||
)
|
||||
|
||||
// sessionTTL is how long a login session cookie remains valid before the
|
||||
// user must re-authenticate.
|
||||
const sessionTTL = 720 * time.Hour
|
||||
|
||||
// isAPIPath reports whether path must be routed to the API router rather
|
||||
// than the SPA. "/api" (no trailing slash) counts as an API path too —
|
||||
// only strings.HasPrefix(path, "/api/") would otherwise miss it and fall
|
||||
@@ -46,12 +52,13 @@ func main() {
|
||||
log.Fatalf("cipher: %v", err)
|
||||
}
|
||||
st := store.New(pool)
|
||||
sessions := auth.NewSessions(st, sessionTTL)
|
||||
|
||||
reg := registry.New()
|
||||
reg.Register(selectel.New())
|
||||
|
||||
svc := service.New(st, st, reg, cipher)
|
||||
a := &api.API{Svc: svc, Store: st, Cipher: cipher, Reg: reg}
|
||||
a := &api.API{Svc: svc, Store: st, Cipher: cipher, Reg: reg, Auth: st, Sessions: sessions}
|
||||
apiRouter := api.NewRouter(a)
|
||||
|
||||
webHandler, err := web.Handler()
|
||||
|
||||
Reference in New Issue
Block a user