[server] Improve login response, cleanup TODOs

server/internal/api/routes/auth.go

@@ -8,6 +8,11 @@ import (
 	"github.com/shroff/phylum/server/internal/core"
 )
 
+type loginResponse struct {
+	AccessToken string       `json:"access_token"`
+	User        userResponse `json:"user"`
+}
+
 func SetupAuthRoutes(r *gin.RouterGroup, a *core.App) {
 	group := r.Group("/auth")
 	group.POST("/login", createLoginRouteHandler(a))
@@ -24,16 +29,21 @@ func createLoginRouteHandler(a *core.App) func(c *gin.Context) {
 			panic(errors.New(http.StatusBadRequest, "missing_password", ""))
 		}
 
-		if token, err := a.CreateAccessToken(c.Request.Context(), username, password); err != nil {
+		if user, err := a.VerifyUserPassword(c.Request.Context(), username, password); err != nil {
 			if errors.Is(err, core.ErrCredentialsInvalid) {
 				panic(errors.New(http.StatusUnauthorized, "credentials_invalid", ""))
 			}
 			panic(err)
 		} else {
-			c.JSON(200, gin.H{
-				"access_token": token.ID,
-				"expires":      token.Expires,
-			})
+			if token, err := a.CreateAccessToken(c.Request.Context(), user.ID()); err != nil {
+				panic(err)
+			} else {
+				c.JSON(200, loginResponse{
+					AccessToken: token,
+					User:        responseFromUser(user),
+				})
+			}
 		}
+
 	}
 }

server/internal/command/appcmd/user.go

@@ -3,7 +3,6 @@ package appcmd
 import (
 	"context"
 	"os"
-	"strings"
 	"syscall"
 
 	"github.com/google/uuid"
@@ -22,7 +21,6 @@ func setupUserCommand() *cobra.Command {
 		setupUserAddCommand(),
 		setupUserChrootCommand(),
 		setupUserListCommand(),
-		setupUserLoginCommand(),
 	}...)
 	return cmd
 }
@@ -120,29 +118,3 @@ func setupUserListCommand() *cobra.Command {
 		},
 	}
 }
-
-func setupUserLoginCommand() *cobra.Command {
-	return &cobra.Command{
-		Use:   "auth user",
-		Short: "Authenticate user",
-		Args:  cobra.ExactArgs(1),
-		Run: func(cmd *cobra.Command, args []string) {
-			username := strings.TrimSpace(args[0])
-
-			os.Stdout.WriteString("Password: ")
-			bytes, err := term.ReadPassword(syscall.Stdin)
-			os.Stdout.WriteString("\n")
-			if err != nil {
-				logrus.Fatal(err)
-			}
-			password := string(bytes)
-
-			accessToken, err := core.Default.CreateAccessToken(context.Background(), username, password)
-			if err != nil {
-				logrus.Fatal(err)
-			}
-			logrus.Info("Access Token: " + accessToken.ID)
-			logrus.Info(" Valid Until: " + accessToken.Expires.Time.String())
-		},
-	}
-}

server/internal/core/app.go

@@ -13,9 +13,7 @@ import (
 const defaultUserName = "phylum"
 
 type App struct {
-	Debug bool
-	// TODO: Fix su should have access to all files
-	// but is currently subject to permissions which are baked in to ResourceByID and ResourceByPath
+	Debug  bool
 	Rootfs FileSystem
 	db     *db.DbHandler
 	cs     storage.Storage

server/internal/core/auth.go

@@ -44,20 +44,15 @@ func (a App) VerifyUserPassword(ctx context.Context, username, password string)
 	}
 }
 
-// TODO: don't return db types
-func (a App) CreateAccessToken(ctx context.Context, username, password string) (db.AccessToken, error) {
-	if user, err := a.VerifyUserPassword(ctx, username, password); err != nil {
-		return db.AccessToken{}, err
+func (a App) CreateAccessToken(ctx context.Context, userID int32) (string, error) {
+	if token, err := a.db.InsertAccessToken(ctx, db.InsertAccessTokenParams{
+		ID:       GenerateRandomString(accessTokenLength),
+		Validity: accessTokenValiditiy,
+		UserID:   userID,
+	}); err != nil {
+		return "", err
 	} else {
-		if token, err := a.db.InsertAccessToken(ctx, db.InsertAccessTokenParams{
-			ID:       GenerateRandomString(accessTokenLength),
-			Validity: accessTokenValiditiy,
-			UserID:   user.ID(),
-		}); err != nil {
-			return db.AccessToken{}, err
-		} else {
-			return token, nil
-		}
+		return token.ID, nil
 	}
 }
 

server/internal/core/filesystem.go

@@ -28,9 +28,7 @@ type FileSystem interface {
 	UpdateName(r Resource, name string) error
 	UpdateParent(r Resource, parent uuid.UUID) error
 	UpdatePermissions(r Resource, userID int32, permission Permission) error
-	// TODO: don't return db types
 	GetPermissionsLocal(r Resource) (map[int32]Permission, error)
-	// TODO: don't return db types
 	GetPermissionsInherited(r Resource) (map[int32]Permission, error)
 }
 
@@ -94,7 +92,6 @@ func (f filesystem) ResourceByPath(path string) (Resource, error) {
 	}
 
 	res, err := f.db.ResourceByPath(f.ctx, db.ResourceByPathParams{Root: f.root.ID(), Permission: f.root.Permission(), Search: segments, UserID: f.user})
-	// TODO: Fix su should have access to all files
 	if err == pgx.ErrNoRows || res.Permission == 0 {
 		err = fs.ErrNotExist
 	}
@@ -118,7 +115,6 @@ func (f filesystem) ResourceByPath(path string) (Resource, error) {
 func (f filesystem) ResourceByID(id uuid.UUID) (Resource, error) {
 	res, err := f.db.ResourceByID(f.ctx, db.ResourceByIDParams{Root: f.root.ID(), ResourceID: id, UserID: f.user})
 	// TODO: verify found
-	// TODO: Fix su should have access to all files
 	if err == pgx.ErrNoRows || !res.Found || res.Permission == 0 {
 		err = fs.ErrNotExist
 	}